Direct anonymous attestation with efficient verifier-local revocation for subscription system

Vireshwar Kumar; Jung Min Park; He Li; Kaigui Bian; Noah Luther; Martin B.H. Weiss; Pranav Asokan; Taieb Znati

doi:10.1145/3196494.3196497

Direct anonymous attestation with efficient verifier-local revocation for subscription system

Vireshwar Kumar, Jung Min Park, He Li, Kaigui Bian, Noah Luther, Martin B.H. Weiss, Pranav Asokan, Taieb Znati

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Citations (Scopus)

Abstract

For a computing platform that is compliant with the Trusted Platform Module (TPM) standard, direct anonymous attestation (DAA) is an appropriate cryptographic protocol for realizing an anonymous subscription system. This approach takes advantage of a cryptographic key that is securely embedded in the platform's hardware, and enables privacy-preserving authentication of the platform. In all of the existing DAA schemes, the platform suffers from significant computational and communication costs that increase proportionally to the size of the revocation list. This drawback renders the existing schemes to be impractical when the size of the revocation list grows beyond a relatively modest size. In this paper, we propose a novel scheme called Lightweight Anonymous Subscription with Efficient Revocation (LASER) that addresses this very problem. In LASER, the computational and communication costs of the platform's signature are multiple orders of magnitude lower than the prior art. LASER achieves this significant performance improvement by shifting most of the computational and communication costs from the DAA's online procedure (i.e., signature generation) to its offline procedure (i.e., acquisition of keys/credentials). We have conducted a thorough analysis of LASER's performance-related features. We have implemented LASER on a laptop with an on-board TPM. To the best of our knowledge, this is the first implementation of a DAA scheme on an actual TPM cryptoprocessor that is compliant with the most recent TPM specification, viz., TPM 2.0.

Original language	English
Title of host publication	ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security
Publisher	Association for Computing Machinery, Inc
Pages	567-574
Number of pages	8
ISBN (Electronic)	9781450355766
DOIs	https://doi.org/10.1145/3196494.3196497
Publication status	Published - May 29 2018
Externally published	Yes
Event	13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018 - Incheon, Korea, Republic of Duration: Jun 4 2018 → Jun 8 2018

Publication series

Name	ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

Conference

Conference	13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018
Country/Territory	Korea, Republic of
City	Incheon
Period	6/4/18 → 6/8/18

Keywords

Direct anonymous attestation
Trusted platform module (TPM)

ASJC Scopus subject areas

Software
Computer Science Applications
Information Systems
Computer Networks and Communications

Access to Document

10.1145/3196494.3196497

Cite this

Kumar, V., Park, J. M., Li, H., Bian, K., Luther, N., Weiss, M. B. H., Asokan, P., & Znati, T. (2018). Direct anonymous attestation with efficient verifier-local revocation for subscription system. In ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security (pp. 567-574). (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security). Association for Computing Machinery, Inc. https://doi.org/10.1145/3196494.3196497

Direct anonymous attestation with efficient verifier-local revocation for subscription system. / Kumar, Vireshwar; Park, Jung Min; Li, He et al.
ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2018. p. 567-574 (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kumar, V, Park, JM, Li, H, Bian, K, Luther, N, Weiss, MBH, Asokan, P & Znati, T 2018, Direct anonymous attestation with efficient verifier-local revocation for subscription system. in ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security, Association for Computing Machinery, Inc, pp. 567-574, 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018, Incheon, Korea, Republic of, 6/4/18. https://doi.org/10.1145/3196494.3196497

Kumar V, Park JM, Li H, Bian K, Luther N, Weiss MBH et al. Direct anonymous attestation with efficient verifier-local revocation for subscription system. In ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2018. p. 567-574. (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security). doi: 10.1145/3196494.3196497

Kumar, Vireshwar ; Park, Jung Min ; Li, He et al. / Direct anonymous attestation with efficient verifier-local revocation for subscription system. ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2018. pp. 567-574 (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security).

@inproceedings{62238b2bab584fd982ee6fad254428a1,

title = "Direct anonymous attestation with efficient verifier-local revocation for subscription system",

