Protecting (anonymous) credentials with the Trusted Computing Group's TPM V1.2

Abstract

Digital credentials and certificates can easily be shared and copied. For instance, if a user possesses a credential that allows her to access some service, she can easily share it with her friends and thereby let them use the service as well. While with non-anonymous credentials, this sharing can to some extend be detected by the fact that some credentials get used too often, such detection is not possible with anonymous credentials. Furthermore, the honest user is also at risk of identity theft: malicious software such as viruses and worms or phishing attacks can without too much difficulty steal her credentials. One solution to the problem is to use tamper-resistant hardware tokens to which a credential is bound such that a credential can only be used in connection with the token. Although this approach is sometimes taken for isolated high security applications, it is not used widely because of the organizational overhead to distribute such tokens. Moreover, such tokens are usually very application specific and hence cannot be used with different applications (from different service providers). Recently, however, manufacturers have started to embed into computers a tamper-resistant piece of hardware, called trusted platform modules (TPM), as specified by the Trusted Computing Group. In this paper we show that this module can in fact be used to secure anonymous as well as non-anonymous credentials. We provide a mechanism to insure that credentials can only be used with the TPM it got issued to. We then extend our solution to one that allows the use of credentials not only with the TPM they got issued to but also with other TPMs of the same user. Finally, we show how to secure a full-fledged anonymous credential system. © 2006 International Federation for Information Processing.