期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于非平衡哈希树的平台完整性远程验证机制 被引量:4

Remote attestation mechanism for platform integrity based on unbalanced-Hash tree
下载PDF
导出
摘要 为提高计算平台完整性度量的远程验证效率,提出一种基于非平衡哈希树的平台远程验证机制。平台可信实体的散列值以非平衡哈希树叶子节点的结构存储,远程验证时,查找度量实体对应的叶子节点,记录该叶子节点到根节点的验证路径,然后传递根节点和验证路径给验证方,最后根据验证路径重新计算根节点来验证度量值的有效性。实验结果表明,该机制能够有效降低散列值存储的空间和时间开销,完整性度量验证的时间复杂度为O(lb N)。 In order to improve the remote authentication efficiency for integrity measurement of computing platforms, this paper proposed a platform remote authentication mechanism based on unbalanced-Hash trees. Hash values of platform's trusted entities were stored in the structure of leaf nodes of unbalanced-Hash trees. Effectiveness of the metrics was verified through seeking corresponding leaf nodes of measured entities, recording the validation paths from leaf nodes to root nodes, passing from root nodes to the prover and finally recalculating the root nodes according to validation paths. The experimental results show that the proposed mechanism can effectively reduce time and space overhead of storing Hash values and the time complexity of integrity measurement authentication is O( 1b N).
作者 翁晓康 张平 王炜 朱毅
机构地区 信息工程大学 数学工程与先进计算国家重点实验室
出处 《计算机应用》 CSCD 北大核心 2014年第2期433-437,共5页 journal of Computer Applications
基金 国家核高基项目(2013JH00103)
关键词 可信计算 完整性度量 远程验证 非平衡哈希树 trusted computing integrity measurement remote attestation unbalanced-Hash tree
分类号 TP309.1 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献13

  • 1Trusted Computing Group. TCG specification architecture overview revision1.2[EB/OL].http://www.Trusted computing group.org/,2013.
  • 2SAILER R,ZHANG X L,JAEGER T. Design and implementation of a TCG-based integrity measurement architecture[A].Berkley:USENIX Association,2004.23-28.
  • 3徐梓耀,贺也平,邓灵莉.一种保护隐私的高效远程验证机制[J].软件学报,2011,22(2):339-352. 被引量:14
  • 4JAEGER T,SAILER R,SHANKAR U. PRIMA:Policy-Reduced integrity measurement architecture[A].New York:ACM,2006.19-28.
  • 5LOSCOCCO P A,WILSON P W,PENDERGRASS J A. Linux kernel integrity measurement using contextual inspection[A].New York:ACM,2007.21-29.
  • 6YAN J,ZHAO Y. Trusted attestation of behavior measurement based on Merkle hash tree[J].Journal of Computational Information Systems,2013,(9):3443-3451.
  • 7SUH G E,CLARKE D,GASSEND B. AEGIS:Architecture for tamper-evident and tamper-resistant[A].New York:ACM,2003.23-26.
  • 8CHEN L,LANDFERMANN R,LOHR H. A protecol for propertybased attestation[A].New York:ACM,2006.7-16.
  • 9WANG Q,WANG C,PEN K. Enabling public auditability and data dynamics for storage security in cloud computing[J].{H}IEEE Transactions on Parallel and Distributed Systems,2011,(5):847-859.
  • 10SLANEY M,CASEY M. Locality-sensitive hashing for finding nearest neighbors[J].{H}IEEE Signal Processing Magazine,2008,(2):128-131.

二级参考文献56

  • 1黄涛,沈昌祥.一种基于可信服务器的可信引导方案[J].武汉大学学报(理学版),2004,50(A01):12-14. 被引量:19
  • 2TCG Group. TPM main part l, design principles specification. Version 1.2. 2003. https://www.trustedcomputinggroup.org/home.
  • 3TCG Group. TCG architecture overview specification. 2004. https://www.trustedcomputinggroup.org/home.
  • 4TCG Group. TCG software stack (TSS) specification. Version 1.10. 2003. https://www.trustedcomputinggroup.org.
  • 5Sailer R, Zhang XL, Jaeger T, Doom LV. Design and implementation of a TCG-based integrity measurement architecture. In: Proc. of the 13th Usenix Security Symp. San Diego: Usenix Press, 2004. 16-16.
  • 6Smith S. Trusted Computing Platforms--Design and Applications. New York: Springer-Verlag, 2005. 193-194.
  • 7Seshadri A, Perrig A, Doom LV, Khosla P. SWATT: Software-Based attestation for embedded devices. In: Proc. of the IEEE Security & Privacy Conf. Oakland: IEEE Press, 2004. 272-282.
  • 8Garfinkel T, Rosenblum M, Boneh D. Flexible OS support and applications for trusted computing. In: Proc. of the 9th Workshop on Hot Topics in, Operating Systems (HotOS IX). Hawaii: Usenix Association, 2003.25-25.
  • 9Haldar V, Chandra D, Franz M. Semantic remote attestation: A virtual machine directed approach to trusted computing. In: Proc. of the USENIX Virtual Machine Research and Technology Syrup. San Jose: Usenix Press, 2004.29-41.
  • 10Poritz J, Schunter M, Herreweghen EV, Waidner M. Property attestation--Scalable and privacy-friendly security assessment of peer computers. IBM Research Report, RZ 3548, 2004.

共引文献69

同被引文献32

  • 1侯方勇,王志英,刘真.基于Hash树热点窗口的存储器完整性校验方法[J].计算机学报,2004,27(11):1471-1479. 被引量:4
  • 2张焕国,罗捷,金刚,朱智强,余发江,严飞.可信计算研究进展[J].武汉大学学报(理学版),2006,52(5):513-518. 被引量:114
  • 3Suh, Clarke D, Gassend B, van Dijk M, et al. Efficient memory integrity verification and encryption for secure processors [ C ]. The 36th International Symposium on Microarchitecture,2003 ;339-350.
  • 4Abhishek Das, Gokhan Memik, Joseph Zambreno. Detecting/preventing information leakage on the memory bus due to malicious hardware [ C ]. The Conference on Design, Automation and Test in Europe, 2010; 861 -866.
  • 5Gassend B,Suh G,Clarke D,et al. Caches and hash trees for efficient memory integrity verification [ C ]. In Proc of the 9 th International Symposium on High Performance Computer Architecture (HPCA-9) ,2003:295-306.
  • 6Shi W, Lee H H. Authentication control point and its implications for secure processor design [ C]. In Proc. of the 39th Annual International Symposium on Microarchitecture,2006:103-112.
  • 7Yan C,Rogers B,Englender D,et al. Improving cost,performance, and security of memory encryption and authentication [ C ]. In Proc. of the International Symposium on Computer Architecture, 2006:179-190.
  • 8Nimgaonkar S, Gomathisankaran M. Energy efficient memory authentication mechanism in embedded systems [ C ]. In Proc of the 2011 International Symposium on Electronic System Design (ISED) ,2011:248-253.
  • 9Brian Rogers,Chenyu Yan,Siddhartha Chhabra. Single-level integrity and confidentiality protection for distributed shared memory multiprocessors [ C ]. In Proc. of the International Symposium on Computer Architecture ,2008:161-172.
  • 10Cotret P,Crenne J,Gogniat G,et al. Distributed security for communications and memories in a multiprocessor architecture [ C ]. Parallel and Distributed Processing Workshops and Phd Forum (IP-DPSW) ,2011 IEEE International Symposium on. IEEE,2011:326-329.

引证文献4

二级引证文献13

计算机应用
2014年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部