The 32nd IPP Symposium

Achieving Privacy in Remote Authentication

Dr. Jan Camenisch, IBM Zurich Research Laboratory

This talk discusses the direct anonymous attestation scheme (DAA). This scheme was adopted by the Trusted Computing Group as the method for remote authentication of a hardware module, called trusted platform module (TPM), while preserving the privacy of the user of the platform that contains the module. Direct anonymous attestation can be seen as a group signature without the feature that a signature can be opened, i.e., the anonymity is not revocable. Moreover, DAA allows for pseudonyms, i.e., for each signature a user (in agreement with the recipient of the signature) can decide whether or not the signature should be linkable to another signature. DAA furthermore allows for detection of ``known'' keys: if the DAA secret keys are extracted from a TPM and published, a verifier can detect that a signature was produced using these secret keys. The scheme is provably secure in the random oracle model under the strong RSA and the decisional Diffie-Hellman assumption.

Speaker Bio:

Jan Camenisch. Diploma in Electrical Engineering Science, ETH Zurich, 1987-1993. 1993-1998 research in Prof. Ueli Maurer's cryptography group at ETH Zurich, focusing on privacy-enhancing cryptography, Ph.D. in 1998 ("Group Signatures Schemes and Payment Systems Based on the Discrete Logarithm Problem"). 1998-1999 Research Assistant Professor in Computer Science, University of Aarhus, Denmark. Since 1999 Research Staff Member at IBM Zurich and working on cryptography and network security, in particular cryptographic protocols supporting privacy and anonymity and practical secure distributed computation. For more information see http://www.zurich.ibm.com/~jca.