基于TPM的强身份认证协议研究

doi:10.3969/j.issn.1000-3428.2012.04.008

计算机工程 ›› 2012, Vol. 38 ›› Issue (04): 23-27. doi: 10.3969/j.issn.1000-3428.2012.04.008

基于TPM的强身份认证协议研究

徐贤 ¹，龙宇 ²，毛贤平²

(1. 华东理工大学计算机科学与工程系，上海 200237；2. 上海交通大学计算机科学与工程系，上海 200240)

收稿日期:2011-07-20 出版日期:2012-02-20 发布日期:2012-02-20
作者简介:徐贤(1979－)，男，副教授、博士，主研方向：分布式计算，并发控制理论，信息安全；龙宇，讲师、博士；毛贤平，博士研究生
基金资助:
国家自然科学基金资助项目(60903020, 60903189, 607 73094)；国家“863”计划基金资助项目(2008AA01Z403)；上海市曙光计划基金资助项目(07SG32)

Research on TPM-based Strong ID Authentication Protocol

XU Xian¹, LONG Yu ², MAO Xian-ping ²

(1. Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai 200237, China; 2. Department of Computer Science and Engineering, Shanghai Jiaotong University, Shanghai 200240, China)

Received:2011-07-20 Online:2012-02-20 Published:2012-02-20

摘要/Abstract

摘要： 根据可信计算领域中对身份认证的要求，提出一种基于TPM的强身份认证协议。介绍可信平台模块架构，给出其支持的密钥类型，按照进程理论建立协议模型，阐述协议扩展方案，包括引入PCR挑战、实现跨平台认证，并采用网络开发技术加以实现。实验结果表明，该协议可有效对用户身份进行验证。

关键词: 可信平台模块, 数字签名, 公钥加密, Java平台

Abstract: In terms of the requirement of ID authentication in trusted computing filed, this paper proposes a Trusted Platform Module(TPM)- based strong ID authentication protocol. TPM is reviewed as well as the types of keys supported and their relationship. A mathematical model of the protocol using the formal method of process theory is designed. The extension of the protocol is discussed, including Platform Configuration Register(PCR) challenging and implementing platform independence. An application scenario of the protocol by network development technology is implemented. Experimental results show the protocol can authenticate users’ ID effectively.

Key words: Trusted Platform Module(TPM), digital signature, public key encryption, Java platform

中图分类号:

TP309

徐贤, 龙宇, 毛贤平. 基于TPM的强身份认证协议研究[J]. 计算机工程, 2012, 38(04): 23-27.

XU Xian, LONG Yu, MAO Xian-Beng. Research on TPM-based Strong ID Authentication Protocol[J]. Computer Engineering, 2012, 38(04): 23-27.

