The Cloud-Edges (CE) framework, wherein small groups of Internet of Things (IoT) devices are serviced by local edge devices, enables a more scalable solution to IoT networks. The trustworthiness of the network may be ensured with Trusted Platform Modules (TPMs). This small hardware chip is capable of measuring and reporting a representation of the state of an IoT device. When connecting to a network, the IoT platform might have its state signed by the TPM in an anonymous way to prove both its genuineness and secure state through the Direct Anonymous Attestation (DAA) protocol. Currently standardised DAA schemes have their security supported on the factoring and discrete logarithm problems. Should a quantum-computer become available in the next few decades, these schemes will be broken. There is therefore a need to start developing a post-quantum DAA protocol. This paper presents a Lattice-based DAA (LDAA) scheme to meet this requirement. The security of this scheme is proved in the Universally Composable (UC) security model under the hardness assumptions of the Ring Inhomogeneous Short Integer Solution (Ring-ISIS) and Ring Learning With Errors (Ring-LWE) problems. Compared to the only other post-quantum DAA scheme available in related art, the storage requirements of the TPM are reduced twofold and the signature sizes 5 times. Moreover, experimental results show that the signing and verification operations are accelerated 1.1 and 2.0 times, respectively.
Currently standardized Direct Anonymous Attestation (DAA) schemes have their security based on the factoring and the discrete logarithm problems, and are therefore insecure against quantum attackers. This paper presents a quantum-safe lattice-based Direct Anonymous Attestation protocol that can be suitable for inclusion in a future quantum-resistant TPM. The security of our proposed scheme is proved in the Universal Composability (UC) model under the assumed hardness of the Ring-SIS, Ring-LWE, and NTRU problems. The signature size of our proposed DAA scheme is around 2MB, which is (at least) two orders of magnitude smaller compared to existing post-quantum DAA schemes.
A trusted platform module is identified by its endorsement key, while it uses an attestation key to provide attestation services, for example, signing a set of platform configuration registers, providing a timestamp or certifying another of its keys. This paper addresses the problem of how a certificate authority binds the endorsement and attestation keys together. This is necessary for the authority to be able to reliably certify the attestation key. This key binding also enables the authority to revoke the attestation key should the endorsement key be compromised. We study all of the existing solutions and show that they either do not solve the problem or cannot be implemented with a real trusted platform module (or both). We propose a new solution which addresses this problem. We develop a security model for our solution and provide a rigorous security proof under this model. We have also implemented the solution using a real trusted platform module, and our implementation results show that this solution is feasible and efficient.
Direct Anonymous Attestation (DAA) was designed for the Trusted Platform Module (TPM) and versions using RSA and elliptic curve cryptography have been included in the TPM specifications and in ISO/IEC standards. These standardised DAA schemes have their security based on the factoring or discrete logarithm problems and are therefore insecure against quantum attackers. Research into quantumresistant DAA has resulted in several lattice-based schemes. Now in this paper, we propose the first post-quantum DAA scheme from symmetric primitives. We make use of a hash-based signature scheme, which is a slight modification of SPHINCS+, as a DAA credential. A DAA signature, proving the possession of such a credential, is a multiparty computation-based non-interactive zero-knowledge proof. The security of our scheme is proved under the Universal Composability (UC) model. While maintaining all the security properties required for a DAA scheme, we try to make the TPM's workload as low as possible. Our DAA scheme can handle a large group size (up to 2 60 group members), which meets the requirements of rapidly developing TPM applications.
The Enhanced Privacy ID (EPID) scheme is currently used for hardware enclave attestation by an increasingly large number of platforms that implement Intel Software Guard Extensions (SGX). However, the scheme currently deployed by Intel is supported on Elliptic Curve Cryptography (ECC), and will become insecure should a large quantum computer become available. As part of National Institute of Standards and Technology (NIST)'s effort for the standardisation of post-quantum cryptography, there has been a great boost in research on lattice-based cryptography. As this type of cryptography is more widely used, one expects that hardware platforms start integrating specific instructions that accelerate its execution. In this article, a new EPID scheme is proposed, supported on lattice primitives, that may benefit not only from future research developments in post-quantum cryptography, but also from instructions that may extend Intel's Instruction Set Architecture (ISA) in the future. This paper presents a new security model for EPID in the Universal Composability (UC) framework. The proposed Lattice-based EPID (LEPID) scheme is proved secure under the new model. Experimentally compared with a closely related Lattice-based Direct Anonymous Attestation (DAA) (LDAA) scheme from related art, it is shown that the private-key size is reduced 1.5 times, and that signature and verification times are sped up up to 1.4 and 1.1 times, respectively, for the considered parameters, when LEPID is compared with LDAA. Moreover, the signature size compares favourably to LDAA for small and mediumsized communities.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.