{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,28]],"date-time":"2025-08-28T12:43:57Z","timestamp":1756385037056},"reference-count":43,"publisher":"Oxford University Press (OUP)","issue":"3","license":[{"start":{"date-parts":[[2023,4,21]],"date-time":"2023-04-21T00:00:00Z","timestamp":1682035200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/academic.oup.com\/pages\/standard-publication-reuse-rights"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,4,14]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>A trusted platform module is identified by its endorsement key, while it uses an attestation key to provide attestation services, for example, signing a set of platform configuration registers, providing a timestamp or certifying another of its keys. This paper addresses the problem of how a certificate authority binds the endorsement and attestation keys together. This is necessary for the authority to be able to reliably certify the attestation key. This key binding also enables the authority to revoke the attestation key should the endorsement key be compromised. We study all of the existing solutions and show that they either do not solve the problem or cannot be implemented with a real trusted platform module (or both). We propose a new solution which addresses this problem. We develop a security model for our solution and provide a rigorous security proof under this model. We have also implemented the solution using a real trusted platform module, and our implementation results show that this solution is feasible and efficient.<\/jats:p>","DOI":"10.1093\/comjnl\/bxad037","type":"journal-article","created":{"date-parts":[[2023,4,22]],"date-time":"2023-04-22T11:18:24Z","timestamp":1682162304000},"page":"988-1004","source":"Crossref","is-referenced-by-count":4,"title":["How To Bind A TPM\u2019s Attestation Keys With Its Endorsement Key"],"prefix":"10.1093","volume":"67","author":[{"given":"Liqun","family":"Chen","sequence":"first","affiliation":[{"name":"University of Surrey"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nada","family":"El Kassem","sequence":"additional","affiliation":[{"name":"University of Surrey"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christopher J P","family":"Newton","sequence":"additional","affiliation":[{"name":"University of Surrey"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"286","published-online":{"date-parts":[[2023,4,21]]},"reference":[{"key":"2024041716562657100_ref1","volume-title":"TPM 2.0 Library Specification","author":"TCG"},{"key":"2024041716562657100_ref2","volume-title":"TPM 1.2 Specification","author":"TCG"},{"key":"2024041716562657100_ref3","volume-title":"About TCG","author":"TCG"},{"key":"2024041716562657100_ref4","volume-title":"How Windows 10 uses the Trusted Platform Module","author":"Microsoft"},{"key":"2024041716562657100_ref5","volume-title":"Minimum hardware requirements","author":"Microsoft"},{"key":"2024041716562657100_ref6","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4302-6584-9","volume-title":"A practical guide to TPM 2.0: Using the new trusted platform module in the new age of security","author":"Arthur","year":"2015"},{"key":"2024041716562657100_ref7","volume-title":"Simpler, Stronger Authentication","author":"FIDO"},{"key":"2024041716562657100_ref8","first-page":"577","article-title":"Direct anonymous attestation: enhancing cloud service user privacy","volume-title":"OTM Confederated International Conferences\u2019 On the Move to Meaningful Internet Systems\u2019","author":"Greveler","year":"2011"},{"key":"2024041716562657100_ref9","volume-title":"Trusted network communications","author":"Lorenzin"},{"key":"2024041716562657100_ref10","volume-title":"TPM from PCS to the IoT","author":"TCG"},{"key":"2024041716562657100_ref11","volume-title":"Trusted network connect (TNC) howto","author":"TCG","year":"2018"},{"key":"2024041716562657100_ref12","doi-asserted-by":"crossref","first-page":"123","DOI":"10.1109\/VNC.2017.8275615","article-title":"Privacy-enhanced capabilities for vanets using direct anonymous attestation","volume-title":"In 2017 IEEE Vehicular Networking Conference (VNC)","author":"Whitefield","year":"2017"},{"key":"2024041716562657100_ref13","doi-asserted-by":"crossref","first-page":"132","DOI":"10.1145\/1030083.1030103","article-title":"Direct anonymous