摘要
在可信环境下,我们对密钥协商协议的形式化方法—Canetti-Krawczyk(CK)模型进行研究,对该模型中定义的攻击者三种攻击能力重新进行分析.发现在可信环境下,如果用户的签名/验证公私钥对是由TPM生成的,则CK模型中的攻击者只有一种攻击能力:会话密钥查询(session-key query);否则攻击者有两种攻击能力:会话密钥查询和一种新的攻击能力—长期私钥攻陷攻击(long-termprivate key corruption).另外,TPM克服了CK模型中基于加密算法认证器的安全缺陷.在此基础上,我们提出了可信环境下的CK模型—CKTC.之后,通过一个使用CKTC模型进行密钥协商的例子可以看出该模型简化了可信环境下密钥协商协议的设计与分析.另外,通过分析我们发现:为了提高密钥协商协议的安全性,不同国家应该根据各自的需要在TPM内部增加对称加解密模块;用户的签名/验证公私钥对也尽可能由TPM来生成.
Under the trusted environment, we rethink the three attack abilities defined in the Canetti-Krawczyk (CK) model which is a formal method for the design and analysis of key agreement protocols. We find that under the masted environment if the signatture/verification key pair is generated by TPM, the attacker in the CK model has only one attack ability: session-key query. Otherwise,he has two abilities: session-key query and one new attack ability: long-term private key corruption. In addition, TPM overcomes the weakness of the encryption algorithm based authenticator in the Canetti-Krawczyk model. Based on these, we pro- posed a new CK model under the trusted environment--CKTC. Thereafter, through an example of utilization of CKTC to design a key-agreement protocol, it can be seen that this formal model predigests the difficulty of the design and analysis a key-agreement protocol under trusted environment. In addition, we find that in order to enhance the security of a key agreement protocol, every country should add their own symmetric encryption modules in the TPM, and a user' s signature/verification key pair should be generated by TPM.
出处
《电子学报》
EI
CAS
CSCD
北大核心
2009年第1期7-12,共6页
Acta Electronica Sinica
基金
国家863高技术研究发展计划(No.2007AA01Z429,2007AA01Z405,2007AA01Z472)
国家自然科学基金重点项目(No.60633020)
国家自然基金(No.60702059,60573036)
华为公司科技基金(No.YJCB2008053MT)
天津科技攻关计划(No.06YFGZGX17500)
