计算机工程 ›› 2012, Vol. 38 ›› Issue (06): 123-125.doi: 10.3969/j.issn.1000-3428.2012.06.040

• 安全技术 • 上一篇    下一篇

基于混合加密的可信软件栈数据封装方案

闫建红 1,2,彭新光 1   

  1. (1. 太原理工大学计算机科学与技术学院,太原 030024;2. 太原师范学院计算机系,太原 030012)
  • 收稿日期:2011-07-20 出版日期:2012-03-20 发布日期:2012-03-20
  • 作者简介:闫建红(1972-),女,博士研究生、CCF会员,主研方向:网络安全,可信计算;彭新光(通讯作者),博士、博士生导师
  • 基金项目:
    山西省自然科学基金资助项目(2009011022-2);山西省留学基金资助项目(2009-28)

Data Encapsulation Scheme in Trusted Software Stack Based on Hybrid Encryption

YAN Jian-hong 1,2, PENG Xin-guang 1   

  1. (1. College of Computer Science and Technology, Taiyuan University of Technology, Taiyuan 030024, China; 2. Department of Computer Science, Taiyuan Normal University, Taiyuan 030012, China)
  • Received:2011-07-20 Online:2012-03-20 Published:2012-03-20

摘要: 可信计算的RSA密钥机制会制约运算速度。为此,提出一种基于混合加密的可信软件栈数据封装方案。介绍可信软件栈的结构以及密封过程和解封过程,改进可信密码模块功能函数。实验结果表明,该方案能减少加密时间,适用于较大数据量的密封,能在较小性能损失的情况下,保障用户数据安全。

关键词: 可信计算, 数据封装, 混合加密, 可信软件栈, 平台状态寄存器

Abstract: The RSA key mechanism of Trusted Computing(TC) restricts encryption speed. In order to reduce time, hybrid key mechanism of data seal base on Trusted Software Stack(TSS) is proposed. The structure of TSS is introduced, the process of sealing and unsealing is illustrated and function of Trusted Platform Module(TPM) is improved. Experimental results show that the scheme can reduce the encryption time and it is suitable for encryption of mass data and can wrap data for protecting privacy efficiently with little cost.

Key words: Trusted Computing(TC), data encapsulation, hybrid encryption, Trusted Software Stack(TSS), Platform Configuration Registers (PCR)

中图分类号: