作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2011, Vol. 37 ›› Issue (6): 118-120. doi: 10.3969/j.issn.1000-3428.2011.06.041

• 安全技术 • 上一篇    下一篇

可信计算中基于属性的认证协议改进方案

钟 翔,沈为君   

  1. (复旦大学软件学院,上海 201203)
  • 出版日期:2011-03-20 发布日期:2011-03-29
  • 作者简介:钟 翔(1983-),男,硕士研究生,主研方向:密码学,信息安全;沈为君,硕士研究生

Improved Scheme of Property-based Attestation Protocol in Trusted Computing

ZHONG Xiang, SHEN Wei-jun   

  1. (School of Software, Fudan University, Shanghai 201203, China)
  • Online:2011-03-20 Published:2011-03-29

摘要: 可信计算中的一般认证协议完全依赖平台系统配置,因此,在平台软件和系统频繁升级的情况下协议会失效。为解决上述问题,对基于属性的认证协议进行改进,结合不可锻造零知识协议、提交协议和盲签名体制,使改进协议具有更高的安全性。分析结果证明,改进方案可以避免原认证协议的安全隐患,安全性得到提高,计算量仅略有增加。

关键词: 零知识协议, 可信计算, 不可锻造性, 基于属性的认证协议

Abstract: General attestation protocol relies entirely on platform configuration, and it fails when platform updates software and hardware configuration frequently. To overcome the problem, this paper presents an improved property-based attestation protocol scheme, employing cryptographic tools such as non-malleable zero-knowledge protocol, commitment protocol and blind signature scheme. Analysis proves that the protocol can solve the exiting problem with better security, while computing cost only increases by a negligible amount.

Key words: zero-knowledge protocol, trusted computing, non-malleablity, property-based attestation protocol

中图分类号: