A Lightweight Anonymous Mobile Shopping Scheme Based on DAA for Trusted Mobile Platform

The deposit security and the purchasing anonymity are two important issues when consumers do shopping on mobile platforms. However, there is currently no solution to completely address both the issues. In this paper, we propose a lightweight anonymous mobile shopping scheme based on DAA for trusted mobile platform. By fully considering the background of mobile applications, we design the scheme according to four elliptic curve based DAA (ECC-DAA) schemes. The entities of mobile device manufacturer, mobile device, central trusted party, banks and e-commerce platform compose the system architecture and seven phases are designed accordingly. Moreover, we present the architecture of trusted mobile platform based on Trust Zone and TPM emulator, which helps achieve seven security properties including the deposit security and the purchasing anonymity. The issues about sensitive data management and credential revocation are discussed. ECC-DAA schemes including CF08, BCL08, BL10 and CPS10 and three kinds of elliptic curves including MNT, BN and super singular curve are finally compared and implemented as foundation. The simulating experiment result indicates that the proposed scheme with our trusted architecture has a good computing performance for consumers using mobile devices.