支持组件动态更新的远程证明

doi:10.3969/j.issn.1001-2400.2011.04.003

Abstract

Abstract:

This paper applies the mechanism of Key-insulated security to the component property-based attestation and analyzes the correction and security of the scheme. The analysis shows that the component which has not been updated or attacked by the malicious code will lose the security property, and would not have the ability of remote attestation. This paper implements the certificateless component property based attestation, which eliminates the process of verifying the certificate, reduces the burden of the verifier, and gives the implementation process by combining with the existing integrity management model of trusted computing.

Key words: trusted computing, remote attestation, Key-insulated security mechanism

CLC Number:

TP309

SUO Yan;XU Xiaoyan;ZHANG Yusen;ZHANG Tao;GUI Jingjing;YANG Li;YUE Kang. Key-insulated component property-based attestation[J].J4, 2011, 38(4): 11-19.

References

［1］ Trusted Computing Group. TNC Architecture for Interoperability Version 1.4, Revision 4 ［EB/OL］.［2009-08-04］. http://www.trustedcomputinggroup.org/files/resource_files/51F9691E-1D09-3519-AD1C1E27D285F03B/TNC_Architecture_v1_4_r4.pdf.
［2］ TCG Infrastructure Working Group. Infrastructure Work Group Reference Architecture for Interoperability Specification (Part 1), Version 1.0［EB/OL］.［2009-12-22］. http://www.trustedcomputinggroup.org/files/resource_files/8770A217-1D09-3519-AD17543BF6163205/IWG_Architecture_v1_0_r1.pdf.
［3］ Dierks T, Rescorla E. The Transport Layer Security (TLS) Protocol Version 1.1 ［EB/OL］.［2009-07-09］. http://www.ietf.org/rfc/rfc4346.txt?number=4346.
［4］ Kent S, Seo K. Security Architecture for the Internet Protocol［EB/OL］.［2009-12-23］. http://www.ietf.org/rfc/rfc2401.txt.
［5］ Chen L Q, Landfermann R, Lohr H, et al. A Protocol for Property-base Attestation ［C］//Proceedings of the First ACM Workshop On Scalable Trusted Computing. New York: ACM Press, 2006: 7-16.
［6］ Poritz J, Schunter M, Herreweghen E V, et al. Property Attestation-Scalable and Privacy-friendly Security Assessment of Peer Computers, RZ3548［R］. Switzerland: IBM Zurich Research Laboratory, 2004.
［7］ Sadeghi A, Stüble C. Property-based Attestation for Computing Platforms: Caring About Properties, Not Mechanisms ［C］//Proceedings of the New Security Paradigms Workshop. New York: ACM Press, 2004: 67-77.
［8］ Kuhn U, Selhorst M, Stueble C. Realizing Property-based Attestation and Sealing with Commonly Available Hard and Software ［C］//Proceedings of the Scalable Trusted Computing. New York: ACM Press, 2007: 50-57.
［9］ Chen L Q, Lohr H, Manulis M, et al. Property-based Attestation without a Trusted Third Party ［C］//ISC 2008, Lecture Notes in Computer Science: Vol 5222. Berlin: Springer-Verlag, 2008: 31-46.
［10］秦宇, 冯登国. 基于组件属性的远程证明［J］. 软件学报, 2009, 20(6): 1625-1641.
Qin Yu, Feng Dengguo. Component Property Based Remote Attestation ［J］. Journal of Software, 2009, 20(6): 1625-1641.
［11］冯登国, 秦宇. 可信计算环境证明方法研究［J］. 计算机学报, 2008, 31(9): 1640-1652.
Feng Dengguo, Qin Yu. Research on Attestation Method for Trust Computing Environment ［J］. Chinese Journal of Computers, 2008, 31(9): 1640-1652.
［12］ Weng J, Liu S L, Chen K F, et al. Identity-Based Key-Insulated Signature without Random Oracles ［C］//CIS2006, Lecture Notes in Computer Science: Vol 4456. Berlin: Springer-Verlag, 2007: 470-480.
［13］ Groth J, Sahai A. Efficient Non-interactive Proof Systems for Bilinear Groups ［C］//EuroCrypt2008, Lecture Notes in Computer Science: Vol 4965. Berlin: Springer-Verlag, 2008: 415-432.
［14］ TCG Infrastructure Working Group. Integrity Management (Part II) Specification Version 1.0, Revision 1. 17 ［EB/OL］. ［2008-09-19］. http://www.trustedcomputinggroup.org/files/resource_files/87651761-1D09-3519-AD6C5B3E41547285/IWG_ArchitecturePartII_v1.0.pdf.

[1]	LIU Jiao;SUN Cong;MA Jianfeng;JIAO Zhengda. Remote authorization protocol for vehicle diagnosis using trusted platform measurements [J]. Journal of Xidian University, 2017, 44(3): 49-54+119.
[2]	ZHANG Zhi-yong1;2;PEI Qing-qi1;YANG Lin3;MA Jian-feng1. Attestation proxy party-supported remote attestation model and its secure protocol [J]. J4, 2009, 36(1): 58-63.

Key-insulated component property-based attestation

PDF (PC)

Like

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 2

Metrics

Comments

Recommended 0