Direct anonymous attestation scheme with outsourcing capability
First Claim
Patent Images
1. A method comprising:
- generating a first portion of a signature for use in authentication by an encryption device, the encryption device requesting a host computer to generate a second portion of the signature while maintaining privacy of the first and second portion of the signature, the first portion of the signature including a private membership key; and
receiving at the encryption device the second portion of the signature from the host computer including a private membership exponent.
1 Assignment
0 Petitions
Accused Products
Abstract
A Direct Anonymous Attestation (DAA) scheme using elliptic curve cryptography (ECC) and bilinear maps. A trusted platform module (TPM) may maintain privacy of a portion of a private membership key from an issuer while joining a group. Moreover, the TPM can outsource most of the computation involved in generating a signature to a host computer.
19 Citations
23 Claims
-
1. A method comprising:
-
generating a first portion of a signature for use in authentication by an encryption device, the encryption device requesting a host computer to generate a second portion of the signature while maintaining privacy of the first and second portion of the signature, the first portion of the signature including a private membership key; and receiving at the encryption device the second portion of the signature from the host computer including a private membership exponent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
requesting, by a first computer, admission to a group from an issuer computer while maintaining privacy of a first portion of a private membership key by transmitting a commitment of the first portion to the issuer computer; receiving a second portion of the private membership key from the issuer computer; receiving a value; determining a third portion of the private membership key from the value by the first computer; and storing by the first computer the first, second, and third portions of the private membership key. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method comprising:
-
receiving a signature for authentication from a first computer at a second computer, the signature including a first portion of a private key of the first computer wherein the private key comprises (A, x, y, f) and wherein the first portion comprises the value A where A x and are values computed by an issuer computer and f is a random number from [0, p−
1] and p is a prime order of a bilinear group; andverifying the signature. - View Dependent Claims (17)
-
-
18. An article of manufacture including a machine readable medium having instructions stored thereon, which when executed cause a machine to:
-
generating a first portion of a signature for use in authentication by an encryption device, the encryption device requesting a host computer to generate a second portion of the signature while maintaining privacy of the first and second portion of the signature, the first portion of the signature including a private membership key; and receiving at the encryption device the second portion of the signature from the host computer including a private membership exponent. - View Dependent Claims (19)
-
-
20. A system comprising:
-
a prover platform coupled to network, wherein the prover platform comprises a Trusted Platform Module (TPM) and a host computer, wherein; the TPM is to generate a first portion of a signature for use in authentication by the TPM, the TPM requesting a host computer to generate a second portion of the signature while maintaining privacy of the first and second portion of the signature, the first portion of the signature including a private membership key, and the TPM to receive the second portion of the signature from the host computer including a private membership exponent. - View Dependent Claims (21, 22, 23)
-
Specification