ACM Digital Library home
ACM home
Advanced Search
10.1145/2508859.2516729acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Flexible and scalable digital signatures in TPM 2.0

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications securityNovember 2013Pages 37–48https://doi.org/10.1145/2508859.2516729
Published:04 November 2013Publication History
  • 39citation
  • 1,207
  • Downloads
Metrics
Total Citations39
Total Downloads1,207
Last 12 Months72
Last 6 weeks17

ABSTRACT

Trusted Platform Modules (TPM) are multipurpose hardware chips, which provide support for various cryptographic functions. Flexibility, scalability and high performance are critical features for a TPM. In this paper, we present the new method for implementing digital signatures that has been included in TPM version 2.0. The core part of this method is a single TPM signature primitive, which can be called by different software programmes, in order to implement signature schemes and cryptographic protocols with different security and privacy features. We prove security of the TPM signature primitive under the static Diffie-Hellman assumption and the random oracle model. We demonstrate how to call this TPM signature primitive to implement anonymous signatures (Direct Anonymous Attestation), pseudonym systems (U-Prove), and conventional signatures (the Schnorr signature). To the best of our knowledge, this is the first signature primitive implemented in a limited hardware environment capable of supporting various signature schemes without adding additional hardware complexity compared to a hardware implementation of a conventional signature scheme.

