Article

Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol

Authors:

Michael Backes,

Matteo Maffei,

Dominique UnruhAuthors Info & Claims

SP '08: Proceedings of the 2008 IEEE Symposium on Security and Privacy

Pages 202 - 215

https://doi.org/10.1109/SP.2008.23

Published: 18 May 2008 Publication History

Publisher Site

Abstract

We devise an abstraction of zero-knowledge protocols that is accessible to a fully mechanized analysis. The abstraction is formalized within the applied pi-calculus using a novel equational theory that abstractly characterizes the cryptographic semantics of zero-knowledge proofs. We present an encoding from the equational theory into a convergent rewriting system that is suitable for the automated protocol verifier ProVerif. The encoding is sound and fully automated. We successfully used ProVerif to obtain the first mechanized analysis of (a simplified variant of) the Direct Anonymous Attestation (DAA) protocol. This required us to devise novel abstractions of sophisticated cryptographic security definitions based on interactive games. The analysis reported a novel attack on DAA that was overlooked in its existing cryptographic security proof. We propose a revised variant of DAA that we successfully prove secure using ProVerif.

Cited By

View all

Wilson JAsplund MJohansson NBoeira F(2024)Provably Secure Communication Protocols for Remote AttestationProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664485(1-12)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664485
Shahrouz JAnaloui M(2024)An anonymous authentication scheme with conditional privacy-preserving for Vehicular Ad hoc Networks based on zero-knowledge proof and BlockchainAd Hoc Networks10.1016/j.adhoc.2023.103349154:COnline publication date: 12-Apr-2024
https://dl.acm.org/doi/10.1016/j.adhoc.2023.103349
Al-Hamadi HYeun CZemerly MAl-Qutayri MGawanmeh AAl-Hammadi YDamiani E(2019)A Novel Protocol for Security of Location Based Services in Multi-agent SystemsWireless Personal Communications: An International Journal10.1007/s11277-019-06499-4108:3(1841-1868)Online publication date: 1-Oct-2019
https://dl.acm.org/doi/10.1007/s11277-019-06499-4
Show More Cited By

Index Terms

Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol

Recommendations

Direct anonymous attestation
CCS '04: Proceedings of the 11th ACM conference on Computer and communications security

This paper describes the direct anonymous attestation scheme (DAA). This scheme was adopted by the Trusted Computing Group (TCG) as the method for remote authentication of a hardware module, called Trusted Platform Module (TPM), while preserving the ...
Automated Proofs for Asymmetric Encryption

Many generic constructions for building secure cryptosystems from primitives with lower level of security have been proposed. Providing security proofs has also become standard practice. There is, however, a lack of automated verification procedures ...
Efficient zero-knowledge argument for correctness of a shuffle
EUROCRYPT'12: Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques

Mix-nets are used in e-voting schemes and other applications that require anonymity. Shuffles of homomorphic encryptions are often used in the construction of mix-nets. A shuffle permutes and re-encrypts a set of ciphertexts, but as the plaintexts are ...

Comments

Information & Contributors

Information

Published In

SP '08: Proceedings of the 2008 IEEE Symposium on Security and Privacy

May 2008

408 pages

ISBN:9780769531687

Publisher

IEEE Computer Society

United States

Publication History

Published: 18 May 2008

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

37
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Wilson JAsplund MJohansson NBoeira F(2024)Provably Secure Communication Protocols for Remote AttestationProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664485(1-12)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664485
Shahrouz JAnaloui M(2024)An anonymous authentication scheme with conditional privacy-preserving for Vehicular Ad hoc Networks based on zero-knowledge proof and BlockchainAd Hoc Networks10.1016/j.adhoc.2023.103349154:COnline publication date: 12-Apr-2024
https://dl.acm.org/doi/10.1016/j.adhoc.2023.103349
Al-Hamadi HYeun CZemerly MAl-Qutayri MGawanmeh AAl-Hammadi YDamiani E(2019)A Novel Protocol for Security of Location Based Services in Multi-agent SystemsWireless Personal Communications: An International Journal10.1007/s11277-019-06499-4108:3(1841-1868)Online publication date: 1-Oct-2019
https://dl.acm.org/doi/10.1007/s11277-019-06499-4
Abadi MBlanchet BFournet C(2017)The Applied Pi CalculusJournal of the ACM10.1145/312758665:1(1-41)Online publication date: 26-Oct-2017
https://dl.acm.org/doi/10.1145/3127586
Dumas JLafourcade POrfila JPuys M(2017)Dual protocols for private multi-party matrix multiplication and trust computationsComputers and Security10.1016/j.cose.2017.04.01371:C(51-70)Online publication date: 1-Nov-2017
https://dl.acm.org/doi/10.1016/j.cose.2017.04.013
Cortier VDallon ADelaune S(2016)Bounding the Number of Agents, forźEquivalence TooProceedings of the 5th International Conference on Principles of Security and Trust - Volume 963510.5555/3089491.3089505(211-232)Online publication date: 2-Apr-2016
https://dl.acm.org/doi/10.5555/3089491.3089505
Dossogne JLafitte F(2015)Blinded additively homomorphic encryption schemes for self-tallying votingJournal of Information Security and Applications10.1016/j.jisa.2014.07.00222:C(40-53)Online publication date: 1-Jun-2015
https://dl.acm.org/doi/10.1016/j.jisa.2014.07.002
Akinyele JGreen MHohenberger SPagano M(2014)Machine-generated algorithms, proofs and software for the batch verification of digital signature schemesJournal of Computer Security10.5555/2699777.269977822:6(867-912)Online publication date: 1-Nov-2014
https://dl.acm.org/doi/10.5555/2699777.2699778
Backes MHriţcu CMaffei M(2014)Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementationsJournal of Computer Security10.5555/2595841.259584522:2(301-353)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.5555/2595841.2595845
Veeningen MWeger BZannone N(2014)Data minimisation in communication protocolsInternational Journal of Information Security10.1007/s10207-014-0235-z13:6(529-569)Online publication date: 1-Nov-2014
https://dl.acm.org/doi/10.1007/s10207-014-0235-z
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

Direct anonymous attestation

Automated Proofs for Asymmetric Encryption

Efficient zero-knowledge argument for correctness of a shuffle

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations