Protecting (Anonymous) Credentials with the Trusted Computing Groups Trusted Platform Modules V1.2

Digital credentials and certificates can easily be shared and copied. For instance if a user possesses a credential that allows her to access some service, she can easily share the credentials with her friends and thereby enableher friend to access the service as well. While with non-anonymous credentials, this sharing can to some extend be detected by the fact that some credentials get used too often, such detection is not possible with anonymous credentials. Furthermore, the honest user is also at risk of identity theft: malicious software such as viruses and worms or phishing attacks can without too much difficulty steal her credentials.
One solution to the problem is to use tamper-resistant hardware tokens to which a credential is bound such that a credential can only be used in connection with the token. Although this approach is sometimes taken for isolated high security applications, it is not used widely because of the organizational overhead to distribute such tokens. Moreover such tokens are usually very application specific and hence cannot be used with different applications (from different service providers).
Recently, however, manufacturers have started to embed into computers a tamper-resistant piece of hardware, called trusted platform modules (TPM), as specified by the Trusted Computing Group. In this paper we show that this module can in fact be used to secure anonymous as well as non-anonymous credentials. That is, we provide a mechanism to insure that credentials can only be used with the TPM it got issued to. We then extend our solution to one that allows the use of credentials not only with the TPM they got issued to but also with other TPMs of the same user. Finally, we show how to secure a full-fledged anonymous credential system. Once TPMs are widely distributed, our solution can offer for the first time strong and privacy friendly authentication for electronic transactions.

By: Jan Camenisch

Published in: RZ3590 in 2005


This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.


Questions about this service can be mailed to .