An efficient anonymous remote attestation scheme for trusted computing based on improved CPK

• Published in: Electronic commerce research Vol. 19; no. 3; pp. 689 - 718
• Main Authors: Fajiang, Yu, Jing, Chen, Yang, Xiang, Jiacheng, Zhu, Yangdi, Zhao
• Format: Journal Article
• Language: English
• Published: New York Springer US 01.09.2019; Springer; Springer Nature B.V
• Subjects: Business and Management; Computer Communication Networks; Cryptography; Curves; Data encryption; Data Structures and Information Theory; e-Commerce/e-business; Feasibility; IT in Business; Operations Research/Decision Theory; Privacy; Public Key Infrastructure; Trusted third parties; Remote attestation; Trusted computing; 94A62; Combined public key cryptography (CPK); 14G50; Trusted platform module (TPM)
• ISSN: 1389-5753; 1572-9362
• DOI: 10.1007/s10660-019-09366-3

The platform remote attestation (RA) is one of the main features of trusted computing platform proposed by the trusted computing group (TCG). The privacy certificate authority (CA) solution of RA requires users to pay for multiple certificates, and the direct anonymous attestation (DAA) solution leads to inefficiency. TCG RA also suffers from limitations of platform configuration privacy. This paper proposed a RA scheme based on an improved combined public key cryptography (ICPK) (abbreviated to RA-ICPK). RA-ICPK is a certificate-less scheme without using public key infrastructure CA signature or DAA signature, which combines commitment scheme, zero-knowledge proof and ring signature (RS) to own the property of unforgeability and privacy. RA-ICPK is mainly based on elliptic curve cryptography without bilinear pair computing, and only carries out zero-knowledge proof one time. RA-ICPK need not depend on trusted third parties to check trusted platform modules identity and integrity values revocations.