Mdaak: A Flexible and Efficient Framework for Direct Anonymous Attestation on Mobile Devices
详细信息    查看全文
  • 关键词:Direct anonymous attestation ; Mobile devices ; ARM TrustZone ; Physical unclonable functions ; Performance evaluation
  • 刊名:Lecture Notes in Computer Science
  • 出版年:2015
  • 出版时间:2015
  • 年:2015
  • 卷:8958
  • 期:1
  • 页码:31-48
  • 全文大小:496 KB
  • 参考文献:1.IEEE P1636.3/D1: Draft standard for identity-based public-key cryptographyusing pairings (2008)
    2.ISO/IEC 11889: 2009 Information technology-Security techniques-Trusted Platform (2009)
    3.ISO/IEC 15946鈥?: 2009 Information technology-Security techniques-Cryptographic techniques based on elliptic curves-Part 5: Elliptic curve generation (2009)
    4.ISO/IEC 20008鈥?: 2013 Information technology-Security techniques-Anonymous digital signatures-Part 2: Mechanisms using a group public key (2013)
    5.Anne鈥檚 fashion shoes: ALTERA EP2C8F256 Core Board (2014)
    6.Apple: iOS Security. http://鈥媔mages.鈥媋pple.鈥媍om/鈥媔pad/鈥媌usiness/鈥媎ocs/鈥媔OS_鈥婼ecurity_鈥婩eb14.鈥媝df
    7.ARM: ARM TrustZone. http://鈥媤ww.鈥媋rm.鈥媍om/鈥媝roducts/鈥媝rocessors/鈥媡echnologies/鈥媡rustzone
    8.Balasch, J.: Smart card implementation of anonymous credentials. Master鈥檚 thesis, K.U. Leuven (2008)
    9.Bichsel, P., Camenisch, J., Gro脽, T., Shoup, V.: Anonymous credentials on a standard java card. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 600鈥?10. ACM (2009)
    10. Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56鈥?3. Springer, Heidelberg (2004) View Article
    11.Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132鈥?45. ACM (2004)
    12. Brickell, E., Chen, L., Li, J.: A new direct anonymous attestation scheme from bilinear maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166鈥?78. Springer, Heidelberg (2008) View Article
    13.Brickell, E., Li, J.: Enhanced privacy ID from bilinear pairing. IACR Cryptology ePrint Archive (2009)
    14. Brickell, E., Li, J.: A pairing-based DAA scheme further reducing TPM resources. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 181鈥?95. Springer, Heidelberg (2010) View Article
    15.Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030鈥?044 (1985)View Article
    16. Chaum, D., Evertse, J.-H.: A secure and privacy-protecting protocol for transmitting personal information between organizations. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 118鈥?67. Springer, Heidelberg (1987) View Article
    17. Chen, L.: A DAA scheme requiring less TPM resources. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 350鈥?65. Springer, Heidelberg (2010) View Article
    18.Chen, L., Li, J.: Flexible and scalable digital signatures in TPM 2.0. In: Proceedings of the 20th ACM Conference on Computer and Communications Security, pp. 37鈥?8. ACM (2013)
    19. Chen, L., Page, D., Smart, N.P.: On the design and implementation of an efficient DAA scheme. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 223鈥?37. Springer, Heidelberg (2010) View Article
    20.Chen, X., Feng, D.: Direct anonymous attestation for next generation TPM. J. Comput. 3(12), 43鈥?0 (2008)MathSciNet
    21. Dietrich, K.: Anonymous credentials for java enabled platforms: a performance evaluation. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 88鈥?03. Springer, Heidelberg (2010) View Article
    22. Dietrich, K.: Anonymous RFID authentication using trusted computing technologies. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 91鈥?02. Springer, Heidelberg (2010) View Article
    23. Dietrich, K., Winter, J., Luzhnica, G., Podesser, S.: Implementation aspects of anonymous credential systems for mobile trusted platforms. In: De Decker, B., Lapon, J., Naessens, V., Uhl, A. (eds.) CMS 2011. LNCS, vol. 7025, pp. 45鈥?8. Springer, Heidelberg (2011) View Article
    24. Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523鈥?40. Springer, Heidelberg (2004) View Article
    25.GlobalPlatform: GlobalPlatform Device Specifications. http://鈥媤ww.鈥媑lobalplatform.鈥媜rg
    26.GlobalPlatform: TEE client API specification version 1.0 (2010)
    27. Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63鈥?0. Springer, Heidelberg (2007) View Article
    28.IBM: libtpm. http://鈥媔bmswtpm.鈥媠ourceforge.鈥媙et/鈥?libtpm
    29.Integrated Silicon Solution Inc: IS61LV6416-10TL. http://鈥媤ww.鈥媋lldatasheet.鈥媍om/鈥媎atasheet-pdf/鈥媝df/鈥?05020/鈥婭SSI/鈥婭S61LV6416-10TL.鈥媓tml
    30.Lynn, B.: PBC Library - The Pairing-Based Cryptography Library. http://鈥媍rypto.鈥媠tanford.鈥媏du/鈥媝bc/鈥?/span>
    31. Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems (Extended Abstract). In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184鈥?99. Springer, Heidelberg (2000) View Article
    32.Morelos-Zaragoza, R.: Encoder/decoder for binary BCH codes in C (Version 3.1) (1994)
    33.NIST: Recommendation for Key Derivation Using Pseudorandom Functions (2009)
    34. Oren, Y., Sadeghi, A.-R., Wachsmann, C.: On the effectiveness of the remanence decay side-channel to clone memory-based PUFs. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 107鈥?25. Springer, Heidelberg (2013) View Article
    35.Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026鈥?030 (2002)View Article
    36.RSA Laboratories: RSAREF(TM): A Cryptographic Toolkit Library Reference Manual (1994)
    37.Sanders, L.: Secure Boot of Zynq-7000 All Programmable SoC (2013)
    38.Sterckx, M., Gierlichs, B., Preneel, B., Verbauwhede, I.: Efficient implementation of anonymous credentials on Java Card smart cards. In: Proceedings of the 1st IEEE International Workshop on Information Forensics and Security, pp. 106鈥?10. IEEE (2009)
    39.Strasser, M.: TPM Emulator. http://鈥媡pm-emulator.鈥媌erlios.鈥媎e/鈥?/span>
    40.TCG: TPM Main Specification Level 2 Version 1.2, Revision 116 (2011)
    41.TCG: Trusted Platform Module Library Specification Family 鈥?.0鈥?Level 00, Revision 01.07 (2013)
    42. Tuyls, P., Schrijen, G.-J., 艩kori膰, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-proof hardware from protective coatings. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 369鈥?83. Springer, Heidelberg (2006) View Article
    43. Wachsmann, C., Chen, L., Dietrich, K., L枚hr, H., Sadeghi, A.-R., Winter, J.: Lightweight anonymous authentication with TLS and DAA for embedded mobile devices. In: Burmester, M., Tsudik, G., Magliveras, S., Ili膰, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 84鈥?8. Springer, Heidelberg (2011) View Article
    44.Xilinx: Zynq-7000 All Programmable SoC ZC702 Evaluation Kit. http://鈥媤ww.鈥媥ilinx.鈥媍om/鈥媝roducts/鈥媌oards-and-kits/鈥婨K-Z7-ZC702-G.鈥媓tm
  • 作者单位:Qianying Zhang (17)
    Shijun Zhao (17)
    Li Xi (17)
    Wei Feng (17)
    Dengguo Feng (17)

