nach oben

Erschienen in:

2015 | OriginalPaper | Buchkapitel

DAA-TZ: An Efficient DAA Scheme for Mobile Devices Using ARM TrustZone

verfasst von : Bo Yang, Kang Yang, Yu Qin, Zhenfeng Zhang, Dengguo Feng

Erschienen in: Trust and Trustworthy Computing

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Direct Anonymous Attestation (DAA) has been studied for applying to mobile devices based on ARM TrustZone. However, current solutions bring in extra performance overheads and security risks when adapting existing DAA schemes originally designed for PC platform. In this paper, we propose a complete and efficient DAA scheme (DAA-TZ) specifically designed for mobile devices using TrustZone. By considering the application scenarios, DAA-TZ extends the interactive model of original DAA and provides anonymity for a device and its user against remote service providers. The proposed scheme requires only one-time switch of TrustZone for signing phase and elaborately takes pre-computation into account. Consequently, the frequent on-line signing just needs at most three exponentiations on elliptic curve. Moreover, we present the architecture for trusted mobile devices. The issues about key derivation and sensitive data management relying on a root of trust from SRAM Physical Unclonable Function (PUF) are discussed. We implement a prototype system and execute DAA-TZ using MNT and BN curves with different security levels. The comparison result and performance evaluation indicate that our scheme meets the demanding requirement of mobile users in respects of both security and efficiency.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel REWIRE – Revocation Without Resolution: A Privacy-Friendly Revocation Mechanism for Vehicular Ad-Hoc Networks

Nächstes Kapitel DAA-A: Direct Anonymous Attestation with Attributes

Utilizing PKI solution, a Certificate Authority (CA) issues a public key certificate for \(p{{k}_{\mathcal {I}}}\) to the issuer \(\mathcal {I}\).

If the public key of an existing issuer has expired, it should refresh its public key by creating a new one and obtaining the corresponding certificate.

Bernhard, D., Fuchsbauer, G., Ghadafi, E., Smart, N.P., Warinschi, B.: Anonymous attestation with user-controlled linkability. Int. J. Inf. Secur. 12(3), 219–249 (2013)CrossRef

Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM CCS, pp. 132–145. ACM (2004)

Brickell, E., Chen, L., Li, J.: A New Direct Anonymous Attestation Scheme from Bilinear Maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008) CrossRef

Brickell, E., Li, J.: A pairing-based DAA scheme further reducing TPM resources. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 181–195. Springer, Heidelberg (2010) CrossRef

Chen, L., Li, J.: Flexible and scalable digital signatures in tpm 2.0. In: Proceedings of the 20th ACM CCS, pp. 37–48. ACM (2013)

Chen, L., Page, D., Smart, N.P.: On the design and implementation of an efficient DAA scheme. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 223–237. Springer, Heidelberg (2010) CrossRef

Chen, X., Feng, D.: Direct anonymous attestation for next generation tpm. J. Comput. 3(12), 43–50 (2008)MathSciNet

Commission, F.T., et al.: Mobile privacy disclosures: Building trust through transparency. Federal Trade Commission Staff Report (2013)

Galbraith, S., Paterson, K., Smart, N.: Pairings for cryptographers. Discrete Appl. Math. 156(16), 3113–3121 (2008)MathSciNetCrossRef

10.

Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007) CrossRef

11.

Jang, J., Kong, S., Kim, M., Kim, D., Kang, B.B.: Secret: Secure channel between rich execution environment and trusted execution environment. In: NDSS 2015 (2015)

12.

Maganis, G., Shi, E., Chen, H., Song, D.: Opaak: using mobile phones to limit anonymous identities online. In: Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services, pp. 295–308. ACM (2012)

13.

Morelos-Zaragoza, R.: Encoder/decoder for binary bch codes in c (version 3.1)

14.

Oren, Y., Sadeghi, A.-R., Wachsmann, C.: On the effectiveness of the remanence decay side-channel to clone memory-based PUFs. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 107–125. Springer, Heidelberg (2013) CrossRef

15.

ARM: Trustzone. http://www.arm.com/products/processors/technologies/trustzone. Last accessed 5 May 2015

16.

GENODE: An exploration of arm trustzone technology. http://genode.org/documentation/articles/trustzone. Last accessed 1 May 2015

17.

GlobalPlatform: Tee client api specification version 1.0 (2010)

18.

Integrated Silicon Solution Inc: IS61LV6416-10TL. http://www.alldatasheet.com/datasheet-pdf/pdf/505020/ISSI/IS61LV6416-10TL.html

19.

ISO/IEC: 15946–5: 2009 information technology-security techniques: Cryptographic techniques based on elliptic curves: Part 5: Elliptic curve generation (2009)

20.

Proxama (2015). http://www.proxama.com/platform/

21.

Sansa Security: Discretix (2014). https://www.sansasecurity.com/blog/discretix-becomes-sansa-security/. Last accessed 22 June 2014

22.

Trusted Computing Group: TPM main specification version1.2, revision 116 (2011). http://www.trustedcomputinggroup.org. Last accessed 25 October 2014

23.

Trusted Computing Group: Trusted platform module library, family 2.0 (2013). http://www.trustedcomputinggroup.org. Last accessed 10 March 2015

24.

Xilinx: Zynq-7000 all programmable soc zc702 evaluation kit. http://www.xilinx.com/products/boards-and-kits/EK-Z7-ZC702-G.htm

25.

Wachsmann, C., Chen, L., Dietrich, K., Löhr, H., Sadeghi, A.-R., Winter, J.: Lightweight anonymous authentication with TLS and DAA for embedded mobile devices. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 84–98. Springer, Heidelberg (2011) CrossRef

26.

Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing embedded security on dual-virtual-cpu systems. IEEE Des. Test 24(6), 582–591 (2007)CrossRef

27.

Xi, L., Yang, K., Zhang, Z., Feng, D.: DAA-related APIs in TPM 2.0 revisited. In: Holz, T., Ioannidis, S. (eds.) Trust 2014. LNCS, vol. 8564, pp. 1–18. Springer, Heidelberg (2014)

28.

Yang, B., Feng, D., Qin, Y.: A lightweight anonymous mobile shopping scheme based on daa for trusted mobile platform. In: 2014 IEEE 13th International Conference on TrustCom, pp. 9–17. IEEE (2014)

29.

Yang, B., Yang, K., Qin, Y., Zhang, Z., Feng, D.: DAA-TZ: An effcient DAA scheme for mobile devices using ARM Trust Zone (full version) (2015) (ePrint)

30.

Zhang, Q., Zhao, S., Xi, L., Feng, W., Feng, D.: Mdaak: A flexible and efficient framework for direct anonymous attestation on mobile devices. In: Information and Communications Security. Springer (2014)

31.

Zhao, S., Zhang, Q., Hu, G., Qin, Y., Feng, D.: Providing root of trust for arm trustzone using on-chip sram. In: Proceedings of the 4th International Workshop on Trustworthy Embedded Devices, pp. 25–36. ACM (2014)

Titel: DAA-TZ: An Efficient DAA Scheme for Mobile Devices Using ARM TrustZone
verfasst von: Bo Yang
Kang Yang
Yu Qin
Zhenfeng Zhang
Dengguo Feng
Verlag: Springer International Publishing
Buch: Trust and Trustworthy Computing
Print ISBN: 978-3-319-22845-7

Electronic ISBN: 978-3-319-22846-4

Copyright-Jahr: 2015
DOI: https://doi.org/10.1007/978-3-319-22846-4_13

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner