Implementing Direct Anonymous Attestation on TPM 2.0

Luther, Noah Robert

19 June 2017

Numerous organizations have pressed in the past several years for improved security and privacy in online interactions. Stakeholders have encouraged the adoption of privacy-enhancing technologies, utilization of microcontrollers and hardware devices for key storage and attestation, and improvements to the methods and policies used for authentication. Cryptographers and security engineers have responded to these calls. There have been numerous papers published in the last decade on topics such as private information retrieval and anonymous authentication and the Trusted Computing Group (TCG) has released a version 2.0 standard for Trusted Platform Modules (TPM). Adoption and implementation of these techniques, however, has been lacking. Although the TPM 2.0 specification was released in 2014 there are no reference implementations of direct anonymous attestation algorithms compatible with the hardware. The purpose of this work is to implement and discuss the implementation of direct anonymous attestation on TPM 2.0 and to consider the scalability and performance of direct anonymous attestation schemes operating on real-world TPM devices. / Master of Science / Numerous organizations have pressed in the past several years for improved security and privacy in online interactions. Stakeholders have encouraged the adoption of new technologies for authentication to reduce the instances of fraud and identity theft. Researchers and engineers have developed standards and devices that aim to simultaneously improve security while maintaining user privacy. In particular, an organization called the Trusted Computing Group has released standards for a device called a Trusted Platform Module. This device is built in to many modern personal computers and is designed to allow users to authenticate without compromising their privacy. Even though the version 2.0 standard was released in 2014, however, there are no reference implementations of standardized privacy-preserving authentication algorithms compatible with the device. The purpose of this work is to implement algorithms for authentication utilizing a Trusted Platform Module and to discuss their performance in the real world.

Direct Anonymous Attestation

TPM

Trusted Computing

Privacy Preserving Authentication Schemes and Applications

Asokan, Pranav

23 June 2017

With the advent of smart devices, Internet of things and cloud computing the amount of information collected about an individual is enormous. Using this meta-data, a complete profile about a person could be created - professional information, personal information like his/her choices, preferences, likes/dislikes etc. The concept of privacy is totally lost with this gamut of technology. The ability to separate one's on-line identity from their personal identity is near impossible. The conflicting interests of the two parties - service providers' need for authentication and the users' privacy needs - is the cause for this problem. Privacy Preserving Authentication could help solve both these problems by creating valid and anonymous identities for the users. And simply by proving the authenticity and integrity of this anonymous identity (without revealing/exposing it) the users can obtain services whilst protecting their privacy. In this thesis, I review and analyze the various types of PPA schemes leading to the discussion of our new scheme 'Lightweight Anonymous Attestation with Efficient Revocation'. Finally, the scenarios where these schemes are applicable are discussed in detail. / Master of Science / With the advent of smart devices, people are almost always connected to the Internet. These smart devices and applications collect information about the user on a massive scale. When all such meta-data are put together, a complete profile of the user - professional and personal information, his/her choices, preferences, likes/dislikes etc. could be created. And all this data is stored somewhere on the Internet. The concept of privacy loses its meaning as this entity knows more about the user than they do themselves. The main reason for this is the inability to separate one’s on-line identity from their personal identity. Service providers need to authenticate the users - the process by which one entity is assured of the identity of the second entity it is interacting with - to ensure only valid members are allowed to use their service. This leads to invasion of the user’s privacy/anonymity as authentication often needs details like address, date-of-birth, credit card details etc. Privacy Preserving Authentication could help solve both these problems by creating valid but anonymous identities for the users. PPA works by issuing the users a secret credential if they can prove their identity. And simply by proving the authenticity and integrity of these secret credentials (without revealing/exposing it) the users can obtain services whilst protecting their privacy. In this thesis, I review and analyze the various types of PPA schemes leading to the discussion of our new scheme Lightweight Anonymous Attestation with Efficient Revocation. Finally, the application scenarios where these schemes are applicable are discussed in detail.

Privacy Preserving Authentication

Direct Anonymous Attestation

Trusted Platform Module

Transmitter Authentication in Dynamic Spectrum Sharing

Kumar, Vireshwar

02 February 2017

Recent advances in spectrum access technologies, such as software-defined radios, have made dynamic spectrum sharing (DSS) a viable option for addressing the spectrum shortage problem. However, these advances have also contributed to the increased possibility of "rogue" transmitter radios which may cause significant interference to other radios in DSS. One approach for countering such threats is to employ a transmitter authentication scheme at the physical (PHY) layer. In PHY-layer authentication, an authentication signal is generated by the transmitter, and embedded into the message signal. This enables a regulatory enforcement entity to extract the authentication signal from the received signal, uniquely identify a transmitter, and collect verifiable evidence of a rogue transmission that can be used later during an adjudication process. There are two primary technical challenges in devising a transmitter authentication scheme for DSS: (1) how to generate and verify the authentication signal such that the required security and privacy criteria are met; and (2) how to embed and extract the authentication signal without negatively impacting the performance of the transmitters and the receivers in DSS. With regard to dealing with the first challenge, the authentication schemes in the prior art, which provide privacy-preserving authentication, have limited practical value for use in large networks due to the high computational complexity of their revocation check procedures. In this dissertation, the novel approaches which significantly improve scalability of the transmitter authentication with respect to revocation, are proposed. With regard to dealing with the second challenge, in the existing PHY-layer authentication techniques, the authentication signal is embedded into the message signal in such a way that the authentication signal appears as noise to the message signal and vice versa. Hence, existing schemes are constrained by a fundamental tradeoff between the message signal's signal to interference and noise ratio (SINR) and the authentication signal's SINR. In this dissertation, the novel approaches which are not constrained by the aforementioned tradeoff between message and authentication signals, are proposed. / Ph. D. / Recent advances in spectrum access technologies, such as software-defined radios, have made dynamic spectrum sharing (DSS) a viable option for addressing the spectrum shortage problem. However, these advances have also contributed to the increased possibility of “rogue” transmitter radios which may cause significant interference to other radios in DSS. One approach for countering such threats is to employ a <i>transmitter authentication</i> scheme at the physical (PHY) layer. In PHY-layer authentication, an authentication signal is generated by the transmitter, and embedded into the message signal. This enables a regulatory enforcement entity to extract the authentication signal from the received signal, uniquely identify a transmitter, and collect verifiable evidence of a rogue transmission that can be used later during an adjudication process. There are two primary technical challenges in devising a transmitter authentication scheme for DSS: (1) how to generate and verify the authentication signal such that the required security and privacy criteria are met; and (2) how to embed and extract the authentication signal without negatively impacting the performance of the transmitters and the receivers in DSS. With regard to dealing with the first challenge, the authentication schemes in the prior art, which provide privacy-preserving authentication, have limited practical value for use in large networks due to the high computational complexity of their revocation check procedures. In this dissertation, the novel approaches which significantly improve scalability of the transmitter authentication with respect to revocation, are proposed. With regard to dealing with the second challenge, in the existing PHY-layer authentication techniques, the authentication signal is embedded into the message signal in such a way that the authentication signal appears as noise to the message signal and vice versa. Hence, existing schemes are constrained by a fundamental tradeoff between the message signal’s signal to interference and noise ratio (SINR) and the authentication signal’s SINR. In this dissertation, the novel approaches which are not constrained by the aforementioned tradeoff between message and authentication signals, are proposed.

Dynamic spectrum sharing

spectrum security and enforcement

privacy-preserving authentication

anonymous attestation

blind authentication.