diff --git a/presentation/191119_long/header.tex b/presentation/191119_long/header.tex index 3b2d823..c1a51a6 100755 --- a/presentation/191119_long/header.tex +++ b/presentation/191119_long/header.tex @@ -24,6 +24,8 @@ \usepackage{amsmath} \usepackage{amssymb} \usepackage{textcomp} +\usepackage{amssymb} +\usepackage{mathtools} %properties for listings: diff --git a/presentation/191119_long/long.pdf b/presentation/191119_long/long.pdf index d740e22..604f1e8 100644 Binary files a/presentation/191119_long/long.pdf and b/presentation/191119_long/long.pdf differ diff --git a/presentation/191119_long/long.tex b/presentation/191119_long/long.tex index 04de887..677cdd7 100644 --- a/presentation/191119_long/long.tex +++ b/presentation/191119_long/long.tex @@ -54,19 +54,86 @@ \begin{frame} \frametitle{Solution: Direct Anonymous Attestation (DAA)} + \begin{center} + \includegraphics[width=0.7\textwidth]{../../resources/daa} + \end{center} + \begin{itemize} \item based on group signatures \item Zero Knowledge Proof to verify group membership \item defines 3 Parties \begin{itemize} - \item Issuer: provides public key for a group (e.g. all Biometric Sensors) and manages group memberships - \item Member: holds a group private key to sign messages (e.g. a Biometric Sensor) - \item Verifier: knows the group public key and is able to verify correctness of signature (e.g. Personal Agent) + \item \emph{Issuer}: provides public key for a group (e.g. all Biometric Sensors) and manages group memberships + \item \emph{Member}: holds a group private key to sign messages (e.g. a Biometric Sensor) + \item \emph{Verifier}: knows the group public key and is able to verify correctness of signature (e.g. Personal Agent) \end{itemize} - \item used DAA is based on Elliptic Curves (ECDAA) \end{itemize} \end{frame} +\begin{frame} + \frametitle{DAA Setup: Issuer creates Bilinear Group and Keys} + \begin{eqnarray*} + q,\mathbb{G}_1, \mathbb{G}_2, \mathbb{G}_T, g_1, g_2, e + \end{eqnarray*} + \begin{itemize} + \item $\mathbb{G}_1, \mathbb{G}_2, \mathbb{G}_T$: groups of prime order $q$ + \item $g_1 \in \mathbb{G}_1$, $g_2 \in \mathbb{G}_2$: generator points + \item $e$: bilinear map with properties + \begin{itemize} + \item \emph{Bilinear}: For all $P \in \mathbb{G}_1, Q \in \mathbb{G}_2$, for all $a,b \in \mathbb{Z}$, $ e(P^a,Q^b) = e(P,Q)^{ab}$ + \item \emph{Non-degenerate}: There exists some $P \in \mathbb{G}_1, Q \in \mathbb{G}_2$ such that $e(P,Q) \neq 1$, where 1 is the identity of $\mathbb{G}_T$ + \item \emph{Efficient}: There exists an efficient algorithm for computing $e$ + \end{itemize} + \item Choose secret key $x\leftarrow\mathbb{Z}_q$, $y\leftarrow\mathbb{Z}_q$ + \item generate public key $X=g_2^x$, $Y=g_2^y$ + \end{itemize} +\end{frame} +\begin{frame} + \frametitle{Bilinear Maps} + Definition Bilinear Maps: + \begin{itemize} + \item \emph{Bilinear}: For all $P,Q \in G$, for all $a,b \in \mathbb{Z}$, $e(P^a,Q^b) = e(P,Q)^{ab}$ + \item \emph{Non-degenerate}: There exists some $P,Q \in G$ such that $e(P,Q) \not 1$ where 1 is the identity of $\mathrm{G}$ + \end{itemize} +\end{frame} +\begin{frame} + \frametitle{Bilinear Maps: Signatures} + \begin{itemize} + \item given message $m$ and random number $r leftarrow \mathbb{Z}_q$ + + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{Bilinear Maps: Zero Knowledge Proofs} + \begin{itemize} + \item Do the same as before, but choose to additional random variables $r$ and $r'$ + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{DAA Join: Member joins to Issuer's Group} + \begin{center} + \begin{footnotesize} + \begin{tabular}{|lclcl|}\hline + \multicolumn{1}{|c}{TPM}&&\multicolumn{1}{c}{Host}&&\multicolumn{1}{c|}{Issuer}\\\hline + &&&$\xrightarrow{\text{JOIN}}$&$n\leftarrow\{0,1\}^{ln}$\\ + $gsk\leftarrow\mathbb{Z}$&$\xleftarrow{\makebox[5mm]{n}}$&&$\xleftarrow{\makebox[5mm]{n}}$&\\ + $Q\leftarrow g_1^{gsk}$&&&&\\ + $\pi_1\rightarrow SPK\{(\alpha):g_1^\alpha\}$&$\xrightarrow{Q,\pi_1}$&&$\xrightarrow{Q,\pi_1}$&verify $\pi_1$\\ + &&&&$r\leftarrow\mathbb{Z}_q$\\ + &&&&$a\leftarrow g_1^r$\\ + &&&&$b\leftarrow a^{x+ym}$\\ + &&&&$c\leftarrow a^x\cdot Q^{rxy}$\\ + &&&&$d\leftarrow Q^{ry}$\\ + &&&&$\pi_2\leftarrow SPK\{(t):$\\ + &&$e(a,X)\cdot e(c,Y)$&$\xleftarrow{a,b,c,d,\pi_2}$&$ b=g_1^t \wedge d=Q^t\}$\\ + verify $\pi_2$&$\xleftarrow{b,d,\pi_2}$&$\stackrel{?}{=}e(b,g_2)$&&\\ + store($gsk, b, d$)&$\xrightarrow{JOINED}$&store($a,b,c,d$)&&\\\hline + \end{tabular} + \end{footnotesize} + \end{center} +\end{frame} \end{document} diff --git a/references/Camenisch-Bilinear_Maps.pdf b/references/Camenisch-Bilinear_Maps.pdf new file mode 100644 index 0000000..7c5d5dd Binary files /dev/null and b/references/Camenisch-Bilinear_Maps.pdf differ diff --git a/references/Camenisch-Efficient_DAA_Scheme.pdf b/references/Camenisch-Efficient_DAA_Scheme.pdf new file mode 100644 index 0000000..6af84e6 Binary files /dev/null and b/references/Camenisch-Efficient_DAA_Scheme.pdf differ diff --git a/resources/daa.fig b/resources/daa.fig new file mode 100644 index 0000000..9ecc32d --- /dev/null +++ b/resources/daa.fig @@ -0,0 +1,58 @@ +#FIG 3.2 Produced by xfig version 3.2.7 +Landscape +Center +Inches +Letter +100.00 +Single +-2 +1200 2 +6 3750 4650 5250 5400 +2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5 + 5250 5400 5250 4650 3750 4650 3750 5400 5250 5400 +4 1 0 50 -1 4 14 0.0000 0 180 750 4500 5100 Verifier\001 +-6 +6 1200 3225 2700 3975 +2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5 + 2700 3975 2700 3225 1200 3225 1200 3975 2700 3975 +4 1 0 50 -1 4 14 0.0000 0 180 885 1950 3675 Member\001 +-6 +6 6450 3225 7950 3975 +2 4 0 1 0 7 50 -1 -1 0.000 0 0 7 0 0 5 + 7950 3975 7950 3225 6450 3225 6450 3975 7950 3975 +4 1 0 50 -1 4 14 0.0000 0 180 645 7200 3675 Issuer\001 +-6 +6 1650 4725 2250 5550 +1 4 0 1 0 7 50 -1 -1 0.000 1 0.0000 2100 4875 106 106 2175 4800 2025 4950 +1 3 0 1 0 7 50 -1 -1 0.000 1 0.0000 2100 4875 75 75 2100 4875 2100 4800 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 6 + 2250 4725 2250 5550 1650 5550 1650 4875 1800 4725 2250 4725 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 3 + 1650 4875 1800 4875 1800 4725 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 2175 4950 2175 5100 2100 5025 2025 5100 2025 4950 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 1800 5175 2100 5175 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 1800 5250 2100 5250 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 1800 5325 2100 5325 +-6 +6 2250 4650 3750 5100 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 0 1.00 120.00 180.00 + 3750 5025 2250 5025 +4 1 0 50 -1 4 12 0.0000 0 210 510 3000 4875 verify\001 +-6 +6 1875 3975 2625 4725 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 0 1.00 120.00 180.00 + 1950 3975 1950 4725 +4 0 0 50 -1 4 12 0.0000 0 150 525 2100 4350 attest\001 +-6 +6 2700 3225 6450 3675 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 0 1.00 120.00 180.00 + 2700 3600 6450 3600 +4 1 0 50 -1 4 12 0.0000 0 210 330 4425 3450 join\001 +-6 diff --git a/resources/daa.pdf b/resources/daa.pdf new file mode 100644 index 0000000..f83228d Binary files /dev/null and b/resources/daa.pdf differ