Design and Analysis on Direct Anonymous Attestation for Security Chip

Direct Anonymous Attestation (DAA) is an anonymous protocol designed for TPM/TCM or other embedding devices. Recently, DAA schemes based on the pairing continues to advance rapidly, but it has a certain problems to put the scheme into application. This paper focuses on the practicability and feasibility for the design of the pairing DAA protocol and system. Our first contribution in this paper is presenting a pairing less DAA scheme for TCM, only 2 pairings required in the whole protocol, Furthermore no pairing computation required inside TCM. The second contribution is to design and implement a test platform prototype for analyzing and evaluating the pairing DAA scheme. We analyze the influence factors like elliptic curve selection, preprocessing and so on. The experiment results show that the trade-off between the security strength and the performance must be taken into the comprehensive consideration for pairing DAA design.