attestation","volume-title":"Proceedings of the 11th ACM conference on Computer and communications security","author":"Brickell","year":"2004"},{"key":"2024041716562657100_ref14","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-319-08744-3","volume-title":"Trusted Computing Platforms","author":"Proudler","year":"2014"},{"key":"2024041716562657100_ref15","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1145\/1314333.1314337","article-title":"Enhanced privacy id: A direct anonymous attestation scheme with enhanced revocation capabilities","volume-title":"Proceedings of the 2007 ACM workshop on Privacy in electronic society","author":"Brickell","year":"2007"},{"key":"2024041716562657100_ref16","article-title":"Enhanced privacy id from bilinear pairing","author":"Brickell","year":"2009","journal-title":"Cryptology ePrint Archive"},{"key":"2024041716562657100_ref17","first-page":"147","article-title":"Breaking and fixing the Needham-Schroeder public-key protocol using FDR","volume-title":"International Workshop on Tools and Algorithms for the Construction and Analysis of Systems, LNCS 1055","author":"Lowe","year":"1996"},{"key":"2024041716562657100_ref18","doi-asserted-by":"crossref","first-page":"993","DOI":"10.1145\/359657.359659","article-title":"Using encryption for authentication in large networks of computers","volume":"21","author":"Needham","year":"1978","journal-title":"Commun. ACM"},{"key":"2024041716562657100_ref19","volume-title":"Information technology \u2013 Security techniques \u2013 Anonymous digital signatures \u2013 Part 2: Mechanisms using a group public key","author":"ISO\/IEC 20008-2:2013"},{"key":"2024041716562657100_ref20","first-page":"121","article-title":"Security of the enhanced tcg privacy-ca solution","volume-title":"International Symposium on Trustworthy Global Computing","author":"Chen","year":"2011"},{"key":"2024041716562657100_ref21","first-page":"609","article-title":"Security of the tcg privacy-ca solution","volume-title":"IEEE\/IFIP International Conference on Embedded and Ubiquitous Computing","author":"Chen","year":"2010"},{"key":"2024041716562657100_ref22","article-title":"Fast hashing to $g_2$ in direct anonymous attestation","author":"Dai","year":"2022","journal-title":"Cryptology ePrint Archive"},{"key":"2024041716562657100_ref23","first-page":"166","article-title":"A new direct anonymous attestation scheme from bilinear maps","volume-title":"International Conference on Trusted Computing","author":"Brickell","year":"2008"},{"key":"2024041716562657100_ref24","doi-asserted-by":"crossref","first-page":"315","DOI":"10.1007\/s10207-009-0076-3","article-title":"Simplified security notions of direct anonymous attestation and a concrete scheme from pairings","volume":"8","author":"Brickell","year":"2009","journal-title":"Int J. Inf. Secur."},{"key":"2024041716562657100_ref25","doi-asserted-by":"crossref","first-page":"181","DOI":"10.1007\/978-3-642-13869-0_12","article-title":"A pairing-based daa scheme further reducing tpm resources","volume-title":"International Conference on Trust and Trustworthy Computing","author":"Brickell","year":"2010"},{"key":"2024041716562657100_ref26","doi-asserted-by":"crossref","first-page":"350","DOI":"10.1007\/978-3-642-16342-5_26","article-title":"A daa scheme requiring less tpm resources","volume-title":"International Conference on Information Security and Cryptology","author":"Chen","year":"2010"},{"key":"2024041716562657100_ref27","article-title":"Daa: fixing the pairing based protocols","author":"Chen","year":"2009","journal-title":"Cryptology ePrint Archive"},{"key":"2024041716562657100_ref28","first-page":"223","article-title":"On the design and implementation of an efficient daa scheme","volume-title":"International Conference on Smart Card Research and Advanced Applications","author":"Chen","year":"2010"},{"key":"2024041716562657100_ref29","doi-asserted-by":"crossref","first-page":"784","DOI":"10.1145\/3320269.3372197","article-title":"Formal analysis and implementation of a tpm 2.0-based direct anonymous attestation scheme","volume-title":"Proceedings of the 15th ACM Asia Conference on Computer and Communications Security","author":"Wesemeyer","year":"2020"},{"key":"2024041716562657100_ref30","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1145\/3448300.3467832","article-title":"Direct anonymous