Anonymous Credentials for Java Enabled Platforms: A Performance Evaluation

摘要

Anonymity and privacy protection are very important issues for Trusted Computing enabled platforms. These topics are especially important when two platforms perform a remote attestation as specified by the Trusted Computing Group (TCG). Attestation requires a platform to prove its current platform configuration by cryptographic means. However, using common digital signature schemes requires a complex public key infrastructure and allows the verifier to track and identify the signing platform. In order to address this problem, the TCG has introduced two concepts how the anonymity of Trusted Platform Modules (TPMs), and with it the anonymity of certain platforms, can be protected. The most promising of these two concepts is the Direct Anonymous Attestation (DAA) scheme which eliminates the requirement of a remote authority but includes complex mathematical computations. In this paper, we address the question whether anonymous credential systems like DAA can be efficiently used on Java enabled platforms and resource constrained devices like mobile phones. In order to be able to investigate this situation, we developed a software library that supports the basic DAA processes setup, join, sign and verify for J2SE and J2ME based virtual machines. Although our results show that DAA can efficiently be used on desktop platforms, off-the-shelf mobile phones require some premises in order to use DAA adequately.