Enhanced privacy ID
Enhanced Privacy ID (EPID) is Intel Corporation’s recommended algorithm for attestation of a trusted system while preserving privacy. It has been incorporated in several Intel chipsets since 2008 and Intel processors since 2011. Between 2013 and mid-2015 over 1.1 billion devices containing EPID keys have been shipped.[1] EPID complies with international standards ISO/IEC 20008[2] / 20009,[3] and the Trusted Computing Group (TCG) TPM 2.0 for authentication.[4] Intel contributed EPID intellectual property to ISO/IEC under RAND-Z terms. Intel is recommending that EPID become the standard across the industry for use in authentication of devices in the Internet of Things (IoT) and in December 2014 announced that it was licensing the technology to third-party chip makers to broadly enable its use.[5]
EPID
EPID is an enhancement of the Direct Anonymous Attestation (DAA) algorithm. DAA is a digital signature algorithm supporting anonymity. Unlike traditional digital signature algorithms, in which each entity has a unique public verification key and a unique private signature key, DAA provides a common group public verification key associated with many (typically millions) of unique private signature keys. DAA was created so that a device could prove to an external party what kind of device it is (and optionally what software is running on the device) without needing to provide device identity, i.e., to prove you are an authentic member of a group without revealing which member. EPID enhances DAA by providing an additional utility of being able to revoke a private key given a signature created by that key, even if the key itself is still unknown.
Background
In 1999 the Pentium III added a Processor Serial Number (PSN) as a way to create identity for security of endpoints on the internet. However, privacy advocates were especially concerned and Intel chose to remove the feature in later versions.[6] Building on improving asymmetric cryptography of the time and group keys, Intel Labs researched and then standardized a way to get to the benefits of PSN while preserving privacy.
Roles
There are three roles when using EPID: Issuer, Member and Verifier. The issuer is the entity that issues unique EPID private keys for each member of a group. The member is the entity that is trying to prove its membership in a group. The verifier is the entity who is checking an EPID signature to establish whether it was signed by an entity or device which is an authentic member of the group. Current usage by Intel has the Intel Key Generation Facility as the Issuer, an Intel-based PC with embedded EPID key as a member, and a server (possibly running in the cloud) as the verifier (on behalf of some party that wishes to know that it is communicating with some trusted component in a device).
Key issuing options
The issuing of an EPID key can be done directly by the issuer creating an EPID key and delivering securely to the member, or blinded so that the issuer does not know the EPID private key. Having EPID keys embedded in devices before they ship is an advantage for some usages so that EPID is available inherently in the devices as they arrive in the field. Having the EPID key issued using the blinded protocol is an advantage for some usages, since there is never a question about whether the issuer knew the EPID key in the device. It is an option to have one EPID key in the device at time of shipment, and use that key to prove to another issuer that it is a valid device and then get issued a different EPID key using the blinded issuing protocol.
Uses
In recent years EPID has been used for attestation of applications in the platforms used for protected content streaming and financial transactions. It is also used for attestation in Software Guard Extensions (SGX), released by Intel in 2015. It is anticipated that EPID will become prevalent in IoT, where inherent key distribution with the processor chip, and optional privacy benefits will be especially valued.
Proof that a part is genuine
An example usage for EPID is to prove that a device is a genuine device. A verifier wishing to know that a part was genuine would ask the part to sign a Cryptographic nonce with its EPID key. The part would sign the nonce and also provide a proof that the EPID key was not revoked. The verifier after checking the validity of the signature and proof would know that the part was genuine. With EPID, this proof is anonymous and unlinkable.
Content protection
EPID can be used to attest that a platform can securely stream Digital Rights Management DRM-protected content because it has a minimum level of hardware security. The Intel Insider program uses EPID for platform attestation to the rights-holder.
Securing financial transactions
Data Protection Technology (DPT) for Transactions is a product for doing a 2-way authentication of a Point of Sale (POS) terminal to a backend server based on EPID keys. Using hardware roots of trust based on EPID authentication, the initial activation and provisioning of a POS terminal can securely be performed with a remote server. In general, EPID can be used as the basis to securely provision any cryptographic key material over the air or down the wire with this method.
Internet of Things attestation
For securing the IoT, EPID can be used to provide authentication while also preserving privacy. EPID keys placed in devices during manufacturing are ideal for provisioning other keys for other services in a device. EPID keys can be used in devices for services while not allowing users to be tracked by their IoT devices using these services. Yet if required, a known transaction can be used for when an application and user choose (or require) the transaction to be unambiguously known (e.g., a financial transaction). EPID can be used for both persistent identity and anonymity. Whereas alternative approaches exist for persistent identity, it is difficult to convert persistent identity to anonymous identity. EPID can serve both requirements and can enable anonymous identity in a mode of operation that enables persistence, as well. Thus, EPID is ideal for the broad range of anticipated IoT uses.
Security and privacy are foundational to the IoT. Since IoT security and privacy extend beyond Intel processors to other chipmaker's processors in sensors, Intel announced on December 9, 2014 their intent to license EPID broadly to other chip manufacturers for Internet of Things applications. On August 18, 2015, Intel jointly announced the licensing of EPID to Microchip and Atmel, and showed it running on a Microchip microcontroller at the Intel Developers Forum.[7]
See also
- Direct Anonymous Attestation
- Public-key cryptography
- Privacy enhancing technologies
- Trusted Computing Group
- Trusted platform module
- Loss of Internet anonymity
- Elliptical curve cryptography
- Elliptic Curve Digital Signature Algorithm
- Proof of knowledge
References
- ↑ "Intel Makes Atmel Microchip and Google IoT Moves at IDF" Rethink Research
- ↑ ISO/IEC 20008: Anonymous digital signatures
- ↑ ISO/IEC 20009: Anonymous entity authentication
- ↑ TPM 2.0 Specification
- ↑ "Intel's IoT Vision sees far more than chips" PC World
- ↑ "Intel Disables Chip ID Tracking" ZDNet
- ↑ "EPID Fact Sheet" Intel
External links
- Xiaoyu Ruan: “Chapter 5 – Privacy at the Next Level: Intel’s Enhanced Privacy Identification (EPID) Technology”, Platform Embedded Security Technology Revealed. Apress Media, LLC, 2014. ()
- E. Brickell and Jiangtao Li: “Enhanced Privacy ID from Bilinear Pairing for Hardware Authentication and Attestation”. IEEE International Conference on Social Computing / IEEE International Converence on Privacy, Security, Risk and Trust. 2010. ()
- Data Protection Technology for Transactions
|