References

  1. ISO/IEC 11889:2009 Information technology "Security techniques" Trusted platform module.Google ScholarGoogle Scholar
  2. Michael Backes, Matteo Maffei, and Dominique Unruh. Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In Proceedings of IEEE Symposium on Security and Privacy, pages 202--215. IEEE Computer Society, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. D. Bernhard, G. Fuchsbauer, E. Ghadafi, N. P. Smart, and B. Warinschi. Anonymous attestation with user-controlled linkability. International Journal of Information Security, 12(3):219--249, 2013.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Stefan A. Brands. Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, August 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Ernie Brickell, Jan Camenisch, and Liqun Chen. Direct anonymous attestation. In Proceedings of the 11th ACM Conference on Computer and Communications Security, pages 132--145. ACM Press, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Ernie Brickell, Liqun Chen, and Jiangtao Li. A new direct anonymous attestation scheme from bilinear maps. In Proceedings of 1st International Conference on Trusted Computing, volume 4968 of LNCS, pages 166--178. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Ernie Brickell, Liqun Chen, and Jiangtao Li. Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. International Journal of Information Security, 8(5):315--330, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Ernie Brickell, Liqun Chen, and Jiangtao Li. A (corrected) DAA scheme using batch proof and verification. In Proceedings of 3rd International Conference on Trusted Systems, volume 7222 of LNCS, pages 304--337. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Ernie Brickell and Jiangtao Li. Enhanced Privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In Proceedings of the 6th ACM Workshop on Privacy in the Electronic Society, pages 21--30, October 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Ernie Brickell and Jiangtao Li. A pairing-based DAA scheme further reducing TPM resources. In Proceedings of 3rd International Conference on Trust and Trustworthy Computing, volume 6101 of LNCS, pages 181--195. Springer, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Jan Camenisch and Anna Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In Advances in Cryptology -- CRYPTO '04, volume 3152 of LNCS, pages 56--72. Springer, 2004.Google ScholarGoogle Scholar
  12. David Chaum and Hans Van Antwerpen. Undeniable signatures. In Advances in Cryptology -- CRYPTO '89, volume 435 of LNCS, pages 212--216. Springer, 1989. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Liqun Chen. A DAA scheme using batch proof and verification. In Proceedings of the 3rd International Conference on Trust and Trustworthy Computing, volume 6101 of LNCS, pages 166--180. Springer, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Liqun Chen, Paul Morrissey, and Nigel P. Smart. Pairings in trusted computing. In Proceedings of the 2nd International Conference on Pairing-Based Cryptography, volume 5209 of LNCS, pages 1--17. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Liqun Chen, Siaw-Lynn Ng, and Guilin Wang. Threshold anonymous announcement in VANETs. IEEE Journal on Selected Areas in Communications, Special Issue on Vehicular Communications and Networks, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Liqun Chen, Dan Page, and Nigel P. Smart. On the design and implementation of an efficient DAA scheme. In Proceedings of the 9th Smart Card Research and Advanced Application IFIP Conference. Springer, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Xiaofeng Chen and Dengguo Feng. Direct anonymous attestation for next generation TPM. Journal of Computers, 3(12):43--50, 2008.Google ScholarGoogle ScholarCross RefCross Ref
  18. Kurt Dietrich. Anonymous client authentication for transport layer security. In Communications and Multimedia Security, volume 6109 of LNCS, pages 268--280, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Taher El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. In Advances in Cryptology -- CRYPTO '84, volume 196 of LNCS, pages 10--18. Springer, 1985. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Amos Fiat and Adi Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology -- CRYPTO '86, volume 263 of LNCS, pages 186--194. Springer, 1987. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Warwick Ford and Burton S. Kaliski. Server-assisted generation of a strong secret from a password. In Proceedings of the IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 176--180, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. He Ge and Stephen R. Tate. A direct anonymous attestation scheme for embedded devices. In Proceeding of 10th International Conference on Practice and Theory in Public Key Cryptography, volume 4450 of LNCS, pages 16--30. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Adrian Leung and Chris J. Mitchell. Ninja: Non identity based, privacy preserving authentication for ubiquitous environments. In Proceedings of 9th International Conference on Ubiquitous Computing, volume 4717 of LNCS, pages 73--90. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Microsoft U-Prove Community Technology. U-Prove cryptographic specification version 1.1, 2013.http://www.microsoft.com/u-prove.Google ScholarGoogle Scholar
  25. Torben P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Advances in Cryptology -- CRYPTO '91, volume 576 of LNCS, pages 129--140. Springer, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. David Pointcheval and Jacques Stern. Security arguments for digital signatures and blind signatures. Journal of Cryptology, 13(3):361--396, 2000.Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Carsten Rudolph. Covert identity information in direct anonymous attestation (DAA). In Proceedings of the IFIP TC-11 22nd International Information Security Conference (SEC), pages 443--448. Springer, 2007.Google ScholarGoogle ScholarCross RefCross Ref
  28. Claus P. Schnorr. Efficient identification and signatures for smart cards. Journal of Cryptology, 4(3):161--174, 1991.Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Ben Smyth, Mark Ryan, and Liqun Chen. Direct anonymous attestation (DAA): Ensuring privacy with corrupt administrators. In Proceedings of 4th European Workshop on Security and Privacy in Ad-hoc and Sensor Networks, volume 4572 of LNCS, pages 218--231. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Trusted Computing Group. TCG TPM specification 1.2, 2003. http://www.trustedcomputinggroup.org.Google ScholarGoogle Scholar
  31. Trusted Computing Group. TCG TPM specification 2.0, 2013. http://www.trustedcomputinggroup.org/resources/trusted_platform_module_specifications_in_public_review.Google ScholarGoogle Scholar
  32. David Wooten. Private communications.Google ScholarGoogle Scholar

Index Terms

  1. Flexible and scalable digital signatures in TPM 2.0

      Recommendations

      • Security Arguments for Digital Signatures and Blind Signatures

        Since the appearance of public-key cryptography in the seminal Diffie--Hellman paper, many new schemes have been proposed and many have been broken. Thus, the simple fact that a cryptographic algorithm withstands cryptanalytic attacks for several years ...

        Read More
      • On the security of nominative signatures

        Nominative signatures are the dual scheme of undeniable signatures, where only the nominee can verify the nominator (signer)’s signature and if necessary, only the nominee can prove to the third party that the signature issued to him (her) is valid. The ...

        Read More
      • Transitive signatures: new schemes and proofs

        We present novel realizations of the transitive signature primitive introduced by Micali and Rivest, enlarging the set of assumptions on which this primitive can be based, and also providing performance improvements over existing schemes. More ...

        Read More

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      Get this Publication

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      View Table of Contents
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!