J4 ›› 2011, Vol. 38 ›› Issue (4): 11-19.doi: 10.3969/j.issn.1001-2400.2011.04.003

• 研究论文 • 上一篇    下一篇

支持组件动态更新的远程证明

锁琰;徐小岩;张毓森;张涛;桂荆京;杨莉;乐康   

  1. (解放军理工大学 指挥自动化学院网络信息安全实验室,江苏 南京  210007)
  • 收稿日期:2010-12-27 出版日期:2011-08-20 发布日期:2011-09-28
  • 通讯作者: 锁琰
  • 作者简介:锁琰(1982-),男,解放军理工大学博士研究生,E-mail: tcsuoyan@gmail.com.
  • 基金资助:

    国家自然科学基金资助项目(60973135);信息安全国家重点实验室资助项目

Key-insulated component property-based attestation

SUO Yan;XU Xiaoyan;ZHANG Yusen;ZHANG Tao;GUI Jingjing;YANG Li;YUE Kang   

  1. (PLA University of Science and Technology, Nanjing  210007, China)
  • Received:2010-12-27 Online:2011-08-20 Published:2011-09-28
  • Contact: SUO Yan

摘要:

将密钥隔离安全机制应用到基于组件属性的远程证明中,并分析方案的正确性和安全性.分析结果表明:未及时更新或者被恶意代码攻击的组件将丧失安全属性,不再具有远程证明能力.实现了无证书的组件证明,省略了验证证书的过程,减少了验证方的负担,并结合现有的可信计算完整性管理模式,给出了实现过程.

关键词: 可信计算, 远程证明, 密钥隔离, 双线性映射

Abstract:

This paper applies the mechanism of Key-insulated security to the component property-based attestation and analyzes the correction and security of the scheme. The analysis shows that the component which has not been updated or attacked by the malicious code will lose the security property, and would not have the ability of remote attestation. This paper implements the certificateless component property based attestation, which eliminates the process of verifying the certificate, reduces the burden of the verifier, and gives the implementation process by combining with the existing integrity management model of trusted computing.

Key words: trusted computing, remote attestation, Key-insulated security mechanism

中图分类号: 

  • TP309