Paper 2009/095

Enhanced Privacy ID from Bilinear Pairing

Ernie Brickell and Jiangtao Li


Enhanced Privacy ID (EPID) is a cryptographic scheme that enables the remote authentication of a hardware device while preserving the privacy of the device. EPID can be seen as a direct anonymous attestation scheme with enhanced revocation capabilities. In EPID, a device can be revoked if the private key embedded in the hardware device has been extracted and published widely so that the revocation manager finds the corrupted private key. In addition, the revocation manager can revoke a device based on the signatures the device has signed, if the private key of the device is not known. In this paper, we introduce a new security notion of EPID including the formal definitions of anonymity and unforgeability with revocation. We also give a construction of an EPID scheme from bilinear pairing. Our EPID scheme is efficient and provably secure in the random oracle model under the strong Diffie-Hellman assumption and the decisional Diffie-Hellman assumption.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
AnonymityPrivacyCryptographic ProtocolsTrusted ComputingDirect Anonymous AttestationBilinear Pairing
Contact author(s)
jiangtao li @ intel com
2009-03-02: received
Short URL
Creative Commons Attribution


      author = {Ernie Brickell and Jiangtao Li},
      title = {Enhanced Privacy ID from Bilinear Pairing},
      howpublished = {Cryptology ePrint Archive, Paper 2009/095},
      year = {2009},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.