With the spreading of embedded and mobile devices, public-key cryptography hasbecome an important feature for securing communication and protecting personal data. However, the computational requirements of public-key cryptosystems are often beyond the constraints em-bedded processors are bound to. This is especially true for cryptosystems that make heavy use of modular exponentiation like the Direct Anonymous Attestation scheme. The most popular al-gorithm for modular exponentiation is the Montgomery exponentiation based on sliding window technology. This technology offers several configuration options in order to get the best trade-offbetween the amount of precomputations and multiplications that are required for different exponentiation operands. Consequently, the optimum configuration and best parameters for receivingthe highest performance gain are of interest. In this paper, we analyse different approaches for improving the performance of modular exponentiations with respect to the DAA scheme on Javaenabled platforms. In particular, we analyse the optimal parameter setting for the Montgomery exponentiation and investigate how natively executed modular multiplications and modular re-ductions, with respect to a minimum of native code involved, can be integrated to improve the performance of mobile Java applications. Our experimental results show that the optimal setupof the Montgomery algorithm for a single modular exponentiation differs from the optimal setup used for the combination of all operations and operands used in the Direct Anonymous Attesta-tion scheme. We also show that it is possible to get an immense performance gain by executing small parts of critical arithmetic operations natively on the platform thereby, not reducing theflexibility of mobile Java code.

trusted computing, DAA, anonymous credentials, remote attestation