摘要: 可信计算中的一般认证协议完全依赖平台系统配置,因此,在平台软件和系统频繁升级的情况下协议会失效。为解决上述问题,对基于属性的认证协议进行改进,结合不可锻造零知识协议、提交协议和盲签名体制,使改进协议具有更高的安全性。分析结果证明,改进方案可以避免原认证协议的安全隐患,安全性得到提高,计算量仅略有增加。
关键词:
零知识协议,
可信计算,
不可锻造性,
基于属性的认证协议
Abstract: General attestation protocol relies entirely on platform configuration, and it fails when platform updates software and hardware configuration frequently. To overcome the problem, this paper presents an improved property-based attestation protocol scheme, employing cryptographic tools such as non-malleable zero-knowledge protocol, commitment protocol and blind signature scheme. Analysis proves that the protocol can solve the exiting problem with better security, while computing cost only increases by a negligible amount.
Key words:
zero-knowledge protocol,
trusted computing,
non-malleablity,
property-based attestation protocol
中图分类号:
钟翔, 沈为君. 可信计算中基于属性的认证协议改进方案[J]. 计算机工程, 2011, 37(6): 118-120.
ZHONG Xiang, CHEN Wei-Jun. Improved Scheme of Property-based Attestation Protocol in Trusted Computing[J]. Computer Engineering, 2011, 37(6): 118-120.