Enhanced Privacy ID for Remote Authentication using Direct Anonymous Attestation Scheme?

Anonymizing networks such as Tor allow users to access Internet services privately by using a series of routers to hide the client’s IP address from the server. The success of such networks, however, has been limited to the users employing this anonymity for abusive purposes such as defacing popular Web sites. A system in which servers can “blacklist” misbehaving users, thereby blocking users without compromising their anonymity. For example, As Cloud Services such as Google collect more and more personal data and store them in a centralized manner, the consequence of exposing or leaking an account’s information could be nightmarish. It is desirable that some measures of data control are available on the part of users. In this paper, we introduce a new cryptographic scheme called Enhanced Privacy ID (EPID) for remote, anonymous authentication of a hardware device securely and privately.