Paper 2019/121

Anonymous Attestation for IoT

Santosh Ghosh, Andrew H. Reinders, Rafael Misoczki, and Manoj R. Sastry


Internet of Things (IoT) have seen tremendous growth and are being deployed pervasively in areas such as home, surveillance, health-care and transportation. These devices collect and process sensitive data with respect to user's privacy. Protecting the privacy of the user is an essential aspect of security, and anonymous attestation of IoT devices are critical to enable privacy-preserving mechanisms. Enhanced Privacy ID (EPID) is an industry-standard cryptographic scheme that offers anonymous attestation. It is based on group signature scheme constructed from bilinear pairings, and provides anonymity and sophisticated revocation capabilities (private-key based revocation and signature-based revocation). Despite the interesting privacy-preserving features, EPID operations are very computational and memory intensive. In this paper, we present a small footprint anonymous attestation solution based on EPID that can meet the stringent resource requirements of IoT devices. A specific modular-reduction technique targeting the EPID prime number has been developed resulting in 50% latency reduction compared to conventional reduction techniques. Furthermore, we developed a multi-exponentiation technique that significantly reduces the runtime memory requirements. Our proposed design can be implemented as SW-only, or it can utilize an integrated Elliptic Curve and Galois Field HW accelerator. The EPID SW stack has a small object code footprint of 22kB. We developed a prototype on a 32-bit microcontroller that computes EPID signature generation in 17.9s at 32MHz.

Available format(s)
Publication info
Preprint. MINOR revision.
Enhanced Privacy IDEPIDAuthenticationAttestationBilinear PairingOptimal-ate Pairing
Contact author(s)
rafael misoczki @ intel com
2019-02-13: received
Short URL
Creative Commons Attribution


      author = {Santosh Ghosh and Andrew H.  Reinders and Rafael Misoczki and Manoj R.  Sastry},
      title = {Anonymous Attestation for IoT},
      howpublished = {Cryptology ePrint Archive, Paper 2019/121},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.