基于可信移动平台的直接匿名证明方案研究

发布时间：2018-05-15 02:12

本文选题：信息安全 + 可信计算　；参考：《计算机研究与发展》2014年07期

【摘要】：可信平台模块(trusted platform module,TPM)采用的直接匿名证明(direct anonymous attestation,DAA)方法实现了对平台身份的匿名远程证明.然而对于具有匿名远程证明高需求的移动平台,目前仍然没有通用高效的DAA解决方案框架.针对上述问题,提出了一种适用于可信移动平台的DAA方案框架,框架充分考虑了移动应用背景,结合若干基于椭圆曲线的DAA(ECC-DAA)方案重新设计,首次提出匿名凭证嵌入和再次获取凭证功能,符合TPM 2.0技术和接口标准规范.给出了基于TrustZone安全技术和TPM Emulator实现的可信移动平台体系结构.对4种ECC-DAA方案和3种椭圆曲线进行了对比、实现和分析,实验表明,框架能够良好兼容DAA方案和曲线,具有较高的计算速度.
[Abstract]:The trusted platform module (TPM) uses the direct anonymous attestation (DAA) method to realize the anonymous remote authentication of the platform identity. However, there is still no universal and efficient DAA solution framework for mobile platforms with high demand for anonymous remote certification. In order to solve the above problems, a DAA scheme framework for trusted mobile platform is proposed. The framework takes full account of the mobile application background and redesigns several DAACC-DAA schemes based on elliptic curves. It is the first time that anonymous credentials are embedded and re-acquired, which conforms to TPM 2.0 technology and interface standard specification. A trusted mobile platform architecture based on TrustZone security technology and TPM Emulator implementation is presented. Four ECC-DAA schemes and three elliptic curves are compared, implemented and analyzed. The experimental results show that the framework can be well compatible with DAA schemes and curves, and has a high calculation speed.
【作者单位】：中国科学院软件研究所可信计算与信息保障实验室;中国科学院大学;综合信息系统技术国家级重点实验室(中国科学院软件研究所);
【基金】：国家自然科学基金重大研究计划项目(91118006) 国家“九七三”重点基础研究发展计划基金项目(2013CB338003)
【分类号】：TN918.4

【参考文献】