Cryptology ePrint Archive: Report 2010/454

Key Exchange with Anonymous Authentication using DAA-SIGMA Protocol

Jesse Walker and Jiangtao Li

Abstract: Anonymous digital signatures such as Direct Anonymous Attestation (DAA) and group signatures have been a fundamental building block for anonymous entity authentication. In this paper, we show how to incorporate DAA schemes into a key exchange protocol between two entities to achieve anonymous authentication and to derive a shared key between them. We propose a modification to the SIGMA key exchange protocol used in the Internet Key Exchange (IKE) standards to support anonymous authentication using DAA. Our key exchange protocol can be also extended to support group signature schemes instead of DAA. We present a secure model for key exchange with anonymous authentication derived from the Canetti-Krawczyk key-exchange security model. We prove that our DAA-SIGMA protocol is secure under our security model.

Category / Keywords: cryptographic protocols / privacy, direct anonymous attestation, anonymous authentication

Date: received 22 Aug 2010, last revised 3 Sep 2010

Contact author: jiangtao li at intel com

Available format(s): PDF | BibTeX Citation

Version: 20100903:231034 (All versions of this report)

Short URL: ia.cr/2010/454

Discussion forum: Show discussion | Start new discussion