摘要： 基于可信计算技术，设计可信匿名认证协议，实现用户与服务器间的双向身份认证以及服务器对用户平台的可信性评估。服务器通过为可信用户颁发可多次使用的授权接入证书，以提高工作效率，降低可信平台模块的度量负载。在通用可组合安全模型下的验证结果表明，该协议安全可信，具有高效性、可控性、跨域性等特点。

关键词: 可信计算, 认证协议, 可信网络, 通用可组合安全模型

Abstract: This paper designs a trusted anonymous authentication protocol based on trusted computing technology. The protocol can achieve the two-way authentication between users and server. The server can achieve the trusted assessment of user trusted platform, the trusted user is awarded the authorization certificate from server, and the certificate is issued once for repeated usage. This method improves the efficiency of server and reduces the load measurement of trusted platform module. Verification result under Universally Composable(UC) security model shows that this protocol has safety and trustworthy, and it has the characteristics of efficiency, controllability, cross-domain.

Key words: trusted computing, authentication protocol, trusted network, Universally Composable(UC) security model

中图分类号: 

• TP393.08