Skip to main content
SpringerLink
Log in

Hash-Based Direct Anonymous Attestation

  • Conference paper
  • First Online:
Post-Quantum Cryptography (PQCrypto 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14154))

Included in the following conference series:

Abstract

Direct Anonymous Attestation (DAA) was designed for the Trusted Platform Module (TPM) and versions using RSA and elliptic curve cryptography have been included in the TPM specifications and in ISO/IEC standards. These standardised DAA schemes have their security based on the factoring or discrete logarithm problems and are therefore insecure against quantum attackers. Research into quantum-resistant DAA has resulted in several lattice-based schemes. Now in this paper, we propose the first post-quantum DAA scheme from symmetric primitives. We make use of a hash-based signature scheme, which is a slight modification of SPHINCS+, as a DAA credential. A DAA signature, proving the possession of such a credential, is a multiparty computation-based non-interactive zero-knowledge proof. The security of our scheme is proved under the Universal Composability (UC) model. While maintaining all the security properties required for a DAA scheme, we try to make the TPM’s workload as low as possible. Our DAA scheme can handle a large group size (up to \(2^{60}\) group members), which meets the requirements of rapidly developing TPM applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    It is an open problem for creating a validation check on keyRL that doesn’t take O(N) time, where N is the size of the list.

References

  1. Bansarkhani, R.E., Kaafarani, A.E.: Direct anonymous attestation from lattices. IACR Cryptology ePrint Archive 2017, 1022 (2017)

    Google Scholar 

  2. Baum, C., de Saint Guilhem, C.D., Kales, D., Orsini, E., Scholl, P., Zaverucha, G.: Banquet: short and fast signatures from AES. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12710, pp. 266–297. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75245-3_11

    Chapter  Google Scholar 

  3. Bernstein, D.J., Hülsing, A., Kölbl, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The SPHINCS\({}^{+}\) signature framework. In: ACM CCS, pp. 2129–2146 (2019)

    Google Scholar 

  4. Bhadauria, R., Fang, Z., Hazay, C., Venkitasubramaniam, M., Xie, T., Zhang, Y.: Ligero++: a new optimized sublinear IOP. In: ACM CCS, pp. 2025–2038 (2020)

    Google Scholar 

  5. Boneh, D., Eskandarian, S., Fisch, B.: Post-quantum EPID signatures from symmetric primitives. In: Matsui, M. (ed.) CT-RSA 2019. LNCS, vol. 11405, pp. 251–271. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12612-4_13

    Chapter  Google Scholar 

  6. Boyen, X.: Lattice mixing and vanishing trapdoors: a framework for fully secure short signatures and more. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 499–517. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13013-7_29

    Chapter  Google Scholar 

  7. Brickell, E.F., Camenisch, J., Chen, L.: Direct anonymous attestation. In: ACM CCS, pp. 132–145 (2004)

    Google Scholar 

  8. Brickell, E., Chen, L., Li, J.: A new direct anonymous attestation scheme from bilinear maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68979-9_13

    Chapter  Google Scholar 

  9. Brickell, E., Chen, L., Li, J.: Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. Int. J. Inf. Secur. 8, 315–300 (2009)

    Article  Google Scholar 

  10. Brickell, E., Li, J.: A pairing-based DAA scheme further reducing TPM resources. Trust 6101, 181–195 (2010)

    Google Scholar 

  11. Brickell, E., Li, J.: Enhanced privacy ID: a direct anonymous attestation scheme with enhanced revocation capabilities. IEEE Trans. Dependable Secur. Comput. 9(3), 345–360 (2012)

    Article  Google Scholar 

  12. Buser, M., Liu, J.K., Steinfeld, R., Sakzad, A., Sun, S.-F.: DGM: a dynamic and revocable group Merkle signature. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11735, pp. 194–214. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29959-0_10

    Chapter  Google Scholar 

  13. Camenisch, J., Chen, L., Drijvers, M., Lehmann, A., Novick, D., Urian, R.: One TPM to bind them all: fixing TPM 2.0 for provably secure anonymous attestation. In: IEEE S&P, pp. 901–920 (2017)

