摘要： 可信计算组织提出的可信网络连接框架规范无法安全高效地支持未来移动计算和普适计算等应用场景，针对该问题，在完整性验证中采用服务器和客户端的双向认证方法，提出一种可信网络接入与认证协议，提高通信安全性和可靠性。在身份认证时采用对称密钥算法，减少服务器和客户端的加解密运算时间，提高通信效率。使用安全等级较高的通用可组合安全框架对协议进行分析，结果表明该协议达到通用可组合安全等级。

关键词: 通用可组合安全, 仿真器, 理想函数, 完整性

Abstract: Aiming at the problem that trusted network connect frame specification proposed by Trusted Computing Group(TCG) can not support the applicaition scene of future mobile computing and ubiquitous computing safely and effectively, this paper uses two-way authentication method between server and client during integrity validation and presents a trusted network access and authentication protocol. Symmetric key algorithm is used in the authentication to reduce encrypt time and decrypt time of server and client, and to improve the communication efficiency. It uses a universally composable security framework to analyze the protocol. Results show that this protocol reaches the level of universally composable security.

Key words: universally composable security, simulator, ideal function, integrity

中图分类号: 

• TP309