Manu Drijvers, Joint work with Jan Camenisch, Anja Lehmann. March 9 th, 2016 Universally Composable Direct Anonymous Attestation
Trusted Platform Module (TPM) Trusted Computing Group (2004) Secure cryptoprocessor Creates, stores, uses cryptographic keys Measures host system > 500M sold 2
Direct Anonymous Attestation (DAA) TPM makes remote attestations – the computer booted the following software – the private part of this key is securely stored Unlinkable: verifier only learns that some TPM created the attestation Introduced by Brickell, Camenisch, Chen (2004) Standardized in TPM spec 1.2 (2004) and 2.0 (2014) 3
How DAA works: Join 4
How DAA works: Signing 5
Informal Security of DAA Anonymity: signatures by an honest platform without basename or different basenames are unlinkable Unforgeability: No adversary can create signatures on messages that were never signed by a TPM Non-frameability: One cannot create a signature on a message that links to an honest platform’s signature when the platform never signed this message 6
Existing Simulation-Based Models for DAA Brickell, Camenisch, Chen (2004) – Does not output any signature values – Prohibits working with signature values in practice Chen, Morrissey, Smart (2009) – Outputs signatures – Signature generation too simplistically modeled to be realizable 7
Existing Property-Based Models for DAA Brickell, Chen, Li (2009) – Unforgeability not captured: trivially forgeable scheme can be proven secure – No property for non-frameability Chen (2010) – Extends BCL’09 with non-frameability – Same flaws as BCL’09 Bernard et al. (2013) – Discusses flaws in all previous models – TPM + Host one party – Does not cover honest TPM in corrupt Host – Security Proof of “Pre-DAA” does not work for full DAA 8
Main Contribution Security model for full-DAA setting – Comprehensive security model in UC framework – Allows composition by composition theorem – Signatures modeled as concrete values that are sent as output – TPM and Host separate parties – Extensive explanation on why this definition properly captures the security requirements Scheme to realize the functionality – Provably secure instantiation – As efficient as existing DAA schemes 9
10
Do we need all these definitions? (1, 1, 1, 1) is a valid credential on any key in Chen, Page, Smart 2010 – ISO standardized! TPM2 spec contains static DH oracle – Larger groups and keys required (Xi et al., 2014) TPM2 should make zero-knowledge proof – Problem in hash computation – Proof not zero-knowledge 11
Summary DAA allows unlinkable signatures with secure devices Prior security models not sufficient Comprehensive security model in UC framework Scheme to realize the security model 12
Thanks! ia.cr/2015/1246 13
References (1/2) Bernhard, D., Fuchsbauer, G., Ghadafi, E., Smart, N., Warinschi, B.: Anonymous attestation with user-controlled linkability. International Journal of Information Security 12(3), (2013) Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. ACM CCS Brickell, E., Chen, L., Li, J.: Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. International Journal of Information Security 8(5), (2009) Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. CRYPTO Chen, L., Morrissey, P., Smart, N.: DAA: Fixing the pairing based protocols. ePrint Archive, Report 2009/
References (2/2) Chen, L.: A DAA scheme requiring less tpm resources. Information Security and Cryptology Chen, L., Morrissey, P., Smart, N.: On proofs of security for DAA schemes. Provable Security Chen, L., Page, D., Smart, N.: On the design and implementation of an efficient DAA scheme. Smart Card Research and Advanced Application Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. SAC Xi, L., Yang, K., Zhang, Z., Feng, D.: DAA-related APIs in TPM 2.0 revisited. Trust and Trustworthy Computing
(Un)linkability of Signatures 16
Universal Composability 17
Camenish-Lysyanskaya Signature (CL04) 18
Prove knowledge of CL04 signature 19 ProverVerifier
Existing Simulation-based Models for DAA Brickell, Camenisch, Chen (2004) – Interactive Sign/Verify – Limits applications of DAA 20
Existing Simulation-based Models for DAA Chen, Morrissey, Smart (2009) – Non-interactive Sign and Verify – Unrealizable 21
Signature Generation in Functionality 22