Abstract
The platform remote attestation (RA) is one of the main features of trusted computing platform proposed by the trusted computing group (TCG). The privacy certificate authority (CA) solution of RA requires users to pay for multiple certificates, and the direct anonymous attestation (DAA) solution leads to inefficiency. TCG RA also suffers from limitations of platform configuration privacy. This paper proposed a RA scheme based on an improved combined public key cryptography (ICPK) (abbreviated to RA-ICPK). RA-ICPK is a certificate-less scheme without using public key infrastructure CA signature or DAA signature, which combines commitment scheme, zero-knowledge proof and ring signature (RS) to own the property of unforgeability and privacy. RA-ICPK is mainly based on elliptic curve cryptography without bilinear pair computing, and only carries out zero-knowledge proof one time. RA-ICPK need not depend on trusted third parties to check trusted platform modules identity and integrity values revocations.
Similar content being viewed by others
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.S. (ed.) Lecture notes in computer science (LNCS). ASIACRYPT 2003, vol. 2894, pp. 452–473. Springer, Berlin (2003)
Antoniou, G., Batten, L.: E-commerce: Protecting purchaser privacy to enforce trust. Electronic Commerce Research 11(4), 421–456 (2011)
Bender, A., Katz, J., Morselli, R.: Ring signatures: Stronger definitions, and constructions without random oracles. In: Halevi, S., Rabin, T. (eds.) Lecture notes in computer science (LNCS). The third theory of cryptography conference (TCC 2006), New York, USA, vol. 3876, pp. 60–79. Springer, Berlin (2006)
Brickell, E., Camenisch, J., & Chen, L. (2004). Direct anonymous attestation. In Proceedings of the 11th ACM conference on computer and communications security (CCS ’04) (pp. 132-145). New York: ACM Press
Chen, X., & Feng, D., : Direct anonymous attestation based on bilinear maps. Journal of Software 21(8), 2070–2078 (2010)
Chen, L., Landfermann, R., & Löhr, H. (2006). A protocol for property-based attestation. In Proceedings of the 1st ACM workshop on scalable trusted computing, Nova Scotia, Canada (pp. 7-16). New York: ACM Press
Chen, L., Löhr, H., Manulis, M., et al. (2008). Property-based attestation without a trusted third party. In T. Wu, C. Lei, V. Rijmen, et al. (Eds.), Lecture notes in computer science (LNCS): Vol. 5222. The 11th international conference on information security (ISC ’08, pp. 31-46). Berlin: Springer
Chinese Bureau of Cryptography Administration: Functionality and interface specification of cryptographic support platform for trusted computing (in Chinese). (2007). Retrieved August 23, 2012, from http://www.oscca.gov.cn/UpFile/File64.PDF
Chinese Bureau of Cryptography Administration. (2010a, December). SM3 cryptographic hash algorithm (in Chinese). Retrieved October 10, 2012, from http://www.oscca.gov.cn/UpFile/20101222141857786
Chinese Bureau of Cryptography Administration. (2010b, December). State public key cryptographic algorithm SM2 based on elliptic curves (in Chinese). Retrieved August 23, 2012, from http://www.oscca.gov.cn/UpFile/2010122214822692
Chung, Y.F., Wu, Z.Y., Chen, T.S.: Ring signature scheme for ECC-based anonymous signcryption. Computer Standards and Interfaces 31, 669–674 (2009)
Feng, D., Qin, Y.: A property-based attestation protocol for TCM. SCIENCE CHINA Information Sciences 53(3), 454–464 (2010)
Isaac, J.T., Zeadally, S., Cámara, J.S.: A lightweight secure mobile Payment protocol for vehicular ad-hoc networks (VANETs). Electronic Commerce Research 12(1), 97–123 (2012)
Kambourakis, G., Gritzalts, S., Park, J.H.: Device authentication in wireless and pervasive environments. Intelligent Automation and Soft Computing 16(3), 399–418 (2010)
Koukopoulos, D.,& Styliaras, G., : Design of trustworthy smartphone-based multimedia services in cultural environments. Electronic Commerce Research 13(2), 129–150 (2013)
Liu, J., Zhao, J., Zhao, Y.: Study of remote automated anonymous attestation in trusted computing. Chinese Journal of Computers 32(7), 1304–1310 (2009)
