Direct Anonymous Attestation ################################## doc ========================================================== `Direct Anonymous Attestation in the Wild `_ `Direct Anonymous Attestationbased on Elliptic Curve CryptographyA feasibility Study for RFID `_ `A Symbolic Analysis of ECC-based DirectAnonymous Attestation `_ correctness, unforgeability, unclonability, unlinkability (full anonymity), revokability, practicability mobile ========================================================== `Lightweight Anonymous Authentication with TLS and DAA for Embedded Mobile Devices `_ 通过hsm避免credential copy - issuer在工厂向mobile device的secure element(例如tpm)写入secret f,host存储secret对应的cred 校验: - verifier 发送一个挑战码N; - mobile device的host生成一个随机数t,将cred映射为cred'; 并将N, cred'等相关信息发给mobile device的secure element - mobile device的secure element基于之前存储的secret值,结合收到的信息,计算签名。 - mobile device的host将签名、cred'返回给verifier校验 底层运算细节基于pairing curve pba ========================================================== `Property-Based Attestation without a Trusted Third Party `_ 基于 ring signature,校验是否满足某一属性 tpm仅计算一个signature,host伪装构造出y1, ..., yn rats ========================================================== `Direct Anonymous Attestation for the Remote Attestation Procedures Architecture `_ DAA Issuer 为 Attester 签发 credential Attester 通过anonymous attestation,向 Verifier 提交证明 由于anonymous attestation已随机化,与credential之间无关,不论DAA Issuer/Verifier都对Attester unlinkable v2x ========================================================== `Privacy-enhanced capabilities for VANETs using direct anonymous attestation `_ `Securing V2X Communications for the Future: Can PKI Systems offer the answer? `_ fido ========================================================== `fido common specs `_