摘要
现有的基于平台安全属性的远程证明方法对认证双方所传输的信息进行了加密,虽然可以实现数据保密,但认证过程耗时比较长,针对该问题,提出2个基于平台属性的远程证明方案以提高平台属性的验证效率,其中基于可部分否认的认证方案在远程证明的性能优化方面表现显著,基于Bloom过滤器与Paillier加密的认证方案的性能提升虽然不如可部分否认的认证方案,但是该方案对所传输的信息能够具备保密特性,这2个认证方案适用于对远程证明效率要求较高的应用场景,同时能够实现身份认证时对计算平台安全性的检查与校验.
The existing platform security attributes-based remote attestation method encrypts all the information transmitted between senders and receivers. Although it can achieve data confidentiality,it consumes too much time to complete authentication. Two remote attestation schemes based on platform attributes proposed in this paper can effectively improve the verification efficiency. The performance optimization result from the partial deniable authentication scheme is very significant. Although the performance improvement produced by the Bloom-filter-with-Paillier-encryption-based authentication scheme is not as remarkable as that of the partial deniable authentication scheme,the Bloom-filter-withPaillier-encryption-based authentication scheme has the confidential characteristics for the transmitted information. Both authentication schemes are suitable for those application scenarios with high demand for efficiency,which can help achieve computing platform security check while combined with identity verification.
出处
《北京工业大学学报》
CAS
CSCD
北大核心
2017年第9期1357-1365,共9页
Journal of Beijing University of Technology
基金
国家自然科学基金资助项目(61672092)
智能交通数据安全与隐私保护技术北京市重点实验室资助项目
关键词
可信计算
远程证明
平台属性
部分可否认认证
trusted computing
remote attestation
platform attributes
partial deniable authentication
