Protecting (Anonymous) Credentials with the Trusted Computing Groups Trusted Platform Modules V1.2

Digital credentials and certificates can easily be shared and copied. For instance if a user possesses a credential that allows her to access some service, she can easily share the credentials with her friends and thereby enableher friend to access the service as well. While with non-anonymous credentials, this sharing can to some extend be detected by the fact that some credentials get used too often, such detection is not possible with anonymous credentials. Furthermore, the honest user is also at risk of identity theft: malicious software such as viruses and worms or phishing attacks can without too much difficulty steal her credentials.
One solution to the problem is to use tamper-resistant hardware tokens to which a credential is bound such that a credential can only be used in connection with the token. Although this approach is sometimes taken for isolated high security applications, it is not used widely because of the organizational overhead to distribute such tokens. Moreover such tokens are usually very application specific and hence cannot be used with different applications (from different service providers).
Recently, however, manufacturers have started to embed into computers a tamper-resistant piece of hardware, called trusted platform modules (TPM), as specified by the Trusted Computing Group. In this paper we show that this module can in fact be used to secure anonymous as well as non-anonymous credentials. That is, we provide a mechanism to insure that credentials can only be used with the TPM it got issued to. We then extend our solution to one that allows the use of credentials not only with the TPM they got issued to but also with other TPMs of the same user. Finally, we show how to secure a full-fledged anonymous credential system. Once TPMs are widely distributed, our solution can offer for the first time strong and privacy friendly authentication for electronic transactions.