The Direct Anonymous Attestation scheme allows to map procedures with an imperative requirement for anonymity, such as voting, to the electronic world while offering provable security. However, the scheme is complex and requires demanding computations to be performed on a tamper-proof device. Such devices, e.g. secure smart cards, are typically resource constrained. We present the first implementation of the (simplified) Direct Anonymous Attestation protocols suitable for contemporary Java Card smart cards. We point out performance bottlenecks and provide efficient solutions which allow our implementation to terminate within acceptable time.
展开▼