# ECDAA This project is a wrapper for the xaptum ecdaa protocol which introduces network functionality to it. ## Prerequisities Tested system: Ubuntu 20.04 LTS Only the ECDAA member can have TPM-backed cryptography. There exist however a member instance where all crypto is done without using a TPM The following guideline is adapred from the Xaptum ECDAA project page at https://github.com/xaptum/ecdaa/blob/master/doc/BUILDING.md ### Building prerequisities from source ``` # Install required packages for the following build from source apt install gcc cmake build-essential doxygen doxygen-latex parallel git clone https://github.com/xaptum/ecdaa.git #tested with commit d9b1ef7 # Create subdirectory for build mkdir -p ecdaa/build && cd ecdaa/build # Build Dependencing from source export CMAKE_PREFIX_PATH=/usr ../.travis/install-amcl.sh ./amcl /usr FP256BN ``` ### Installing TPM support for TPM-backed member There is a tpm2-tss version required (2.3.3) which is not available in Ubuntu 20.04 (has 2.3.2). From Ubuntu 20.10 and later, installing `libtss2-dev` should work. For Ubuntu 20.04, this should be built from source: ``` # Install further required packages for building this lib apt install autoconf autoconf-archive libcmocka0 libcmocka-dev procps iproute2 \ pkg-config libtool libssl-dev uthash-dev libjson-c-dev libini-config-dev # Build the tpm2-tss lib from source ../.travis/install-tpm2-tss.sh ./tpm2-tss /usr ``` ### Installing xaptum/ecdaa When the TPM should be available for use on this host, set `ECDAA_TPM_SUPPORT` accordingly ``` # Build the project from source with TPM support cmake .. -DCMAKE_BUILD_TYPE=Release -DECDAA_CURVES=FP256BN -DCMAKE_INSTALL_PREFIX=/usr -DECDAA_TPM_SUPPORT=ON cmake --build . --target install ``` ## Installing 1. Create the CMake files ``` cmake . ``` 2. Compile the preferred targets - ecdaa_issuer - ecdaa_member (without TPM support) - ecdaa_verifier - ecdaa_member_tpm (with TPM support) - all (all of the above) ``` cmake --build . --target ecdaa_issuer -- -j 2 ``` ## Usage 1. Run the issuer binary `ecdaa_issuer`. It loads persisted keys from disk or generates and saves it automatically. 2. Let the member join the issuer's group: ``` ecdaa_member --join ``` The resulting keys will be persisted as well. 3. Start the verifier `ecdaa_verifier`. Currently it does not know the issuer's public key. Connect to the verifier host on port `6592` and place the command `GETPUBLIC `. The verifier currently does not persist the public key. 4. The member may now send a signed message: ``` ecdaa_member --send ``` After submission the verifer immediately checks the signature and responds to the member accordingly. At this point this project just demonstrates the functionality of ECDAA over the network interface. All session data about memberships are only held in RAM and never persisted. Restarting the Issuer introduces a fresh ECDAA group. ### Setting IP addresses in common.h The IP addresses are defined statically in `common.h`. There is no assumed service discovery. ### Protocol For full function of the protocol, all three parties need to be active. 1. The issuer setups its group 2. A member candidate contact the issuer to become member of his group 3. If the issuer accepts the request, he generates a personalized private key in cooperation with the member. This key may be saved in the TPM. 4. The member can now sign messages in the name of the issuer's group. 5. Given a message signed by a member, the verifier can proof the signature with only the provided issuer's public key. The issuer can not detect which member was the signer of this message A detailed theoretical description can be found at [Camenisch et al., 2016](https://doi.org/10.1007/978-3-662-49387-8_10). Xaptum decided to slightly differ from the protocol specified in the paper: https://github.com/xaptum/ecdaa/blob/master/doc/IMPLEMENTATION.md