Paper 2015/654

DAA-TZ: An Efficient DAA Scheme for Mobile Devices using ARM TrustZone

Bo Yang, Kang Yang, Yu Qin, Zhenfeng Zhang, and Dengguo Feng

Abstract

Direct Anonymous Attestation (DAA) has been studied for applying to mobile devices based on ARM TrustZone. However, current solutions bring in extra performance overheads and security risks when adapting existing DAA schemes originally designed for PC platform. In this paper, we propose a complete and efficient DAA scheme (DAA-TZ) specifically designed for mobile devices using TrustZone. By considering the application scenarios, DAA-TZ extends the interactive model of original DAA and provides anonymity for a device and its user against remote service providers. The proposed scheme requires only one-time switch of TrustZone for signing phase and elaborately takes pre-computation into account. Consequently, the frequent on-line signing just needs at most three exponentiations on elliptic curve. Moreover, we present the architecture for trusted mobile devices. The issues about key derivation and sensitive data management relying on a root of trust from SRAM Physical Unclonable Function (PUF) are discussed. We implement a prototype system and execute DAA-TZ using MNT and BN curves with different security levels. The comparison result and performance evaluation indicate that our scheme meets the demanding requirement of mobile users in respects of both security and efficiency.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. TRUST 2015
Keywords
DAAPrivacyMobile DevicesARM TrustZonePUF
Contact author(s)
yangbo @ tca iscas ac cn
History
2015-07-02: received
Short URL
https://ia.cr/2015/654
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/654,
      author = {Bo Yang and Kang Yang and Yu Qin and Zhenfeng Zhang and Dengguo Feng},
      title = {DAA-TZ: An Efficient DAA Scheme for Mobile Devices using ARM TrustZone},
      howpublished = {Cryptology ePrint Archive, Paper 2015/654},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/654}},
      url = {https://eprint.iacr.org/2015/654}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.