Title :
Research and Security Analysis of Anonymous Identity Authentication in Trusted Computing
Author :
Yang, Yang ; Zhang, Huanguo ; He, Fan ; Zhang, Bo
Author_Institution :
Sch. of Comput., Wuhan Univ., Wuhan, China
fDate :
June 30 2009-July 2 2009
Abstract :
This paper introduces two anonymous identity authentication solution adopted by the Trusted Computing Group, i.e. privacy certification authority (Privacy CA) and direct anonymous attestation scheme (DAA). Both of the two solutions provide a means for remotely authenticating a trusted platform whilst preserving the userpsilas privacy. In this paper we give high level overview of DAA and focus on the analysis of security properties, such as pseudonymous authentication, random oracles and rogue tagging etc. We summarize the security and anonymity issues discovered recently and discuss a possible privacy flaw in the scheme that a colluding issuer and verifier can break anonymity to identify the real TPM. We also suggest possible way of fixing this weakness.
Keywords :
data privacy; message authentication; anonymous identity authentication; direct anonymous attestation scheme; privacy certification authority; pseudonymous authentication; security analysis; trusted computing; Authentication; Certification; Cloud computing; Computer security; Distributed computing; Grid computing; Information analysis; Information security; Privacy; Protection; Trusted computing; anonymous identity authentication; direct anonymous attestation; privacy;
Conference_Titel :
New Trends in Information and Service Science, 2009. NISS '09. International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-0-7695-3687-3
DOI :
10.1109/NISS.2009.40
