Anonymous credential systems provide privacy-preserving authentication solutions for accessing services and resources. In these systems, copying and sharing credentials can be a serious issue. As this cannot be prevented in software alone, these problems form a major obstacle for the use of fully anonymous authentication systems in practice. In this paper, we propose a solution for anonymous authentication that is based on a hardware security module to prevent sharing of credentials. Our protocols are based on the standard protocols Transport Layer Security (TLS) and Direct Anonymous Attestation (DAA). We present a detailed description and a reference implementation of our approach based on a Trusted Platform Module (TPM) as hardware security module. Moreover, we discuss drawbacks and alternatives, and provide a pure software implementation to compare with our TPM-based approach.
Anonymous authentication with TLS and DAA / Cesena E.; Loehr H.; Ramunno G.; Sadeghi A.R.; Vernizzi D.. - STAMPA. - 6101(2010), pp. 47-62. ((Intervento presentato al convegno Third International Conference, TRUST 2010 tenutosi a Berlin (Germany) nel June 21-23, 2010 [10.1007/978-3-642-13869-0_4].
Titolo: | Anonymous authentication with TLS and DAA | |
Autori: | ||
Data di pubblicazione: | 2010 | |
Rivista: | ||
Abstract: | Anonymous credential systems provide privacy-preserving authentication solutions for accessing se...rvices and resources. In these systems, copying and sharing credentials can be a serious issue. As this cannot be prevented in software alone, these problems form a major obstacle for the use of fully anonymous authentication systems in practice. In this paper, we propose a solution for anonymous authentication that is based on a hardware security module to prevent sharing of credentials. Our protocols are based on the standard protocols Transport Layer Security (TLS) and Direct Anonymous Attestation (DAA). We present a detailed description and a reference implementation of our approach based on a Trusted Platform Module (TPM) as hardware security module. Moreover, we discuss drawbacks and alternatives, and provide a pure software implementation to compare with our TPM-based approach. | |
ISBN: | 9783642138683 | |
Appare nelle tipologie: | 4.1 Contributo in Atti di convegno |
File in questo prodotto:
http://hdl.handle.net/11583/2318168