Paper 2010/067

A Pairing-Based DAA Scheme Further Reducing TPM Resources

Ernie Brickell and Jiangtao Li


Direct Anonymous Attestation (DAA) is an anonymous signature scheme designed for anonymous attestation of a Trusted Platform Module (TPM) while preserving the privacy of the device owner. Since TPM has limited bandwidth and computational capability, one interesting feature of DAA is to split the signer role between two entities: a TPM and a host platform where the TPM is attached. Recently, Chen proposed a new DAA scheme that is more efficient than previous DAA schemes. In this paper, we construct a new DAA scheme requiring even fewer TPM resources. Our DAA scheme is about 5 times more efficient than Chen's scheme for the TPM implementation using the Barreto-Naehrig curves. In addition, our scheme requires much smaller size of software code that needs to be implemented in the TPM. This makes our DAA scheme ideal for the TPM implementation. Our DAA scheme is efficient and provably secure in the random oracle model under the strong Diffie-Hellman assumption and the decisional Diffie-Hellman assumption.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Direct Anonymous AttestationPrivacyAnonymity
Contact author(s)
jiangtao li @ intel com
2010-02-11: received
Short URL
Creative Commons Attribution


      author = {Ernie Brickell and Jiangtao Li},
      title = {A Pairing-Based DAA Scheme Further Reducing TPM Resources},
      howpublished = {Cryptology ePrint Archive, Paper 2010/067},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.