中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Subject: Computer Science (provided by Thomson Reuters)
Title:
TPM可迁移密钥安全性分析与研究
Alternative Title: security analysis and research on tpm migratable key
Author: 张倩颖 ; 赵世军 ; 冯登国
Keyword: 可信平台模块 ; 可迁移密钥 ; 安全性分析 ; 密钥迁移
Source: 小型微型计算机系统
Issued Date: 2012
Volume: 33, Issue:10, Pages:2188-2193
Indexed Type: CNKI ; CSCD ; WANFANG
Department: 中国科学院软件研究所;
Sponsorship: 国家自然科学基金项目(91118006)资助
Abstract: TPM密钥迁移机制使密钥按照迁移特性分为了可迁移密钥和不可迁移密钥两类,本文深入分析可迁移密钥的安全性,指出可迁移密钥存在的安全问题.首先,利用密钥迁移机制,TPM所有者能将TPM内部可迁移密钥以迁移块的形式导出,解密迁移块能获得可迁移密钥私钥.其次,TPM用户能通过密钥迁移机制将非TPM产生的用户可控密钥构造成迁移块,作为迁移密钥导入到TPM内部.此外,用户使用TPM密钥加载命令能将非TPM产生的用户可控密钥作为TPM产生的可迁移密钥加载到TPM中.在对TPM规范理论分析的基础上,本文从技术角度给出了攻击可迁移密钥安全性的实现方法,并对部分安全问题提出了解决方案.通过分析,本文指出TPM提供密钥迁移机制的同时,也降低了可迁移密钥的安全保护强度.因此,用户在使用可迁移密钥时,应增强安全意识,在安全要求高的操作中尽量不要使用TPM可迁移密钥.
English Abstract: TPM key migration mechanism put keys into two categories in accordance with the migration characteristics.This paper gives a deep security analysis of TPM migratable keys,and points out some security flaws about TPM key migration.First,by key migration mechanism,the TPM owner can export a migratable key in the form of migration blob,decrypt the blob,and get the plaintext of the TPM private key.Second,a TPM user can use TPM key migration mechanism to import a non-TPM generated key blob into TPM.Third,a TPM user can construct a loadable blob of a non-TPM generated key,and then load it into TPM by the TPM key loading command.On the basis of analyzing the TPM specification theoretically,we give an attack in technical view,and propose a solution to one of the security problems.The analysis indicates that the TPM key migration mechanism,in spite of improving key interoperability between TPMs,reduces the security strength of the migratable key.Therefore,TPM users must think over the security weaknesses when using migratable keys,and do not use migratable keys in security critical operation as far as possible.
Language: 中文
Citation statistics:
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/15381
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
张倩颖,赵世军,冯登国. TPM可迁移密钥安全性分析与研究[J]. 小型微型计算机系统,2012-01-01,33(10):2188-2193.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[张倩颖]'s Articles
[赵世军]'s Articles
[冯登国]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[张倩颖]‘s Articles
[赵世军]‘s Articles
[冯登国]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace