Direct Anonymous Attestation
doc
Direct Anonymous Attestation in the Wild
Direct Anonymous Attestationbased on Elliptic Curve CryptographyA feasibility Study for RFID
A Symbolic Analysis of ECC-based DirectAnonymous Attestation
correctness, unforgeability, unclonability, unlinkability (full anonymity), revokability, practicability
mobile
Lightweight Anonymous Authentication with TLS and DAA for Embedded Mobile Devices
通过hsm避免credential copy
- issuer在工厂向mobile device的secure element(例如tpm)写入secret f,host存储secret对应的cred
校验:
- verifier 发送一个挑战码N;
- mobile device的host生成一个随机数t,将cred映射为cred’; 并将N, cred’等相关信息发给mobile device的secure element
- mobile device的secure element基于之前存储的secret值,结合收到的信息,计算签名。
- mobile device的host将签名、cred’返回给verifier校验
底层运算细节基于pairing curve
pba
Property-Based Attestation without a Trusted Third Party
基于 ring signature,校验是否满足某一属性
tpm仅计算一个signature,host伪装构造出y1, …, yn
rats
Direct Anonymous Attestation for the Remote Attestation Procedures Architecture
DAA Issuer 为 Attester 签发 credential
Attester 通过anonymous attestation,向 Verifier 提交证明
由于anonymous attestation已随机化,与credential之间无关,不论DAA Issuer/Verifier都对Attester unlinkable
v2x
Privacy-enhanced capabilities for VANETs using direct anonymous attestation, slide
Securing V2X Communications for the Future: Can PKI Systems offer the answer?
