摘要：

针对在Ad hoc网络平台完整性证明方面存在的缺陷，基于可信计算技术提出一种认证方案。节点间通过直接匿名认证协议进行认证，利用平台配置寄存器值和存储测量日志进行平台证明，确认当前平台状态以及完整性，确保通信过程中节点平台的可信，消除了因平台完整性破坏带来的安全隐患，并且满足Ad hoc网络的动态拓扑和自组织特性。

关键词: Ad hoc网络, 可信计算, 直接匿名认证, 平台完整性

Abstract:

According to the defects of the proof of platform integrity in Ad hoc networks, a new authentication scheme is proposed based on trusted computing technology. Nodes authenticate each other through direct anonymous attestation protocol. The contents of platform configuration register and the stored measurement log are used to confirm the current status and integrity of platform which ensures the trust of the platform, and eliminates the security risk brought by damage of platform integrity. This scheme satisfies the dynamic topology and self-organization of Ad hoc networks.

Key words: Ad hoc networks, trusted computing, direct anonymous authentication, platform integrity

中图分类号: 

• TP309.2