通信学报

• 学术论文 • 上一篇    下一篇

基于可信芯片的平台身份证明方案研究

张倩颖,冯登国,赵世军   

  1. 1. 中国科学院 软件研究所,北京 100190;2. 中国科学院大学,北京 100049
  • 出版日期:2014-08-25 发布日期:2014-08-15
  • 基金资助:
    国家自然科学基金资助项目(91118006, 61202414);国家重点基础研究发展计划(“973”计划)基金资助项目(2013CB338003)

Research of platform identity attestation based on trusted chip

  • Online:2014-08-25 Published:2014-08-15

摘要: 对基于可信第三方的平台身份证明方案进行了研究,提出了一种用证书和令牌标识可信计算平台并直接使用令牌证明平台身份的方案。与其他方案相比,该方案降低了证明过程的计算量和通信量,并且验证方验证平台身份的同时能够确认平台状态可信,获得了更高的安全性。利用协议组合逻辑证明了方案满足平台身份验证正确性和匿名性。原型系统实验结果表明,该方案平台身份证明效率高,特别适用于无线网络环境。

Abstract: By studying the platform identity attestation base on trusted third parties, a scheme where a trusted computing platform is identified by a certificate and a token is proposed. In this scheme, only the token is used when the platform proves its identity. Compared to other schemes, this scheme not only has much lower calculation and communication, but also convinces the verifier of the trustworthiness of the client’s platform state during the platform identity attestation. A detailed security proof of the proposed scheme is presented by using the protocol composition logic, and the proof shows that the scheme satisfies correctness and anonymity of platform identity verification. The experiment result in a developed prototype system shows that the proposed scheme provides good performances in computation and communication, and is especially suitable for the wireless network.

No Suggested Reading articles found!