Comment Concerning the Role of CD47 and Signal Regulatory Protein Alpha in Regulating the Clearance of Aged Red Blood Cells

direct anonymous attestation, DAA, trusted computing, group signatures This paper describes the direct anonymous attestation scheme (DAA). This scheme was adopted by the Trusted Computing Group as the method for remote authentication of a hardware module, called trusted platform module (TPM), while preserving the privacy of the user of the platfo rm that contains the module. Direct anonymous attestation can be seen as a group signature without the feature that a signature can be opened, i.e., the anonymity is not revocable. Moreover, DAA allows for pseudonyms, i.e., for each signature a user (in agreement with the recipient of the signature) can decide whether or not the signature should be linkable to another signature. DAA furthermore allows for detection of "known" keys: if the DAA secret keys are extracted from a TPM and published, a verifier can detect that a signature was produced using these secret keys. The scheme is provably secure in the random oracle model under the strong RSA and the decisional Diffie-Hellman assumption. May 18, 2004Abstract This paper describes the direct anonymous attestation scheme (DAA). This scheme was adopted by the Trusted Computing Group as the method for remote authentication of a hardware module, called trusted platform module (TPM), while preserving the privacy of the user of the platform that contains the module. Direct anonymous attestation can be seen as a group signature without the feature that a signature can be opened, i.e., the anonymity is not revocable. Moreover, DAA allows for pseudonyms, i.e., for each signature a user (in agreement with the recipient of the signature) can decide whether or not the signature should be linkable to another signature. DAA furthermore allows for detection of "known" keys: if the DAA secret keys are extracted from a TPM and published, a verifier can detect that a signature was produced using these secret keys. The scheme is provably secure in the random oracle model under the strong RSA and the decisional Diffie-Hellman assumption.

show abstract

Some Ideal Secret Sharing Schemes

Brickell

272

324

View full text Add to dashboard Cite

In a secret sharing scheme, a dealer has a secret. The dealer gives each participant in the scheme a share of the secret. There is a set I? of subsets of the participants with the property that any subset of participants that is in I? can determine the secret.En a perfect secret sharing scheme, any subset of participants that is not in I' cannot obtain any information about the secret. We wilI say that a perfect secret sharing scheme is ideal if all of the shares are from the same domain as the secret. Shamir and 13lakley constructed ideal threshold schemes, and Benaloh has constructed other ideal secret sharing schemes. In this paper, we construct ideal secret sharing schemes for more general access structures which include the multilevel and compartmented access structures proposed by Simmons.

show abstract

On the Classification of Ideal Secret Sharing Schemes

View full text Add to dashboard Cite

In a secret sharing scheme, a dealer has a secret key. There is a tit&et P of participants and a set I' of subsets of P. A secret sharing scheme with I' as the access structure is a method which the dealer can use to distribute shares to each participant so that a subset of participants can determine the key if and only if that subset is in I'. The share of a participant is the information sent by the dealer in private to the participant. A secret sharing scheme is ideal if any subset of participants who can use their shares to determine any information about the key can in fact actually determine the key, and if the set of possible shares is the same as the set of possible keys. In this paper, we show a relationship between ideal secret sharing schemes and matroids.

show abstract

An Observation on the Security of McEliece’s Public-Key Cryptosystem

1988

View full text Add to dashboard Cite

The best known cryptanalytic attack on McEliece's public-key cryptosystem based on algebraic coding theory is to repeatedly select k bits at random from an n-bit ciphertext vector, which is corrupted by at most f errors, in hope that none of the selected k bits are in error until the cryptanalyst recovers the correct message. The method of determining whether the recovered message is the correct one has not been throughly investigated. In this paper, we suggest a systematic method of checking, and describe a generalized version of the cryptanalytic attack which reduces the work factor sigdicantly (factor of 211 for the commonly used example of n=1024 Goppa code case). Some more improvements are also given. We also note that these cryptanalytic algorithms can be viewed as generalized probabilistic decoding algorithms for any linear error correcting codes.

show abstract

Fast Exponentiation with Precomputation

et al.

View full text Add to dashboard Cite

In several crypt,ographic systems, a fixed elcment g of a group (generally z / q z) is repeatedly raised to many different powers. In this paper we present a practical method of speeding u p such systems. using precomputed values to reduce the number of multiplications needed. In practice this provides a substantial improvement over the level of performance that can be obtained using addition chains, and allows the computation of g" for n < N in O(1og Nlloglog N) group multiplications. We also show how these methods can he parallelized. t o c o m p u t e powers in O(1og log iV) group multiplications with o(1og iV/ log log .V) processors.

show abstract

Simplified security notions of direct anonymous attestation and a concrete scheme from pairings

Brickell

Chen

2009

Int. J. Inf. Secur.

107

View full text Add to dashboard Cite

Direct Anonymous Attestation (DAA) is a cryptographic mechanism that enables remote authentication of a user while preserving privacy under the user's control. The DAA scheme developed by Brickell, Camenisch, and Chen has been adopted by the Trust Computing Group for remote anonymous attestation of Trusted Platform Module, which is a small hardware device with limited storage space and communication capability. In this paper, we provide two contributions to DAA. We first introduce simplified security notions of DAA including the formal definitions of user controlled anonymity and traceability. We then propose a new DAA scheme from elliptic curve cryptography and bilinear maps. The lengths of private keys and signatures in our scheme are much shorter than the lengths in the original DAA scheme, with a similar level of security and computational complexity. Our scheme builds upon the Camenisch-Lysyanskaya signature scheme and is efficient and provably secure in the random oracle model under the LRSW (stands for Lysyanskaya, Rivest, Sahai and Wolf) assumption and the decisional Bilinear Diffie-Hellman assumption.

show abstract

Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities

Brickell

2012

IEEE Trans. Dependable and Secure Comput.

100

View full text Add to dashboard Cite

Solving Low Density Knapsacks

Brickell

1984

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ernest F. Brickell

Direct anonymous attestation

Some Ideal Secret Sharing Schemes

On the Classification of Ideal Secret Sharing Schemes

An Observation on the Security of McEliece’s Public-Key Cryptosystem

Fast Exponentiation with Precomputation

Simplified security notions of direct anonymous attestation and a concrete scheme from pairings

Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities

Solving Low Density Knapsacks

Contact Info

Product

Resources

About