中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Title:
基于可信移动平台的直接匿名证明方案研究
Alternative Title: Research on direct anonymous attestation scheme based on trusted mobile platform
Author: 杨波 ; 冯登国 ; 秦宇 ; 张倩颖 ; 奚瓅 ; 郑昌文
Corresponding Author: Yang, Bo
Keyword: 信息安全 ; 可信计算 ; 可信平台模块 ; 直接匿名证明 ; 移动平台 ; TrustZone ; information security ; trusted computing ; trusted platform module (TPM) ; direct anonymous attestation (DAA) ; mobile platform ; TrustZone
Source: 计算机研究与发展
Issued Date: 2014
Volume: 51, Issue:7, Pages:1436-1445
Indexed Type: EI ; CSCD
Department: 中国科学院软件研究所可信计算与信息保障实验室 北京 100190;中国科学院大学 北京 100190 中国科学院软件研究所可信计算与信息保障实验室 北京 100190 综合信息系统技术国家级重点实验室(中国科学院软件研究所) 北京 100190
Abstract: 可信平台模块(trusted platform module,TPM)采用的直接匿名证明(direct anonymous attestation,DAA)方法实现了对平台身份的匿名远程证明.然而对于具有匿名远程证明高需求的移动平台,目前仍然没有通用高效的DAA解决方案框架.针对上述问题,提出了一种适用于可信移动平台的DAA方案框架,框架充分考虑了移动应用背景,结合若干基于椭圆曲线的DAA (ECC-DAA)方案重新设计,首次提出匿名凭证嵌入和再次获取凭证功能,符合TPM 2.0技术和接口标准规范.给出了基于TrustZone安全技术和TPM Emulator实现的可信移动平台体系结构.对4种ECC-DAA方案和3种椭圆曲线进行了对比、实现和分析,实验表明,框架能够良好兼容DAA方案和曲线,具有较高的计算速度.
English Abstract: Direct anonymous attestation (DAA) adopted by trusted platform module (TPM) provides a platform with remote anonymous identity attestation. However, there is currently no universal and efficient DAA solution frame for mobile platform, while remote anonymous attestation is evidently required by mobile devices. To address this issue, we propose a DAA scheme frame applied for trusted mobile platform. By fully considering the background of mobile applications, we design the frame according to several elliptic curve based DAA (ECC-DAA) schemes, and adapt the frame to TPM 2.0 API and technology specification. The entity of mobile device manufacture as well as credential embedding and rejoining procedures are added into the frame and the revocation procedure is redesigned accordingly. Moreover, we present the architecture of trusted mobile platform based on TrustZone and TPM Emulator, which acts as one of important entities of the frame. The issues about sensitive information management and credential revocation are discussed. Four kinds of ECC-DAA schemes including CF08, BCL08, BL10 and CPS10 and three kinds of elliptic curves including MNT, BN and super singular curve are finally compared, implemented and analyzed. The experiment results indicate that the frame can be well compatible with these schemes and curves with high-speed computing performance.
Language: 中文
Citation statistics:
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/16727
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
杨波,冯登国,秦宇,等. 基于可信移动平台的直接匿名证明方案研究[J]. 计算机研究与发展,2014-01-01,51(7):1436-1445.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[杨波]'s Articles
[冯登国]'s Articles
[秦宇]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[杨波]‘s Articles
[冯登国]‘s Articles
[秦宇]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace