## Cryptology ePrint Archive: Report 2010/008

A DAA Scheme Requiring Less TPM Resources

Liqun Chen

Abstract: Direct anonymous attestation (DAA) is a special digital signature primitive, which provides a balance between signer authentication and privacy. One of the most interesting properties that makes this primitive attractive in practice is its construction of signers. The signer role of DAA is split between two entities, a principal signer (a trusted platform module (TPM)) with limited computational capability and an assistant signer (a computer platform into which the TPM is embedded) with more computational power but less security tolerance. Our first contribution in this paper is a new DAA scheme that requires very few TPM resources. In fact the TPM has only to perform two exponentiations for the DAA Join algorithm and three exponentiations for the DAA Signing algorithm. We show that this new scheme has better performance than the existing DAA schemes and is provable secure based on the $q$-SDH problem and DDH problem under the random oracle model. Our second contribution is a modification of the DAA game-based security model to cover the property of non-frameability.

Category / Keywords: cryptographic protocols / direct anonymous attestation, trusted platform module, bilinear map