Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators

14 years 5 months ago

Download www.cs.bham.ac.uk

The Direct Anonymous Attestation (DAA) scheme provides a means for remotely authenticating a trusted platform whilst preserving the user’s privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) speciﬁcation. In this paper we show DAA places an unnecessarily large burden on the TPM host. We demonstrate how corrupt administrators can exploit this weakness to violate privacy. The paper provides a ﬁx for the vulnerability. Further privacy issues concerning linkability are identiﬁed and a framework for their resolution is developed. In addition an optimisation to reduce the number of messages exchanged is proposed.

Ben Smyth, Mark Ryan, Liqun Chen

Real-time Traffic

ESAS 2007 | Sensor Networks | Trusted Computing Group | Trusted Platform | Trusted Platform Module |

claim paper

Post Info
More Details (n/a)

Added	07 Jun 2010
Updated	07 Jun 2010
Type	Conference
Year	2007
Where	ESAS
Authors	Ben Smyth, Mark Ryan, Liqun Chen

Comments (0)

Sciweavers

Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators

ESAS 2007 | Sensor Networks | Trusted Computing Group | Trusted Platform | Trusted Platform Module |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers