期刊文献+

基于可信移动平台的直接匿名证明方案研究 被引量:7

Research on Direct Anonymous Attestation Scheme Based on Trusted Mobile Platform
下载PDF
导出
摘要 可信平台模块(trusted platform module,TPM)采用的直接匿名证明(direct anonymous attestation,DAA)方法实现了对平台身份的匿名远程证明.然而对于具有匿名远程证明高需求的移动平台,目前仍然没有通用高效的DAA解决方案框架.针对上述问题,提出了一种适用于可信移动平台的DAA方案框架,框架充分考虑了移动应用背景,结合若干基于椭圆曲线的DAA(ECC-DAA)方案重新设计,首次提出匿名凭证嵌入和再次获取凭证功能,符合TPM 2.0技术和接口标准规范.给出了基于TrustZone安全技术和TPM Emulator实现的可信移动平台体系结构.对4种ECC-DAA方案和3种椭圆曲线进行了对比、实现和分析,实验表明,框架能够良好兼容DAA方案和曲线,具有较高的计算速度. Direct anonymous attestation (DAA) adopted by trusted platform module (TPM) provides a platform with remote anonymous identity attestation. However, there is currently no universal and efficient DAA solution frame for mobile platform, while remote anonymous attestation is evidently required by mobile devices. To address this issue, we propose a DAA scheme frame applied for trusted mobile platform. By fully considering the background of mobile applications, we design the frame according to several elliptic curve based DAA (ECC-DAA) schemes, and adapt the frame to TPM 2. 0 API and technology specification. The entity of mobile device manufacture as well as credential embedding and rejoining procedures are added into the frame and the revocation procedure is redesigned accordingly. Moreover, we present the architecture of trusted mobile platform based on TrustZone and TPM Emulator, which acts as one of important entities of the frame. The issues about sensitive information management and credential revocation are discussed. Four kinds of ECC-DAA schemes including CF08, BCL08, BL10 and CPS10 and three kinds of elliptic curves including MNT, BN and super singular curve are finally compared, implemented and analyzed. The experiment results indicate that the frame can be well compatible with these schemes and curves with high-speed computing performance.
出处 《计算机研究与发展》 EI CSCD 北大核心 2014年第7期1436-1445,共10页 Journal of Computer Research and Development
基金 国家自然科学基金重大研究计划项目(91118006) 国家"九七三"重点基础研究发展计划基金项目(2013CB338003)
关键词 信息安全 可信计算 可信平台模块 直接匿名证明 移动平台 TRUSTZONE information security trusted computing trusted platform module (TPM) direct anonymous attestation (DAA) mobile platform TrustZone
  • 相关文献

参考文献31

  • 1中国互联网络信息中心.第31次中国互联网络发展状况统计报告[EB/OL].中联网络信息中心,(2013-01[2013-01-16].http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/hlwtjbg/201301/t20130115_8508.htm.
  • 2中国互联网络信息中心.2012年中国网民信息安全状况研究报告[EB/OL].[2013-10-25].http://www.cnnic.net.cn.
  • 3SHEN ChangXiang,ZHANG HuangGuo,FENG DengGuo,CAO ZhenFu,HUANG JiWu.Survey of information security[J].Science in China(Series F),2007,50(3):273-298. 被引量:39
  • 4冯登国,秦宇,汪丹,初晓博.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349. 被引量:114
  • 5Trusted Computing Group. TCG specification architecture overview, revision 1.2 [EB/OL]. [ 2013-10-25 ]. http:// www. trustedcomputinggroup, org.
  • 6国家密码管理局.可信密码支撑平台技术规范[EB/OL].[2013-11-25].http://www.oscca.gov.cn.
  • 7TCG Mobile Phone Working Group. TCG mobile trusted module speeifieation, version 1.0, revision 7.02 [EB/OL]. [2013-10-25]. http://www, trustedeomputinggroup, org.
  • 8Azema J, Fayad G. M-Shield mobile security: Making wireless secure [EB/OL]. [2013-10 25]. http://www, ti. eom/pdfs/wtbu/ti_ mshield_whitepaper, pdf.
  • 9Wilson P, Mihm T, Frey A, et al. Implementing embedded security on Dual-Virtual-CPU systems [J]. IEEE Design and Test of ICs for Secure Embedded Computing, 2007, 24(6) : 582-591.
  • 10Trusted Computing Group. TPM main specification, version 1.2, revision 116 [EB/OL]. [2013-10-25]. http://www. t rustedcomputinggroup, org.

二级参考文献30

共引文献217

同被引文献76

  • 1沈昌祥,张焕国,王怀民,王戟,赵波,严飞,余发江,张立强,徐明迪.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166. 被引量:249
  • 2张焕国,严飞,傅建明,徐明迪,杨飏,何凡,詹静.可信计算平台测评理论与关键技术研究[J].中国科学:信息科学,2010,40(2):167-188. 被引量:13
  • 3张俊伟,马建峰,文相在.通用可组合的可信网络连接模型和IF-T中的EAP-TNC协议[J].中国科学:信息科学,2010,40(2):200-215. 被引量:2
  • 4沈昌祥,张焕国,冯登国,曹珍富,黄继武.信息安全综述[J].中国科学(E辑),2007,37(2):129-150. 被引量:357
  • 5CHANG C C, SUN C Y. A secure and efficient authentication scheme for e-coupon systems[J]. Wireless Personal Communications, 201,i, 77(4): 2981-2996.
  • 6HSUEH S C, CttEN J M. Sharing secure m-coupons for peer-generated targeting via eWOM communications[J]. Electronic Commerce Research and Applications, 2010, 9(4): 283-293.
  • 7CHEN L, ENZMANN M, SADEGHI A R, et al. A privacy-protecting coupon system[C]//The 9th Intemational Conference on Financial Cryptography and Data Security. Roseau, 2005: 93-108.
  • 8NGUYEN L. Privacy-protecting coupon system revisited[C]//The 10th International Conference on Financial Cryptography and Data Security Anguilla, British West Indies, 2006: 266-280.
  • 9CHEN L, ESCALANTE A, LOHR H, et al. A privacy-protecting multi-coupon scheme with stronger protection against splitting[C]// The llth International Conference on Financial Cryptography and Data Security. Scarborough, Trinidad and Tobago, 2008: 29-44.
  • 10LOHR H. Privacy-preserving protocols and applications for trusted platforms[D]. Bochum: Ruhr-Universit, 2012.

引证文献7

二级引证文献57

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部