abstract = "For a computing platform that is compliant with the Trusted Platform Module (TPM) standard, direct anonymous attestation (DAA) is an appropriate cryptographic protocol for realizing an anonymous subscription system. This approach takes advantage of a cryptographic key that is securely embedded in the platform's hardware, and enables privacy-preserving authentication of the platform. In all of the existing DAA schemes, the platform suffers from significant computational and communication costs that increase proportionally to the size of the revocation list. This drawback renders the existing schemes to be impractical when the size of the revocation list grows beyond a relatively modest size. In this paper, we propose a novel scheme called Lightweight Anonymous Subscription with Efficient Revocation (LASER) that addresses this very problem. In LASER, the computational and communication costs of the platform's signature are multiple orders of magnitude lower than the prior art. LASER achieves this significant performance improvement by shifting most of the computational and communication costs from the DAA's online procedure (i.e., signature generation) to its offline procedure (i.e., acquisition of keys/credentials). We have conducted a thorough analysis of LASER's performance-related features. We have implemented LASER on a laptop with an on-board TPM. To the best of our knowledge, this is the first implementation of a DAA scheme on an actual TPM cryptoprocessor that is compliant with the most recent TPM specification, viz., TPM 2.0.",

keywords = "Direct anonymous attestation, Trusted platform module (TPM)",

author = "Vireshwar Kumar and Park, {Jung Min} and He Li and Kaigui Bian and Noah Luther and Weiss, {Martin B.H.} and Pranav Asokan and Taieb Znati",

note = "Publisher Copyright: {\textcopyright} 2018 Association for Computing Machinery.; 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018 ; Conference date: 04-06-2018 Through 08-06-2018",

year = "2018",

month = may,

day = "29",

doi = "10.1145/3196494.3196497",

language = "English",

series = "ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery, Inc",

pages = "567--574",

booktitle = "ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security",

}

TY - GEN

T1 - Direct anonymous attestation with efficient verifier-local revocation for subscription system

AU - Kumar, Vireshwar

AU - Park, Jung Min

AU - Li, He

AU - Bian, Kaigui

AU - Luther, Noah

AU - Weiss, Martin B.H.

AU - Asokan, Pranav

AU - Znati, Taieb

PY - 2018/5/29

Y1 - 2018/5/29

N2 - For a computing platform that is compliant with the Trusted Platform Module (TPM) standard, direct anonymous attestation (DAA) is an appropriate cryptographic protocol for realizing an anonymous subscription system. This approach takes advantage of a cryptographic key that is securely embedded in the platform's hardware, and enables privacy-preserving authentication of the platform. In all of the existing DAA schemes, the platform suffers from significant computational and communication costs that increase proportionally to the size of the revocation list. This drawback renders the existing schemes to be impractical when the size of the revocation list grows beyond a relatively modest size. In this paper, we propose a novel scheme called Lightweight Anonymous Subscription with Efficient Revocation (LASER) that addresses this very problem. In LASER, the computational and communication costs of the platform's signature are multiple orders of magnitude lower than the prior art. LASER achieves this significant performance improvement by shifting most of the computational and communication costs from the DAA's online procedure (i.e., signature generation) to its offline procedure (i.e., acquisition of keys/credentials). We have conducted a thorough analysis of LASER's performance-related features. We have implemented LASER on a laptop with an on-board TPM. To the best of our knowledge, this is the first implementation of a DAA scheme on an actual TPM cryptoprocessor that is compliant with the most recent TPM specification, viz., TPM 2.0.

AB - For a computing platform that is compliant with the Trusted Platform Module (TPM) standard, direct anonymous attestation (DAA) is an appropriate cryptographic protocol for realizing an anonymous subscription system. This approach takes advantage of a cryptographic key that is securely embedded in the platform's hardware, and enables privacy-preserving authentication of the platform. In all of the existing DAA schemes, the platform suffers from significant computational and communication costs that increase proportionally to the size of the revocation list. This drawback renders the existing schemes to be impractical when the size of the revocation list grows beyond a relatively modest size. In this paper, we propose a novel scheme called Lightweight Anonymous Subscription with Efficient Revocation (LASER) that addresses this very problem. In LASER, the computational and communication costs of the platform's signature are multiple orders of magnitude lower than the prior art. LASER achieves this significant performance improvement by shifting most of the computational and communication costs from the DAA's online procedure (i.e., signature generation) to its offline procedure (i.e., acquisition of keys/credentials). We have conducted a thorough analysis of LASER's performance-related features. We have implemented LASER on a laptop with an on-board TPM. To the best of our knowledge, this is the first implementation of a DAA scheme on an actual TPM cryptoprocessor that is compliant with the most recent TPM specification, viz., TPM 2.0.

KW - Direct anonymous attestation

KW - Trusted platform module (TPM)

UR - http://www.scopus.com/inward/record.url?scp=85049182320&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85049182320&partnerID=8YFLogxK

U2 - 10.1145/3196494.3196497

DO - 10.1145/3196494.3196497

M3 - Conference contribution

AN - SCOPUS:85049182320

T3 - ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

SP - 567

EP - 574

BT - ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

T2 - 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018

Y2 - 4 June 2018 through 8 June 2018

ER -

Direct anonymous attestation with efficient verifier-local revocation for subscription system

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this