    17. Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing, China
  • 丛书名:Information and Communications Security
  • ISBN:978-3-319-21966-0
  • 刊物类别:Computer Science
  • 刊物主题:Artificial Intelligence and Robotics
    Computer Communication Networks
    Software Engineering
    Data Encryption
    Database Management
    Computation by Abstract Devices
    Algorithm Analysis and Problem Complexity
  • 出版者:Springer Berlin / Heidelberg
  • ISSN:1611-3349
文摘
In this paper, we investigate how to implement Direct Anonymous Attestation (DAA) on mobile devices, whose processing and storage capabilities are limited. We propose a generic framework providing a secure and efficient DAA functionality based on ARM TrustZone. Our framework is flexible enough to support multiple DAA schemes, and is efficient by leveraging the powerful ARM processor in secure mode to perform computations originally delegated to the Trusted Platform Module (TPM). Besides, our framework uses an SRAM PUF commonly available in the On-Chip Memory (OCM) of mobile devices for secure storage of user signing keys, which achieves a low-cost design. We present a prototype system that supports four DAA schemes on real TrustZone hardware, and give evaluations on its code size and performance together with comparisons of the four schemes with different curve parameters. The evaluation results indicate that our solution is feasible, efficient, and well-suited for mobile devices.

© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号

地址:北京市海淀区学院路29号 邮编:100083

电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700