直接匿名遠程證實協定 (Direct Anonymous Attestation) 是由Brickell等人所提出,是一項能達到匿名性並且不需要線上公正第三方協助的解決方案。 然而Brickell等人所提出的解決方案對計算能力受限的可信賴平台模組而言,其計算複雜度甚鉅。學者陳提出了輕量化可信賴平台模組的直接匿名遠程證實協定。在本論文中,我們承襲了陳的精神,持續對可信賴平台模組的計算進行簡化,最後得到一個可信賴平台模組計算複雜度需求遠低於陳的方案之新協定。 ;With rapid development of electronic service, service provider must confirm user′s computing platform whether it is trustworthy that protects digital product from being abused.
Trusted computing group makes efforts to establish a trusted computing platform through a tamper-resistant cryptographic chip, namely trusted platform module (TPM). The TPM, which is embedded on the motherboard of a host platform, measures the software and hardware configurations and stores the measurement results in internal registers. Remote attestation enables a verifier (i.e., service provider) to request a prover (i.e., user′s computing platform with TPM) which returns the measurement results used for justifying the trustworthiness. However, a classical remote attestation scheme did not considerthe user′s privacy that allows the verifier to learn information about all user′s transactions on the Internet.
Direct anonymous attestation (DAA) scheme, which was first proposed by Brickell et al., is a promising solution used to address the privacy issues without employing an on-line trusted third party (i.e., an on-line certificate authority). However,the Brickell et al. DAA scheme incurs a considerably computational overhead for a resource-constraint TPM. Chen proposed a lightweight DAA scheme requiring less TPM computation. In this thesis, we propose an improved DAA scheme based on the Chen′s DAA scheme, and our proposed DAA scheme is more efficient than the Chen′s DAA scheme in computational complexity of the TPM.
