Cryptology ePrint Archive: Report 2009/095

Enhanced Privacy ID from Bilinear Pairing

Ernie Brickell and Jiangtao Li

Abstract: Enhanced Privacy ID (EPID) is a cryptographic scheme that enables the remote authentication of a hardware device while preserving the privacy of the device. EPID can be seen as a direct anonymous attestation scheme with enhanced revocation capabilities. In EPID, a device can be revoked if the private key embedded in the hardware device has been extracted and published widely so that the revocation manager finds the corrupted private key. In addition, the revocation manager can revoke a device based on the signatures the device has signed, if the private key of the device is not known. In this paper, we introduce a new security notion of EPID including the formal definitions of anonymity and unforgeability with revocation. We also give a construction of an EPID scheme from bilinear pairing. Our EPID scheme is efficient and provably secure in the random oracle model under the strong Diffie-Hellman assumption and the decisional Diffie-Hellman assumption.

Category / Keywords: cryptographic protocols / Anonymity, Privacy, Cryptographic Protocols, Trusted Computing, Direct Anonymous Attestation, Bilinear Pairing

Date: received 25 Feb 2009

Contact author: jiangtao li at intel com

Available format(s): PDF | BibTeX Citation

Version: 20090302:082808 (All versions of this report)

Short URL: ia.cr/2009/095

Discussion forum: Show discussion | Start new discussion