Cryptology ePrint Archive: Report 2019/121

Anonymous Attestation for IoT

Santosh Ghosh and Andrew H. Reinders and Rafael Misoczki and Manoj R. Sastry

Abstract: Internet of Things (IoT) have seen tremendous growth and are being deployed pervasively in areas such as home, surveillance, health-care and transportation. These devices collect and process sensitive data with respect to user's privacy. Protecting the privacy of the user is an essential aspect of security, and anonymous attestation of IoT devices are critical to enable privacy-preserving mechanisms. Enhanced Privacy ID (EPID) is an industry-standard cryptographic scheme that offers anonymous attestation. It is based on group signature scheme constructed from bilinear pairings, and provides anonymity and sophisticated revocation capabilities (private-key based revocation and signature-based revocation). Despite the interesting privacy-preserving features, EPID operations are very computational and memory intensive. In this paper, we present a small footprint anonymous attestation solution based on EPID that can meet the stringent resource requirements of IoT devices. A specific modular-reduction technique targeting the EPID prime number has been developed resulting in 50% latency reduction compared to conventional reduction techniques. Furthermore, we developed a multi-exponentiation technique that significantly reduces the runtime memory requirements. Our proposed design can be implemented as SW-only, or it can utilize an integrated Elliptic Curve and Galois Field HW accelerator. The EPID SW stack has a small object code footprint of 22kB. We developed a prototype on a 32-bit microcontroller that computes EPID signature generation in 17.9s at 32MHz.

Category / Keywords: implementation / Enhanced Privacy ID, EPID, Authentication, Attestation, Bilinear Pairing, Optimal-ate Pairing

Date: received 6 Feb 2019

Contact author: rafael misoczki at intel com

Available format(s): PDF | BibTeX Citation

Version: 20190213:033058 (All versions of this report)

Short URL: ia.cr/2019/121


[ Cryptology ePrint archive ]