    Google Scholar 

  14. Camenisch, J., Drijvers, M., Edgington, A., Lehmann, T.A., Urian, R.: FIDO ECDAA algorithm (2018). http://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2.0-id-20180227.html

  15. Camenisch, J., Drijvers, M., Lehmann, A.: Anonymous attestation using the strong Diffie Hellman assumption revisited. In: Franz, M., Papadimitratos, P. (eds.) Trust 2016. LNCS, vol. 9824, pp. 1–20. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45572-3_1

    Chapter  Google Scholar 

  16. Camenisch, J., Drijvers, M., Lehmann, A.: Universally composable direct anonymous attestation. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9615, pp. 234–264. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49387-8_10

    Chapter  Google Scholar 

  17. Camenisch, J., Drijvers, M., Lehmann, A.: Anonymous attestation with subverted TPMs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 427–461. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63697-9_15

    Chapter  Google Scholar 

  18. Casey, M., Chen, L., Giannetsos, T., Newton, C., Sasse, R., Whitefield, J.: Direct anonymous attestation in the wild. Presentation at Real World Crypto (2019). https://rwc.iacr.org/2019/slides/DAA.pdf

  19. Chase, M., et al.: The Picnic signature scheme design document (2020). https://microsoft.github.io/Picnic/

  20. Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: ACM CCS, pp. 1825–1842 (2017)

    Google Scholar 

  21. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-46416-6_22

    Chapter  Google Scholar 

  22. Chen, L., Tu, T., Yu, K., Zhao, M., Wang, Y.: V-LDAA: a new lattice-based direct anonymous attestation scheme for VANETs system. Secur. Commun. Netw. 2021, 1–13 (2021)

    Google Scholar 

  23. Chen, L.: A DAA scheme requiring less TPM resources. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 350–365. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16342-5_26

    Chapter  Google Scholar 

  24. Chen, L., El Kassem, N., Lehmann, A., Lyubashevsky, V.: A framework for efficient lattice-based DAA. In: Proceedings of the 1st ACM Workshop on Cyber-Security Arms Race, pp. 23–34 (2019)

    Google Scholar 

  25. Chen, L., El Kassem, N., Newton, C.J.: How to bind a TPM’s attestation keys with its endorsement key. Comput. J. bxad037 (2023)

    Google Scholar 

  26. Chen, L., Li, J.: Flexible and scalable digital signatures in TPM 2.0. In: ACM CCS, pp. 37–48 (2013)

    Google Scholar 

  27. Chen, L., Morrissey, P., Smart, N.P.: On proofs of security for DAA schemes. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 156–175. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88733-1_11

    Chapter  MATH  Google Scholar 

  28. Chen, L., Page, D., Smart, N.P.: On the design and implementation of an efficient DAA scheme. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 223–237. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12510-2_16

    Chapter  Google Scholar 

  29. Chen, L., Urian, R.: DAA-A: direct anonymous attestation with attributes. In: Conti, M., Schunter, M., Askoxylakis, I. (eds.) Trust 2015. LNCS, vol. 9229, pp. 228–245. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22846-4_14

    Chapter  Google Scholar 

  30. Dai, Y., Zhang, F., Zhao, C.A.: Fast hashing to \(G_2\) in direct anonymous attestation. Cryptology ePrint Archive (2022/996)

    Google Scholar 

  31. Dobraunig, C., Kales, D., Rechberger, C., Schofnegger, M., Zaverucha, G.: Shorter signatures based on tailor-made minimalist symmetric-key crypto. In: ACM CCS, pp. 843–857 (2022)

    Google Scholar 

  32. Ducas, L., et al.: Crystals-Dilithium: a lattice-based digital signature scheme. IACR Trans. Cryptographic Hardw. Embed. Syst. 238–268 (2018)

    Google Scholar 

  33. El Bansarkhani, R., Misoczki, R.: G-Merkle: a hash-based group signature scheme from standard assumptions. In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 441–463. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-79063-3_21

    Chapter  Google Scholar 

  34. El Kassem, N.: Lattice-based direct anonymous attestation. Ph.D. thesis, University of Surrey (2020)

    Google Scholar 

  35. El Kassem, N., et al.: More efficient, provably-secure direct anonymous attestation from lattices. Futur. Gener. Comput. Syst. 99, 425–458 (2019)

    Article  Google Scholar 

  36. Fujisaki, E., Suzuki, K.: Traceable ring signature. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 181–200. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-71677-8_13

    Chapter  Google Scholar 

  37. Giacomelli, I., Madsen, J., Orlandi, C.: ZKBoo: faster zero-knowledge for Boolean circuits. In: USENIX Security, pp. 1069–1083 (2016)

    Google Scholar 

  38. Greveler, U., Justus, B., Loehr, D.: Direct anonymous attestation: enhancing cloud service user privacy. In: Meersman, R., et al. (eds.) OTM 2011. LNCS, vol. 7045, pp. 577–587. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25106-1_11

    Chapter  Google Scholar 

  39. Hicks, C., Garcia, F.D.: A vehicular DAA scheme for unlinkable ECDSA pseudonyms in V2X. In: EuroS&P, pp. 460–473 (2020)

    Google Scholar 

  40. Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: STOC, pp. 21–30 (2007)

    Google Scholar 

  41. ISO/IEC 10118-2:2010: Information technology - Security techniques - Hash-functions - Part 2: Hash-functions using an \(n\)-bit block cipher. Standard, International Organization for Standardization (2010)

    Google Scholar 

  42. ISO/IEC 20008-2: 2013: Information technology - Security techniques - Anonymous digital signatures - Part 2: Mechanisms using a group public key. Standard, International Organization for Standardization (2013)

    Google Scholar 

  43. Kales, D., Zaverucha, G.: Efficient lifting for shorter zero-knowledge proofs and post-quantum signatures. Cryptology ePrint Archive (2022/588)

    Google Scholar 

  44. Kassem, N.E., et al.: Lattice-based direct anonymous attestation (LDAA). Cryptology ePrint Archive (2018/401)

    Google Scholar 

  45. Katz, J., Kolesnikov, V., Wang, X.: Improved non-interactive zero knowledge with applications to post-quantum signatures. In: ACM CCS, pp. 525–537 (2018)

    Google Scholar 

  46. Kim, S., et al.: AIM: symmetric primitive for shorter signatures with stronger security. Cryptology ePrint Archive (2022/1387)

    Google Scholar 

  47. Lamport, L.: Constructing digital signatures from a one-way function. Technical report: SRI International Computer Science Laboratory (1979)

    Google Scholar 

  48. Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_21

    Chapter  Google Scholar 

  49. NIST: NIST announces first four quantum resistant cryptographic algorithms (2022). https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms

  50. de Saint Guilhem, C.D., De Meyer, L., Orsini, E., Smart, N.P.: BBQ: using AES in picnic signatures. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019. LNCS, vol. 11959, pp. 669–692. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38471-5_27

    Chapter  MATH  Google Scholar 

  51. de Saint Guilhem, C.D., Orsini, E., Tanguy, T.: Limbo: efficient zero-knowledge MPCitH-based arguments. In: ACM CCS, pp. 3022–3036 (2021)

    Google Scholar 

  52. Shafieinejad, M., Esfahani, N.N.: A scalable post-quantum hash-based group signature. Des. Codes Crypt. 89(5), 1061–1090 (2021). https://doi.org/10.1007/s10623-021-00857-9

    Article  MathSciNet  MATH  Google Scholar 

  53. TCG: TPM 1.2 Main Specification. Rev 116, Trusted Computing Group (2011). https://trustedcomputinggroup.org/resource/tpm-main-specification/

  54. TCG: Trusted Platform Module 2.0 Library Specification. Rev 01.59, Trusted Computing Group (2019). https://trustedcomputinggroup.org/resource/tpm-library-specification/

