主页期刊介绍编委会编辑部服务介绍道德声明在线审稿编委办公编辑办公English
2018-2019年专刊出版计划 微信服务介绍 最新一期:2019年第7期
     
在线出版
各期目录
纸质出版
分辑系列
论文检索
论文排行
综述文章
专刊文章
美文分享
各期封面
E-mail Alerts
RSS
旧版入口
中国科学院软件研究所
  
投稿指南 问题解答 下载区 收费标准 在线投稿
谭良,宋敏.基于Duplication Authority的TPM2.0密钥迁移协议及安全分析.软件学报,2019,30(8):0
基于Duplication Authority的TPM2.0密钥迁移协议及安全分析
TPM2.0 Key Migration-Protocol Based Duplication Authority and Security Analysis
投稿时间:2018-05-25  修订日期:2018-09-21
DOI:10.13328/j.cnki.jos.005761
中文关键词:  可信计算  可信平台模块  密钥层次结构  密钥复制  密钥迁移
英文关键词:trusted computing  trusted platform module  key hierarchy  key duplication  key migration
基金项目:国家自然科学基金(61373162);四川省科技厅重点研发项目(19ZDYF1082);可视化计算与虚拟现实四川省重点实验室项目(KJ201402)
作者单位E-mail
谭良 四川师范大学 计算机科学学院, 四川 成都 610101
中国科学院计算技术研究所, 北京 100190 
tanliang2008cn@126.com 
宋敏 四川师范大学 计算机科学学院, 四川 成都 610101  
摘要点击次数: 422
全文下载次数: 199
中文摘要:
      《TPM-Rev-2.0-Part-1-Architecture-01.38》国际标准允许用户基于密钥复制接口设计迁移协议,此复制接口通过innerwrap和outerwrap为密钥迁移提供机密性、完整性和认证性.但研究发现,基于该复制接口来设计密钥迁移协议存在三个问题:其一是缺少交互双方TPM的相互认证,会导致密钥能够在敌手和TPM间迁移;其二是当迁移密钥的属性encryptedDuplication=0且新父密钥的句柄newParentHandle=TPM_RH_NULL时,复制接口不能实施innerwrap和outerwrap,迁移密钥将以明文传输而造成泄露;其三当新父密钥是对称密钥时,innerwrap中的对称加密密钥以及outerwrap中的密钥种子如何在源TPM与目标TPM之间安全交换,《TPM-Rev-2.0-Part-1-Architecture-01.38》并没有给出具体的解决办法.针对上述问题,本文提出了基于Duplication Authority的密钥迁移协议.该协议以Duplication Authority为认证和控制中心,将密钥迁移过程分为初始化阶段、认证和属性获取阶段以及控制和执行阶段.Duplication Authority通过判定密钥的复制属性和类型、新父密钥的密钥类型和句柄类型来决定迁移流程.我们考虑了各种合理的属性组合,共设计了12种迁移流程.最后对该协议进行了安全分析和实验验证,结果显示,该协议不仅完全满足《TPM-Rev-2.0-Part-1-Architecture-01.38》规范,而且可保证迁移密钥的完整性、机密性和认证性.
英文摘要:
      《TPM-Rev-2.0-Part-1-Architecture-01.38》International Standard allows users to design a migration protocol based on the duplication interface which provides confidentiality,integrity,and authentication for key migration by innerwrap and outerwrap.However,the researchs have found that there are three problems,one is the lack of mutual authentication between the two parties of the interaction TPM,which results in the transfer of keys between adversaries and TPM.The other is that when the property of the duplication key encryptedDuplication=0 and the new parent key handle newParentHandle=TPM_RH_NULL,the duplication interface can not implement innerwrap and outerwrap,the migration key will be transmitted in clear text.The third is that how are the symmetric encryption key in innerwrap and the seed in outerwrap exchanged securely between the source TPM and the target TPM when the new parent key is a symmetric key. "TPM-Rev-2.0-Part-1-Architecture-01.38" did not give a specific solution.In order to solve the above problems,this paper proposes a transfer protocol based on Duplication Authority which uses as the authentication and control center,and the protocol is divided three phases:initialization phase,authentication and attribute acquisition phase and control and execution phase.Duplication Authority determines the migration process by the migration key's duplication attributes and types,the key type and handle type of the new parent key.We considered a combination of various compliance attributes and designed a total of 12 migration processes.Finally,the protocol was analyzed by security and experiments,the results show that the protocol is not only fully compliant with the"TPM-Rev-2.0-Part-1-Architecture-01.38"specification but also meets the requirements of integrity,confidentiality and authenticity for key migration.
HTML  下载PDF全文  查看/发表评论  下载PDF阅读器
 

京公网安备 11040202500064号

主办单位:中国科学院软件研究所 中国计算机学会
编辑部电话:+86-10-62562563 E-mail: jos@iscas.ac.cn
Copyright 中国科学院软件研究所《软件学报》版权所有 All Rights Reserved
本刊全文数据库版权所有,未经许可,不得转载,本刊保留追究法律责任的权利