You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The publication ia.cr/2017/639 is the most-up-to-date work on the DAA signature algorithm. The authors of this paper work closely with the TCG on specifications and with TPM manufacturers, so the changes the propose often (though not always) find their way into changes on the TPM. We can use this most-up-to-date algorithm with current TPMs, but if all the changes proposed in that paper are eventually accepted by the TCG, updating to support that new TPM spec will be easy (simply removing steps that we perform, in order to allow the TPM to do them). And software-vs-TPM signatures can be created/verified transparently (as their can now, as well).
Further, our current implementation is a bit of a hybrid of previous definitions, due to our chasing changing TPM specification. By updating to this particular algorithm, we will have a more solid description of which algorithm we're implementing (it also has a security proof).
Lastly, this algorithm is the one used by the most-recent FIDO spec. So, if we transition, that will put us into interop with them (though, their reference implementation hasn't been updated to reflect this most-recent spec).
The differences appear to be in the issuing process (the Camenisch-Lysyanskaya signature on the credential is a little different), and looks like it should be straightforward to implement.
The text was updated successfully, but these errors were encountered:
The publication ia.cr/2017/639 is the most-up-to-date work on the DAA signature algorithm. The authors of this paper work closely with the TCG on specifications and with TPM manufacturers, so the changes the propose often (though not always) find their way into changes on the TPM. We can use this most-up-to-date algorithm with current TPMs, but if all the changes proposed in that paper are eventually accepted by the TCG, updating to support that new TPM spec will be easy (simply removing steps that we perform, in order to allow the TPM to do them). And software-vs-TPM signatures can be created/verified transparently (as their can now, as well).
Further, our current implementation is a bit of a hybrid of previous definitions, due to our chasing changing TPM specification. By updating to this particular algorithm, we will have a more solid description of which algorithm we're implementing (it also has a security proof).
Lastly, this algorithm is the one used by the most-recent FIDO spec. So, if we transition, that will put us into interop with them (though, their reference implementation hasn't been updated to reflect this most-recent spec).
The differences appear to be in the issuing process (the Camenisch-Lysyanskaya signature on the credential is a little different), and looks like it should be straightforward to implement.
The text was updated successfully, but these errors were encountered: