Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Introduction to epid

377 visualizaciones

Publicado el

Introducing EPID. A digital signature scheme.

Publicado en: Tecnología
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Introduction to epid

  1. 1. Introduction to Intel EPID
  2. 2. 2 Intel Enhanced Privacy ID EPID is a digital signature scheme with special properties: • Single public key corresponds to multiple private keys • Each unique private key can be used to generate a signature • Signature can be verified using the group public key • No one can tell which private key was used to generate a signature RSA/DSA/ ECDSA EPID Pub-Key Pvt-Key Pvt-Key 1 Pub-Key Pvt-Key 2 Pvt-Key 3
  3. 3. 3 Intel Enhanced Privacy ID International Standard • ISO/IEC 20008/20009 & TCG • Privacy Preserving Anonymous Attestation • RAND-Z licensing Mature Technology • Shipping since 2008 • Xeon, Core 2011 • Atom, 2014 → sub-Atom • 2.4B Keys since 2008 Utilization of EPID • Intel Insider (Digital Rights Management) • Intel Trusted Execution Technology (Intel TXT) • Intel Identity Protection Technology (Intel IPT) • Intel Software Guard Extensions (Intel SGX) Intel is Enabling the Industry on EPID
  4. 4. 4 Anonymity in practice Anonymous GPS data Likely there is a traffic jam here: 49°26'33.3"N 11°05'14.0"E
  5. 5. 5 Linkability Every 5 min Thanks to full privacy EPID gives us we don’t even know about messages coming from the same source. Sometimes that’s a problem... EPID offers a parameter called basename to control linkability.
  6. 6. 6 Revocation Position: 38472384 N 23122333 E EPID provides granular revocation mechanisms: • Group Revocation (GroupRL) • Private Key Based Revocation (PrivRL) • Signature Based Revocation (SigRL) • Verifier Blacklist Revocation !?
  7. 7. 7 EPID Verification Service • Publicly available web service • Way to use EPID without diving into SDK, saves you from: • Revocation list handling • Key management • Converts EPID signatures to standard ECDSA
  8. 8. 8 EPID Verification Service Device 3rd party service EPID Verification Service ECDSA Proof EPID Signature ECDSA Proof
  9. 9. 9 Materials available for Hackathon • EPID SDK: • Sources • Documentation • Examples • Precompiled libraries • Simplified examples in C • Locally hosted version of EPID Verification service • EPID Cheatsheet