Key Exchange with Anonymous Authentication using DAA-SIGMA Protocol
Anonymous digital signatures such as Direct Anonymous Attestation (DAA) and group signatures have been a fundamental building block for anonymous entity authentication. In this paper, we show how to incorporate DAA schemes into a key exchange protocol between two entities to achieve anonymous authentication and to derive a shared key between them. We propose a modification to the SIGMA key exchange protocol used in the Internet Key Exchange (IKE) standards to support anonymous authentication using DAA. Our key exchange protocol can be also extended to support group signature schemes instead of DAA. We present a secure model for key exchange with anonymous authentication derived from of the Canetti-Krawczyk key-exchange security model. We formally prove that our DAA-SIGMA protocol is secure under our security model.
- Jiangtao Li (1)