摘要
针对可信计算静态信任链中的度量核心CRTM存在着实现上的度量不完整、不准确、以及带来的安全威胁的问题,详细描述了静态可信度量根SRTM的度量漏洞,基于可信平台模块TPM时间戳和SMI中断,提出了一种完整的SRTM度量过程和安全证明协议,通过构造可靠的CRTM安全协议,使得攻击者对时间阈值的篡改攻击是不可行的,有效修补了SRTM系统存在的安全漏洞.
Aiming at the security problem including over writability, inaccuracy, weak implementation which be- ing in core root of trust for measurement (CRTM) of static chain of trust for trusted computing, this paper described the measurement problems of static root of trust for measurement (SRTM) in detail, and put forward a new complete SRTM measurement and attestation protocol based on trusted platform module (TPM) timestamp and SMI (system management interrupt), which could implement more secure CRTM and integrity measurement protocol and mend the SRTM system's vulnerabilities since it was hard for the attacker to tamper with time threshold.
出处
《武汉大学学报(理学版)》
CAS
CSCD
北大核心
2016年第3期225-229,共5页
Journal of Wuhan University:Natural Science Edition
基金
国家自然科学基金资助项目(61502438
61272452)
湖北省自然科学基金重点项目(2015CFA061)
武汉轻工大学引进(培养)人才科研启动资金(2014RZ01)资助项目
关键词
静态可信度量根
可信度量根核
基于时间戳的证明
static root oftrust for measurement
core root of trust for measurement
timestamp-based attestation