attestation on the road: Efficient and privacy-preserving revocation in c-its","volume-title":"Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks","author":"Larsen","year":"2021"},{"key":"2024041716562657100_ref31","first-page":"1","article-title":"Pairings in trusted computing","volume-title":"International Conference on Pairing-Based Cryptography","author":"Chen","year":"2008"},{"key":"2024041716562657100_ref32","doi-asserted-by":"crossref","first-page":"156","DOI":"10.1007\/978-3-540-88733-1_11","article-title":"On proofs of security for daa schemes","volume-title":"International Conference on Provable Security","author":"Chen","year":"2008"},{"key":"2024041716562657100_ref33","doi-asserted-by":"crossref","first-page":"219","DOI":"10.1007\/s10207-013-0191-z","article-title":"Anonymous attestation with user-controlled linkability","volume":"12","author":"Bernhard","year":"2013","journal-title":"Int. J. Inf. Secur."},{"key":"2024041716562657100_ref34","doi-asserted-by":"crossref","first-page":"234","DOI":"10.1007\/978-3-662-49387-8_10","article-title":"Universally composable direct anonymous attestation","volume-title":"Public-Key Cryptography\u2013PKC 2016","author":"Camenisch","year":"2016"},{"key":"2024041716562657100_ref35","doi-asserted-by":"crossref","first-page":"901","DOI":"10.1109\/SP.2017.22","article-title":"One tpm to bind them all: Fixing tpm 2.0 for provably secure anonymous attestation","volume-title":"In 2017 IEEE Symposium on Security and Privacy (SP)","author":"Camenisch","year":"2017"},{"key":"2024041716562657100_ref36","first-page":"427","article-title":"Anonymous attestation with subverted tpms","volume-title":"Annual International Cryptology Conference","author":"Camenisch","year":"2017"},{"key":"2024041716562657100_ref37","doi-asserted-by":"crossref","first-page":"425","DOI":"10.1016\/j.future.2019.04.036","article-title":"More efficient, provably-secure direct anonymous attestation from lattices","volume":"99","author":"El Kassem","year":"2019","journal-title":"Future Gener. Comput. Syst."},{"key":"2024041716562657100_ref38","doi-asserted-by":"crossref","first-page":"2260","DOI":"10.1109\/TIFS.2021.3051801","article-title":"Direct anonymous attestation with optimal tpm signing efficiency","volume":"16","author":"Yang","year":"2021","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"2024041716562657100_ref39","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1145\/2508859.2516729","article-title":"Flexible and scalable digital signatures in tpm 2.0","volume-title":"Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security","author":"Chen","year":"2013"},{"key":"2024041716562657100_ref40","doi-asserted-by":"crossref","first-page":"281","DOI":"10.1137\/0217017","article-title":"A digital signature scheme secure against adaptive chosen-message attacks","volume":"17","author":"Goldwasser","year":"1988","journal-title":"SIAM J. Comput."},{"key":"2024041716562657100_ref41","first-page":"427","article-title":"Public-key cryptosystems provably secure against chosen ciphertext attacks","volume-title":"Proceedings of the twenty-second annual ACM symposium on Theory of computing","author":"Naor","year":"1990"},{"key":"2024041716562657100_ref42","volume-title":"Information technology \u2013 Security techniques \u2013 Encryption algorithms \u2013 Part 2: Asymmetric ciphers","author":"ISO\/IEC 18033-2:2006"},{"key":"2024041716562657100_ref43","volume-title":"ANS X9.62 Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA)","author":"ANSI"}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/3\/988\/57231405\/bxad037.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/3\/988\/57231405\/bxad037.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,17]],"date-time":"2024-04-17T19:58:19Z","timestamp":1713383899000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/67\/3\/988\/7130967"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,4,21]]},"references-count":43,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2023,4,21]]},"published-print":{"date-parts":[[2024,4,14]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxad037","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"value":"0010-4620","type":"print"},{"value":"1460-2067","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2024,3]]},"published":{"date-parts":[[2023,4,21]]}}}