  55. Wang, H.Z., Huang, L.S.: An improved trusted cloud computing platform model based on DAA and privacy CA scheme. In: 2010 International Conference on Computer Application and System Modeling (ICCASM 2010), pp. 13–33 (2010)

    Google Scholar 

  56. Wesemeyer, S., Newton, C.J., Treharne, H., Chen, L., Sasse, R., Whitefield, J.: Formal analysis and implementation of a TPM 2.0-based direct anonymous attestation scheme. In: AsiaCCS, pp. 784–798 (2020)

    Google Scholar 

  57. Whitefield, J., Chen, L., Giannetsos, T., Schneider, S., Treharne, H.: Privacy-enhanced capabilities for VANETs using direct anonymous attestation. In: IEEE Vehicular Networking Conference (VNC), pp. 123–130 (2017)

    Google Scholar 

  58. Whitefield, J., Chen, L., Sasse, R., Schneider, S., Treharne, H., Wesemeyer, S.: A symbolic analysis of ECC-based direct anonymous attestation. In: EuroS &P, pp. 127–141 (2019)

    Google Scholar 

  59. Yang, K., Chen, L., Zhang, Z., Newton, C.J.P., Yang, B., Xi, L.: Direct anonymous attestation with optimal TPM signing efficiency. IEEE Trans. Inf. Forensics Secur. 16, 2260–2275 (2021). https://doi.org/10.1109/TIFS.2021.3051801

    Article  Google Scholar 

  60. Yehia, M., AlTawy, R., Gulliver, T.A.: \({GM}^{MT}\): a revocable group Merkle multi-tree signature scheme. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 136–157. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92548-2_8

    Chapter  MATH  Google Scholar 

  61. Yehia, M., AlTawy, R., Gulliver, T.A.: Security analysis of DGM and GM group signature schemes instantiated with XMSS-T. In: Yu, Yu., Yung, M. (eds.) Inscrypt 2021. LNCS, vol. 13007, pp. 61–81. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-88323-2_4

    Chapter  MATH  Google Scholar 

  62. Zaverucha, G.: The Picnic signature algorithm specification. Supporting Documentation (2020). https://github.com/Microsoft/Picnic

Download references

Acknowledgments

We thank the European Union’s Horizon research and innovation program for support under grant agreement numbers: 101069688 (CONNECT), 101070627 (REWIRE), 779391 (FutureTPM), 952697 (ASSURED), 101019645 (SECANT) and 101095634 (ENTRUST). These projects are funded by the UK government’s Horizon Europe guarantee and administered by UKRI. We also thank the National Natural Science Foundation of China for support under grant agreement numbers: 62072132 and 62261160651. We would like to thank Qingju Wang and Scott Fluhrer for helpful discussions. We also thank the anonymous reviewers from PQCrypto for their valuable comments.

Author information

Authors and Affiliations

  1. University of Surrey, Guildford, UK

    Liqun Chen, Nada El Kassem, Christopher J. P. Newton & Yalan Wang

  2. Guangzhou University, Guangzhou, China

    Changyu Dong

Authors
  1. Liqun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Changyu Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nada El Kassem
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christopher J. P. Newton
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yalan Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Liqun Chen .

Editor information

Editors and Affiliations

  1. Lund University, Lund, Sweden

    Thomas Johansson

  2. National Institute of Standards and Technology, Gaithersburg, MD, USA

    Daniel Smith-Tone

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chen, L., Dong, C., El Kassem, N., Newton, C.J.P., Wang, Y. (2023). Hash-Based Direct Anonymous Attestation. In: Johansson, T., Smith-Tone, D. (eds) Post-Quantum Cryptography. PQCrypto 2023. Lecture Notes in Computer Science, vol 14154. Springer, Cham. https://doi.org/10.1007/978-3-031-40003-2_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-40003-2_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-40002-5

  • Online ISBN: 978-3-031-40003-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation