An Improved Platform Configuration Remote Attestation Mechanism of Group Signatures

doi:10.3969/j.issn.1000-3428.2014.05.021

Computer Engineering

Previous Articles Next Articles

An Improved Platform Configuration Remote Attestation Mechanism of Group Signatures

LI Hong-yu ¹, FU Dong-lai ²

(1. Network Center, Shanxi Finance & Taxation College, Taiyuan 030024, China; 2. Institute of Electronics and Computer Science & Technology, North University of China, Taiyuan 030051, China)

Received:2012-12-13 Online:2014-05-15 Published:2014-05-14

一种改进的组签名平台配置远程证明机制

李宏宇¹，付东来²

(1. 山西省财税专科学校网络中心，太原 030024；2. 中北大学电子与计算机科学技术学院，太原 030051)

作者简介:李宏宇(1979－)，男，硕士，主研方向：网络信息安全，可信计算；付东来(通讯作者)，讲师、博士研究生。
基金资助:
山西省科技攻关计划基金资助项目(20090322004)；中北大学自然科学基金资助项目(2013)。

Abstract

Abstract: In order to improve efficiency, privacy protecting and scalability of remote attestation, a new method to measure the integrity of trusted entities is proposed. The method based on Remote Attestation based on Merkle Hash Tree(RAMT) takes the frequency of trusted entities into account. It leverages multiple techniques including group signatures and dynamic Huffman algorithms. Thus, it reduces dramatically storage space to store measurement log of executables and hides information of specific software and cuts down a length of the path of verification. These algorithms including software distribution, integrity measurement and verification are given and their advantages are described from three aspects including verification efficiency, privacy protection and scalability. Analysis shows the ability of the protection privacy is enhanced. The efficiency and the scalability of the remote attestation are improved highly.

Key words: trusted computing, remote attestation, group signature, Merkle Hash tree, privacy protection, scalability

摘要： 针对远程证明效率低、隐私保护能力及可伸缩性差的问题，提出一种基于可动态调整的非平衡Merkle哈希树的平台配置远程证明机制。借鉴Merkle哈希树远程证明方案，考虑可信实体完整性度量值被请求的概率，综合利用组签名技术和动态Huffman树构造算法的优势，不仅能大幅减少可信实体度量日志的存储空间，屏蔽具体的可信实体的哈希值，而且缩短认证路径长度。给出具体的软件分发算法、完整性度量和验证算法，并从验证效率、隐私保护和可伸缩性3个方面分析算法的优势。分析结果表明，该机制可提高远程证明算法的效率、隐私保护能力及可伸缩性。

关键词: 可信计算, 远程证明, 组签名, Merkle Hash树, 隐私保护, 可伸缩性

CLC Number:

TP309

LI Hong-yu, FU Dong-lai. An Improved Platform Configuration Remote Attestation Mechanism of Group Signatures[J]. Computer Engineering, doi: 10.3969/j.issn.1000-3428.2014.05.021.

李宏宇，付东来. 一种改进的组签名平台配置远程证明机制[J]. 计算机工程, doi: 10.3969/j.issn.1000-3428.2014.05.021.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2014.05.021

http://www.ecice06.com/EN/Y2014/V40/I5/99

References

参考文献 [1] Paul E. Practical Techniques for Operating System Attest- ation[C]//Proceedings of the 1st International Conference on Trusted Computing and Trust in Information Technologies. Villach, Austria: Springer-Verlag, 2008: 258-264. [2] Sailer R, Zhang X L, Jaeger T, et al. Design and Implement- ation of a TCG-based Integrity Measurement Architecture[C]// Proceedings of the 13th USENIX Security Symposium. San Diego, USA: [s. n.], 2004: 168-175. [3] Jaeger T, Sailer R, Shankar U. PRIMA: Policy Reduced Integrity Measurement Architecture[C]//Proceedings of the 11th ACM Symposium on Access Control Models and Technologies. New York, USA: ACM Press, 2006: 336-345. [4] Alsouri S, Dagdelen O, Katzenbeisser S. Group-based Attest- ation: Enhancing Privacy and Management in Remote Attestation[C]//Proceedings of the 3rd International Conf- erence on Trust and Trustworthy Computing. Berlin, Germany: Springer-Verlag, 2010: 541-547. [5] 徐梓耀, 贺也平, 邓灵莉. 一种保护隐私的高效远程验证机制[J]. 软件学报, 2011, 22(2): 339-352. [6] Gu Liang, Ding Xuhua, Deng Huijie, et al. Remote Attestation on Program Execution[C]//Proceedings of 2008 ACM Workshop on Scalable Trusted Computing. New York, USA: ACM Press, 2008: 165-178. [7] Peng Guojun. Dynamic Trustiness Authentication Framework Based on Software’s Behavior Integrity[C]//Proceedings of the 9th International Conference on Young Computer Scientists. Zhangjiajie, China: [s. n.], 2008: 266-271. [8] Loscocco P A, Wilson P W, Pendergrass J A, et al. Linux Kernel Integrity Measurement Using Contextual Inspection[C]// Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing. New York, USA: ACM Press, 2007: 158-164. [9] 谢海涛, 王玉明, 杨宗凯, 等. 自适应Huffman树组密钥更新方案[J]. 华中科技大学学报: 自然科学版, 2009, 37(9): 33-36. [10] 付东来, 彭新光, 陈够喜, 等. 一种高效的平台配置远程证明机制[J]. 计算机工程, 2012, 38(7): 25-27. [11] 付东来, 彭新光, 陈够喜, 等. 动态Huffman树平台配置远程证明方案[J]. 计算机应用, 2012, 32(8): 2275-2279, 2282. [12] Sun Yipin, Feng Zhenqian, Hu Qiaolin. An Efficient Distributed Key Management Scheme for Group-signature Based Anonymous Authentication in VANET[J]. Security and Communication Networks, 2012, 5(1): 79-86. 编辑索书志

[1]	Tianchen QIU, Xiaoying ZHENG, Yongxin ZHU, Songlin FENG. Federated Learning Architecture for Non-IID Data [J]. Computer Engineering, 2023, 49(7): 110-117.
[2]	CHEN Fuan, LIU Yi. Blockchain-based V2G Certificateless Ring Signcryption Privacy Protection Scheme [J]. Computer Engineering, 2023, 49(6): 34-41,52.
[3]	WANG Qun, LI Fujuan, NI Xueli, XIA Lingling, LIANG Guangjun. Research on Blockchain Privacy Protection Mechanism [J]. Computer Engineering, 2023, 49(4): 1-13.
[4]	ZHANG Xiaojun, LIU Qing, ZHENG Shuang, WANG Xin, XUE Jingting, WANG Shixiong. Verifiable Cloud Data Sharing Scheme that Supports Privacy Protection [J]. Computer Engineering, 2023, 49(3): 49-57.
[5]	SU Ruiguo, YANG Jian, QIN Jiwei, WU Xiaoxiong, JIA Zhenhong. Research on Lightweight Consensus Algorithm Based on IoT Blockchain [J]. Computer Engineering, 2023, 49(2): 175-180.
[6]	LI Youhuizi, YU Haitao, YIN Yuyu, GAO Honghao. Cluster Federated Optimization Model Based on Hyperledger Fabric [J]. Computer Engineering, 2023, 49(1): 22-30.
[7]	ZHOU Quanxing, LI Qiuxian, DING Hongfa, FAN Meimei. Efficient Federated Learning Scheme Based on Game Theory Optimization [J]. Computer Engineering, 2022, 48(8): 144-151,159.
[8]	HUANG Huawei, KONG Wei, PENG Xiaowen, ZHENG Zibin. Survey on Blockchain Sharding Technology [J]. Computer Engineering, 2022, 48(6): 1-10.
[9]	CHEN Naiyue, JIN Yi, LI Yidong, CAI Luxin, WEI Yuanmeng. Federated Learning Model with Fairness Based on Blockchain [J]. Computer Engineering, 2022, 48(6): 33-41.
[10]	LI Li, DU Huina, LI Tao. Blockchain Supervisable Privacy Protection Scheme Based on Group Signature and Attribute Encryption [J]. Computer Engineering, 2022, 48(6): 132-138.
[11]	ZHU Liming, DING Xiaobo, GONG Guoqiang. Privacy Protection Method in Continuous Publishing of Graph Data [J]. Computer Engineering, 2022, 48(5): 154-161.
[12]	XU Xin, WEN Mi. Location Privacy Protection Scheme Based on Database-Driven Cognitive Radio Network [J]. Computer Engineering, 2022, 48(2): 164-172.
[13]	ZHANG Xiaodong, CHEN Taowei, YU Yimin. A Blockchain Data Sharing Scheme Based on LWE-CPABE [J]. Computer Engineering, 2022, 48(10): 158-168,175.
[14]	WU Tiantian, YANG Yafang, ZHAO Yunlei. An Authentication Protocol with Conditional Privacy Protection for IoV Communication [J]. Computer Engineering, 2021, 47(6): 14-22.
[15]	LI Qiuxian, ZHOU Quanxing, WANG Zhenlong, DING Hongfa, PAN Qixin. Provable Secure Delegation Computing Protocol Based on Privacy Protection [J]. Computer Engineering, 2021, 47(5): 131-137.

Please choose a citation manager

Content to export

An Improved Platform Configuration Remote Attestation Mechanism of Group Signatures

一种改进的组签名平台配置远程证明机制

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

An Improved Platform Configuration Remote Attestation Mechanism of Group Signatures

一种改进的组签名平台配置远程证明机制

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments