Abstract
Direct anonymous attestation (DAA) enables a platform including a trusted platform module (TPM) to produce a signature in order to remotely attest that it is in a certified state while preserving its anonymity. A main feature of DAA is that a TPM and a host together act as a signer, where the TPM is less powerful but trustworthy, whereas the host is more powerful but vulnerable to corruptions. Although DAA is standardized and widely implemented in various fields, current security notions for DAA have been defined ambiguously in terms of host corruptions. In this study, we redefine DAA security notions, including static and dynamic host corruptions, and formalize them as concrete security models in a game-based framework. Compared with the recent simulation-based security notions (without subverted TPMs) by Camenisch et al., the proposed notions cover a broader range of realistic attack scenarios for DAA and reach the expected level of security that DAA originally desires. Furthermore, we present a DAA instantiation with the security improvement by demonstrating that a variant of the LRSW–DAA by Camenisch et al. is provably secure in the new game-based security models.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
