Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introduction to epid


Published on

Introducing EPID. A digital signature scheme.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Introduction to epid

  1. 1. Introduction to Intel EPID
  2. 2. 2 Intel Enhanced Privacy ID EPID is a digital signature scheme with special properties: • Single public key corresponds to multiple private keys • Each unique private key can be used to generate a signature • Signature can be verified using the group public key • No one can tell which private key was used to generate a signature RSA/DSA/ ECDSA EPID Pub-Key Pvt-Key Pvt-Key 1 Pub-Key Pvt-Key 2 Pvt-Key 3
  3. 3. 3 Intel Enhanced Privacy ID International Standard • ISO/IEC 20008/20009 & TCG • Privacy Preserving Anonymous Attestation • RAND-Z licensing Mature Technology • Shipping since 2008 • Xeon, Core 2011 • Atom, 2014 → sub-Atom • 2.4B Keys since 2008 Utilization of EPID • Intel Insider (Digital Rights Management) • Intel Trusted Execution Technology (Intel TXT) • Intel Identity Protection Technology (Intel IPT) • Intel Software Guard Extensions (Intel SGX) Intel is Enabling the Industry on EPID
  4. 4. 4 Anonymity in practice Anonymous GPS data Likely there is a traffic jam here: 49°26'33.3"N 11°05'14.0"E
  5. 5. 5 Linkability Every 5 min Thanks to full privacy EPID gives us we don’t even know about messages coming from the same source. Sometimes that’s a problem... EPID offers a parameter called basename to control linkability.
  6. 6. 6 Revocation Position: 38472384 N 23122333 E EPID provides granular revocation mechanisms: • Group Revocation (GroupRL) • Private Key Based Revocation (PrivRL) • Signature Based Revocation (SigRL) • Verifier Blacklist Revocation !?
  7. 7. 7 EPID Verification Service • Publicly available web service • Way to use EPID without diving into SDK, saves you from: • Revocation list handling • Key management • Converts EPID signatures to standard ECDSA
  8. 8. 8 EPID Verification Service Device 3rd party service EPID Verification Service ECDSA Proof EPID Signature ECDSA Proof
  9. 9. 9 Materials available for Hackathon • EPID SDK: • Sources • Documentation • Examples • Precompiled libraries • Simplified examples in C • Locally hosted version of EPID Verification service • EPID Cheatsheet