Study and design of access authentication protocol based on TPM

doi:10.3778/j.issn.1002-8331.2009.34.024

Computer Engineering and Applications ›› 2009, Vol. 45 ›› Issue (34): 78-81.DOI: 10.3778/j.issn.1002-8331.2009.34.024

• 网络、通信、安全 • Previous Articles Next Articles

Study and design of access authentication protocol based on TPM

SUN Peng，WU Zhen-qiang，FENG De-min，LI Jie，YU Lu

College of Computer Science，Shaanxi Normal University，Xi’an 710062，China

Received:2008-12-10 Revised:2009-03-05 Online:2009-12-01 Published:2009-12-01
Contact: SUN Peng

可信接入鉴别协议的研究与设计

孙鹏，吴振强，冯德民，李洁，于璐

陕西师范大学计算机科学学院，西安 710062

通讯作者: 孙鹏

Abstract

Abstract: WAPI is the national standard designed by China for the WLAN.On the basis of thoroughly researches on the WAI security access of WAPI，this paper proposes an improved WAI based on TPM by using integrity measurement，which is called TWAI.The scheme ensures the security and dependability of every communicating section by the functions of TPM such as local protection and platform attestation.Then this paper analyzes the security with CK model and the trustworthiness.The result indicates that TWAI can achieve the goals such as integrity protection of entitys and two-way authentication，which enhances the security of WAI.

Key words: WLAN Authentication and Privacy Infrastructure（WAPI）, platform integrity authentication, trusted computing, Trusted Platform Module（TPM）

摘要： 在对我国自主制定的无线局域网国家标准WAPI中WAI的安全接入过程分析的基础上，针对该协议存在终端完整性安全隐患，引入完整性度量的思想，提出基于可信平台模块（TPM）的WAI协议方案—TWAI。该方案利用TPM的本地保护和平台证实等功能来保证通信各个环节的安全可靠，并利用CK模型对其过程进行了安全性分析以及可信性分析。分析结果表明，TWAI能够实现终端完整性保护、双向实体认证等安全目标，从而增强了WAI协议运行的安全性。

关键词: 无线局域网鉴别和保密基础结构（WAPI）, 平台完整性认证, 可信计算, 可信平台模块

CLC Number:

TP393

SUN Peng，WU Zhen-qiang，FENG De-min，LI Jie，YU Lu. Study and design of access authentication protocol based on TPM[J]. Computer Engineering and Applications, 2009, 45(34): 78-81.

孙鹏，吴振强，冯德民，李洁，于璐. 可信接入鉴别协议的研究与设计[J]. 计算机工程与应用, 2009, 45(34): 78-81.

[1]	HE Liwen, HOU Xiaoyu, TANG Chengcheng, ZHOU Rui, ZHANG Xingning. Rootkit Universality Detection Method for Heterogeneous BIOS Environments [J]. Computer Engineering and Applications, 2019, 55(23): 105-112.
[2]	WANG Yong1，2, SHANG Wenli2, ZHAO Jianming2, WAN Ming2, YUAN Weiwei1. Design of embedded trusted computing platform based on TPM [J]. Computer Engineering and Applications, 2018, 54(13): 105-110.
[3]	HU Ruhui, ZHANG Qirong. Reasearch of TPM key store management based on identity [J]. Computer Engineering and Applications, 2017, 53(13): 125-128.
[4]	MA Liang, QIAN Xuezhong. Research on critical path of Web service call based on trusted computing [J]. Computer Engineering and Applications, 2016, 52(3): 230-235.
[5]	SHANG Jing, XU Kaiyong, YANG Qichao. Trusted boot for computer centralized control system-oriented architecture [J]. Computer Engineering and Applications, 2015, 51(17): 64-69.
[6]	ZHAO Bo1，2, FEI Yongkang1，2, XIANG Shuang1，2, LI Yifan1，2. Research and implementation of secure boot mechanism for embedded systems [J]. Computer Engineering and Applications, 2014, 50(10): 72-77.
[7]	CHENG Ge, LI Cong. Research progress of trusted computing environment [J]. Computer Engineering and Applications, 2013, 49(13): 59-64.
[8]	LIU Lan, YUAN Daohua, TONG Xing, WANG Zhonglei. Distributed trusted verification mechanism for trusted computing platform [J]. Computer Engineering and Applications, 2012, 48(2): 99-102.
[9]	CHONG Huifang，WU Zhenqiang，WANG Haiyan. Property-supported self-attestation model and its secure protocol [J]. Computer Engineering and Applications, 2011, 47(7): 110-113.
[10]	GAI Xinmao1，2，SHEN Changxiang2，3，LI Yong2，4，LIU Yi3. Method for layering components towards structured protection [J]. Computer Engineering and Applications, 2011, 47(36): 25-28.
[11]	YANG Bei，WU Zhenqiang，YANG Xiaobo. Multi-level security model based on trusted computing [J]. Computer Engineering and Applications, 2011, 47(27): 122-125.
[12]	LI Yong1，LI Guang2，SHEN Changxiang3. Research of trusted channel model [J]. Computer Engineering and Applications, 2011, 47(26): 70-73.
[13]	MA Hua1，ZHANG Hongyu2. Component selection approach combining trust fuzzy evaluation and dynamic clustering [J]. Computer Engineering and Applications, 2011, 47(21): 73-76.
[14]	CHEN Nan，ZHU Jianming . Analysis and design of trusted online banking authentication protocol [J]. Computer Engineering and Applications, 2011, 47(12): 65-68.
[15]	LI Jie，WU Zhen-qiang，YU Lu，SUN Peng. Design of enhanced wireless trusted network accessing attestation model and its protocols [J]. Computer Engineering and Applications, 2010, 46(7): 121-124.

Study and design of access authentication protocol based on TPM

可信接入鉴别协议的研究与设计

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics