摘要
完整性校验通常对整个内容采用MD5等算法获得摘要。移动可信平台需要经常进行大量完整性校验,然而其各种资源却十分有限。提出了一种可以配合各种成熟的HASH算法使用的完整性校验方法——RMAC(Random-MAC)。从不同版本的Linux系统中,搜集了不同格式的ELF文件,随机抽取粒度样本,进行完整性校验分析。实验结果发现,在合适的抽取粒度下RMAC可以将效率提高一倍甚至更多。单次RMAC校验的安全性能在可接受范围内有所下降,但是由于其引入随机性,每次计算产生的摘要都不同,使目前已有的病毒都无法做到每次都能通过RMAC校验。RMAC提供的障碍有效地降低了病毒的繁殖速度,可以阻止病毒的大规模爆发。
Integrity checks are typically performed on the entire content using algorithms such as MD5. Mobile Trusted Platforms often require extensive integrity checks, but their resources are limited. We propose an integrity checking method RMAC (Random-MAC), which can be used with various mature HASH algorithms. ELF files of different formats were collected from different versions of Linux systems. Furthermore, random samples of granularity were taken for completeness verification analysis. The experimental results show that RMAC can double or even more efficiently at the appropriate extraction granularity. The security performance of a single RMAC check is degraded in the acceptable range. However, due to the randomness of the RMAC check, the summary of each calculation is different, so that the existing virus can't be done every time through the RMAC Inspection. The barriers provided by RMAC effectively reduce the rate of virus propagation and prevent large-scale virus outbreaks.
作者
张永棠
ZHANG Yong-tang(Department of computer science and technology, Guangdong Neusofl Institute, Foshan, Guangdong 528225, China Jiangxi Microsoft Technology Center, Nanchang, Jiangxi 330003, China)
出处
《井冈山大学学报(自然科学版)》
2017年第2期55-60,共6页
Journal of Jinggangshan University (Natural Science)
基金
广东省普通高校特色创新项目(2014KTSCX212)
江西省教育厅科学技术研究项目(GJJ13355)
关键词
可信
ELF
可执行文件
完整性校验
trusted computing
ELF
executable file
integrity measurement