Morid, M.A., Shajari, M.: An enhanced e-commerce trust model for community based centralized systems. Electronic Commerce Research 12(4), 409–427 (2012)
Nan, X., Chen, Z.: A profile to network security techniques. National Defense Industry Press, Beijing (2003). (in Chinese)
Pedersen, T. P. (1991). Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum (Ed.), Lecture notes in computer science (LNCS): Vol. 576. The annual international cryptology conference: Advances in cryptology (CRYPTO 1991, pp. 129-140). Berlin: Springer
Poritz, J., Schunter,M., Herreweghen, E. V., et al. (2004). Property attestation-Scalable and privacyfriendly security assessment of peer computers. IBM Research Report RZ3548 (pp. 223-238)
Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) Lecture notes in computer science (LNCS). ASIACRYPT 2001, vol. 2248, pp. 552–565. Springer, Berlin (2001)
Rong, K., Li, Y.: A optimized scheme of the CPK seed matrix. Journal of Computer Engineering and Applications 42(24), 120–121 (2006). (in Chinese)
Sadeghi, A., & Stüble, C. (2004). Property-based attestation for computing platforms: Caring about properties, not mechanisms. In Proceedings of the 2004 workshop on new security paradigms (NSPW '04), Nova Scotia, Canada (pp. 67-77). New York: ACM Press
Schmidt, A.U., Leicher, A., Brett, A., et al.: Tree-formed verification data for trusted platforms. Computers and Security 32, 19–35 (2013)
Trusted Computing Group, TCG. (2007, August). TCG specification architecture overview specification revision 1.4. Retrieved August 6, 2012, from http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D09-3519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.
Trusted Computing Group, TCG. (2010a, April). TCG mobile abstraction layer specification version 1.0 revision 2.03 Retrieved June 7, 2013, from http://www.trustedcomputinggroup.org/files/static_page_files/3D9503D5-1A4B-B294-D02404634C7AFEA0/tcg-mtm-mobile-abstraction-layer-1.0r2.03 .
Trusted Computing Group, TCG. (2010b, April). TCG mobile trusted module specification version 1.0 revision 7.02 Retrieved June 7, 2013, from http://www.trustedcomputinggroup.org/files/static_page_files/3D843B67-1A4B-B294-D0B5B407C36F4B1D/Revision_7.02-_29April2010-tcg-mobile-trusted-module-1.0.
Trusted Computing Group, TCG. (2011, March). TPM main part 1 design principles specification level 2 version 1.2, revision 116 Retrieved August 6, 2012, from http://www.trustedcomputinggroup.org/files/static_page_files/72C26AB5-1A4B-B294-D002BC0B8C062FF6/TPM%20Main-Part%201%20Design%20Principles_v1.2_rev116_01032011.
Xing H. (2009). Research and applications of the key technologies of combined public key. Master Thesis, Engineering Master Dissertation of National University of Defense Technology (in Chinese)
Yu, F., Li, T., Lin, Y., et al. (2011). Hierarchical-CPK-based trusted computing cryptography scheme. In J. M. Alcaraz Calero, L. T. Yang, F. G. Mármol, et al. (Eds.), Lecture notes in computer science (LNCS): Vol. 6906. The 8th international conference on autonomic and trusted computing (ATC 2011), Banff, Canada, (pp. 149–163). Berlin: Springer.
Zarmpou, T., Saprikis, V., Markos, A., et al.: Modeling users' acceptance of mobile services. Electronic Commerce Research 12(2), 225–248 (2012)
Acknowledgments
This work was supported by the National Natural Science Foundation of China under Grant No. 61103220. This work was partially supported by Chinese National Programs for Fundamental Research and Development (973 Program) under Grant No. 2014CB340600 and the National Natural Science Foundation of China under Grant Nos.: 61272451, 91118003, 61170022, 61202387. The authors are grateful to the anonymous referees, whose comments and suggestions helped to improve the article’s structure and contents.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Fajiang, Y., Jing, C., Yang, X. et al. An efficient anonymous remote attestation scheme for trusted computing based on improved CPK. Electron Commer Res 19, 689–718 (2019). https://doi.org/10.1007/s10660-019-09366-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10660-019-09366-3
Keywords
- Remote attestation
- Trusted computing
- Trusted platform module (TPM)
- Combined public key cryptography (CPK)