Cryptology ePrint Archive: Report 2007/194

Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities

Ernie Brickell and Jiangtao Li

Abstract: Direct Anonymous Attestation (DAA) is a scheme that enables the remote authentication of a Trusted Platform Module (TPM) while preserving the user's privacy. A TPM can prove to a remote party that it is a valid TPM without revealing its identity and without linkability. In the DAA scheme, a TPM can be revoked only if the DAA private key in the hardware has been extracted and published widely so that verifiers obtain the corrupted private key. If the unlinkability requirement is relaxed, a TPM suspected of being compromised can be revoked even if the private key is not known. However, with the full unlinkability requirement intact, if a TPM has been compromised but its private key has not been distributed to verifiers, the TPM cannot be revoked. Furthermore, a TPM cannot be revoked from the issuer, if the TPM is found to be compromised after the DAA issuing has occurred. In this paper, we present a new DAA scheme called Enhanced Privacy ID (EPID) scheme that addresses the above limitations. While still providing unlinkability, our scheme provides a method to revoke a TPM even if the TPM private key is unknown. This expanded revocation property makes the scheme useful for other applications such as for driver's license. Our EPID scheme is efficient and provably secure in the same security model as DAA, i.e. in the random oracle model under the strong RSA assumption and the decisional Diffie-Hellman assumption.

Category / Keywords: cryptographic protocols / Anonymity, Privacy, Cryptographic Protocols, Trusted Computing

Publication Info: A preliminary version of this paper will be presented at the 6th Workshop on Privacy in the Electronic Society (WPES), Alexandria, Virginia, October 2007

Date: received 23 May 2007, last revised 22 Aug 2007

Contact author: jiangtao li at intel com

Available format(s): PDF | BibTeX Citation

Note: Add a new revocation method and the corresponding security proof. Include discussions on how to use our EPID scheme with tamper resistant hardware devices.

Version: 20070822:145239 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]