http://www.ecice06.com/CN/Y2012/V38/I04/23

参考文献

[1] Trusted Computing Group. TCG Specification Architecture Over- view[EB/OL]. (2007-11-21). http://www.mendeley.com/research/ tcg-specification-architecture-overview/.
[2] Edward L. Cyber Physical Systems: Design Challenges[EB/OL]. (2010-11-21). http://www.eecs.berkeley.edu/Pubs/TechRpts/2008/ EECS-2008-8.html.
[3] Smith S W. Trusted Computing Platforms: Design and Appli- cations[M]. [S. l.]: Springer-Verlag, 2005.
[4] Gallery E. Trusted Computing[M]. [S. l.]: IEEE Press, 2005.
[5] Balacheff B, Chen Liqun, Pearson S, et al. Trusted Computing Platforms: TCPA Technology in Context[M]. [S. l.]: Prentice Hall, 2003.
[6] Kinney S. Trusted Platform Module Basics: Using TPM in Embedded Systems[M]. [S. l.]: Elsevier, 2006.
[7] Trusted Computing Group. Cloud Computing and Security——A Natural Match[EB/OL]. (2010-09-21). http://www.trusted-computing- group.org.
[8] Hanna S. A Security Analysis of Cloud Computing[EB/OL]. (2010-12-21). http://cloudcomputing.sys-con.com/node/1203943.
[9] Challener D, Yoder K, Catherman R, et al. A Practical Guide to Trusted Computing[M]. [S. l.]: IBM Press, 2008.
[10] Stinson D R. Cryptography: Theory and Practice[M]. 3rd ed. [S. l.]: Chapman & Hall, 2005.
[11] Rivest R L, Shamir A, Adelman L M. A Method for Obtaining Digital Signatures and Public-key Cryptosystems[J]. Communi- cations of the ACM, 1978, 21(1):120-126.
[12] National Technical Information Service. 180-2-2002 Specifications for the Secure Hash Standard[S]. 2002.
[13] Milner R. Communication and Concurrency[M]. [S. l.]: Prentice Hall, 1989.
[14] Stallings W. Cryptography and Network Security: Principles and Practice[M]. 5th ed. [S. l.]: Prentice Hall, 2010.
[15] Oracle Corporation. Jsr-000316-2009 Java Platform, Enterprise Edition 6, Specification 6.0[S]. 2009.
[16] MIT CSAIL. TPM/J Developer’s Guide[EB/OL]. (2009-11-21). http://projects.csail.mit.edu/tc/tpmj/DevelopersGuide.html.
[17] Apache Software Foundation. Apache Tomcat 6.0[EB/OL]. (2010- 11-21). http://tomcat.apache.org/tomcat-6.0-doc/setup.html.
[18] Oracle and/or Its Affiliates. MySQL 5.1 Reference Manual[EB/OL]. (2007-11-21). http://dev.mysql.com/doc/refman/5.1/en/.
[19] Apache Software Foundation. Apache Struts 1.3, Spring Frame- work 2.5 and Hibernate 3.2 Reference Documentation[EB/OL]. (2008-01-21). http://www.apache.org/.
[20] Milner R, Parrow J, Walker D. A Calculus of Mobile Processes, Part I and Part II[J]. Information and Computation, 1992, 100(1): 1-77.
[21] 曹爱霞, 赵一鸣. Ad Hoc网络中基于身份的认证密钥交换协议[J]. 计算机工程, 2007, 33(10): 150-152.

选择文件类型/文献管理软件名称

选择包含的内容

基于TPM的强身份认证协议研究

Research on TPM-based Strong ID Authentication Protocol

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	刘期烈, 陈澄. 基于区块链的V2G匿名身份认证方案[J]. 计算机工程, 2021, 47(11): 22-28.
[2]	赵宗渠, 黄鹂娟, 范涛, 马少提. 格上基于KEM的认证密钥交换协议[J]. 计算机工程, 2020, 46(7): 122-128.
[3]	王众, 韩益亮. 基于Niederreiter密码体制的抗量子签密方案[J]. 计算机工程, 2020, 46(5): 193-199.
[4]	廖方圆, 甘植旺. Android系统签名的漏洞分析与检测[J]. 计算机工程, 2019, 45(8): 25-30.
[5]	左黎明,周庆,陈兰兰. 一种可证安全高效无证书短签名方案[J]. 计算机工程, 2019, 45(6): 193-198.
[6]	左黎明, 夏萍萍, 陈祚松. 一种可证安全的短盲签名方案[J]. 计算机工程, 2019, 45(12): 114-118.
[7]	刘红超,缪燕,郝悍勇,杨利兵,吴璠. 基于代理重加密的PostgreSQL系统访问控制方法[J]. 计算机工程, 2018, 44(8): 192-198.
[8]	王勇,张雨菡,洪智,文茹,樊成阳,王鹃. 基于TPM 2.0的内核完整性度量框架[J]. 计算机工程, 2018, 44(3): 166-170,177.
[9]	朱俊,陈琳琳,朱娴,谢玲,韦伟. 面向云计算安全的无证书代理重加密方案[J]. 计算机工程, 2017, 43(8): 8-14.
[10]	冯超逸,赵一鸣. 基于理想格的可证明安全数字签名方案[J]. 计算机工程, 2017, 43(5): 103-107.
[11]	刘雨阳,赵一鸣. 白盒可追踪的属性签名方案[J]. 计算机工程, 2017, 43(4): 126-132,140.
[12]	简春福,谢吉华,金钧华. 云端数字签名技术的研究与应用[J]. 计算机工程, 2017, 43(12): 1-5.
[13]	黄彬,刘广钟,徐明. 基于簇的无线传感器网络安全节点认证协议[J]. 计算机工程, 2016, 42(7): 117-122,128.
[14]	徐海峰,洪璇. 可证明安全的单向可变门限代理重签名方案[J]. 计算机工程, 2016, 42(4): 143-146,154.
[15]	汤永利,王菲菲,闫玺玺,李子臣. 高效可证明安全的无证书签名方案[J]. 计算机工程, 2016, 42(3): 156-160.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于TPM的强身份认证协议研究

Research on TPM-based Strong ID Authentication Protocol

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价