Paper 2013/667

A TPM Diffie-Hellman Oracle

Tolga Acar, Lan Nguyen, and Greg Zaverucha


This note describes a Diffie-Hellman oracle, constructed using standard Trusted Platform Module (TPM) signature APIs. The oracle allows one to compute the exponentiation of an arbitrary group element to a specified TPM-protected private key. By employing the oracle, the security provided by a group of order p is reduced by log k bits, provided k oracle queries are made and p +/- 1 is divisible by k. The security reduction follows from a straightforward application of results from Brown and Gallant (IACR ePrint 2004/306) and Cheon (Eurocrypt 2006) on the strong Diffie-Hellman problem. On a more positive note, the oracle may allow a wider range of cryptographic protocols to make use of the TPM.

Available format(s)
Publication info
Preprint. MINOR revision.
trusted platform modulestrong diffie-hellman problemcryptographic hardware
Contact author(s)
gregz @ microsoft com
2013-10-24: received
Short URL
Creative Commons Attribution


      author = {Tolga Acar and Lan Nguyen and Greg Zaverucha},
      title = {A {TPM} Diffie-Hellman Oracle},
      howpublished = {Cryptology ePrint Archive, Paper 2013/667},
      year = {2013},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.