The Direct Anonymous Attestation (DAA) scheme provides a means for remotely authenticating a trusted platform whilst preserving the user's privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification. In this paper we show DAA places an unnecessarily large burden on the TPM host. We demonstrate how corrupt administrators can exploit this weakness to violate privacy. The paper provides a fix for the vulnerability. Further privacy issues concerning linkability are identified and a framework for their resolution is developed. In addition an optimisation to reduce the number of messages exchanged is proposed.
@inproceedings{2007-attacking-anonymity-in-Direct-Anonymous-Attestation,
author = "Ben Smyth and Mark D. Ryan and Liqun Chen",
title = "{Direct Anonymous Attestation (DAA): Ensuring privacy with corrupt administrators}",
year = "2007",
booktitle = "ESAS'07: 4th European Workshop on Security and Privacy in Ad hoc and Sensor Networks",
publisher = "Springer",
series = "LNCS",
volume = "4572",
pages = "218--231",
doi = "10.1007/978-3-540-73275-4_16",
}