DAA protocol analysis and verification

Abstract

Direct Anonymous Attestation (DAA) is a popular trusted computing protocol for the anonymous authentication designed for TPM or other embedding devices. Many DAA schemes give out detailed cryptographic proof, however, their security properties has not been yet automatically analyzed and verified particularly against the intruder's or the malicious participant's attack. It is proposed that a DAA analysis model focusing on the intruder's attacks in this paper. The analysis method is the good supplements to the DAA cryptographic proof, though the intruder's capability is not completely assumed. According to DAA protocol status analysis, we find out some attacks like rudolph attack, masquerading attack by using the Murphi tool. At last the paper gives out the reasons for these attacks, and also presents the recommendation solutions against these attacks. From our study, we propose that DAA protocol must be carefully analyzed from the intruder attacking point of view in the DAA system design and implementation. © 2012 Springer-Verlag.