L-DAA: Lattice-Based Direct Anonymous Attestation

eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

You are looking at a specific version 20180505:161006 of this paper. See the latest version.

Paper 2018/401

L-DAA: Lattice-Based Direct Anonymous Attestation

Nada EL Kassem and Liqun Chen and Rachid El Bansarkhani and Ali El Kaafarani and Jan Camenisch and Patrick Hough

Abstract

Direct Anonymous Attestation (DAA) is an anonymous digital signature that aims to provide both signer authentication and privacy. DAA was designed for the attestation service of the Trusted Platform Module (TPM). In this application, a DAA signer role is divided into two parts: the principal signer which is a TPM, and an assistant signer which is a standard computing platform in which the TPM is embedded, called the Host. A design feature of a DAA solution is to make the TPM workload as low as possible. This paper presents a lattice-based DAA (L-DAA) scheme to meet this requirement. Security of this scheme is proved in the Universally Composable (UC) security model under the hard assumptions of the Ring Inhomogeneous Short Integer Solution (Ring-ISIS) and Ring Learning With Errors (Ring-LWE) problems. Our L-DAA scheme includes two building blocks, one is a modification of the Boyen lattice based signature scheme and another is a modification of the Baum et al. lattice based commitment scheme. These two building blocks may be of independent interest.

Metadata

Available format(s): PDF
Publication info: Preprint. MINOR revision.
Keywords: Lattice based cryptography Direct Anonymous Attestation Universally Composable security model.
Contact author(s): n elkassem @ surrey ac uk
History: 2019-01-17: last of 3 revisions; 2018-05-02: received; See all versions
Short URL: https://ia.cr/2018/401
License: CC BY