PQCrypto 2023, the 14th International Conference on Post-Quantum Cryptography, was a significant gathering that took place from August 16-18, 2023, in College Park, MD, USA. PQCrypto aims to serve as a forum for researchers to present results and exchange ideas on cryptography in an era with large-scale quantum computers.
ENTRUST participated, represented by our partner SURREY, and presented a PQ hash-based Direct Anonymous Attestation.
In general, a Direct Anonymous Attestation (DAA) has been adopted in Trusted Platform Module (TPM) specifications and ISO/IEC standards. The standardized DAA schemes have their security based on the factoring or the discrete logarithm problem and are therefore insecure against quantum attackers. The existing quantum-resistant DAA research has designed lattice-based DAA schemes.
Our work proposes the first post-quantum DAA scheme from symmetric primitives. We make use of a hash-based signature scheme, which is a slight modification of SPHINCS+, as a DAA credential. A DAA signature, proving the possession of such a credential, is a multiparty computation-based non-interactive zero-knowledge proof. The security of our scheme is proved under the Universal Composability (UC) model. Our DAA scheme can handle a large group size (up to 2^60 group members), which meets the requirements of rapidly increasing TPM applications.