Security of Direct Anonymous Authentication Using TPM 2.0 Signature

Direct Anonymous Attestation (DAA) is a digital signature scheme designed for anonymous authentication. A major application of DAA is privacy-preserving remote authentication of a trusted platform module (\(\mathsf{TPM}\)). The private key used by DAA is stored within the \(\mathsf{TPM}\). The resource of \(\mathsf{TPM}\) is limited, thus \(\mathsf{TPM}\) devices usually implement only necessary secret-related algorithms and only store sensitive data. Recently, in CCS 2013, Chen and Li proposed the notion of \(\mathsf{TPM}\) 2.0 signature, which implements a simple yet generic algorithm taking the private key as an input, for a wide range of higher applications such as DAA and others (e.g., Schnorr’s signature, U-Prove). However, the reuse of the same \(\mathsf{TPM}\) algorithm and private key for multiple purposes may introduce vulnerability, even within the same context of DAA. In particular, there are two situations in which the DAA scheme uses the same signature scheme and private key, namely, signing or authentication, and joining the system (for proving the knowledge of the private key to the issuer of the DAA credential). In this paper, we analyzed the current security model of DAA schemes with this in mind, identified the weakness and the corresponding implementation flaw which leads to insecurity, and suggested a fix. Our study provides more comprehensive security analysis for DAA which suggests a prudent practice of DAA implementation.