Trusted computing platform login authentication scheme based on CPK

doi:10.3778/j.issn.1002-8331.2010.01.029

Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (1): 90-94.DOI: 10.3778/j.issn.1002-8331.2010.01.029

• 网络、通信、安全 • Previous Articles Next Articles

Trusted computing platform login authentication scheme based on CPK

MA Yu-chi，ZHAO Yuan，DENG Yi-qun，LI Yi-fa

Department of Applied Mathematics，Information Engineering Institute，PLA Information Engineering University，Zhengzhou 450002，China

Received:2008-07-10 Revised:2008-11-10 Online:2010-01-01 Published:2010-01-01
Contact: MA Yu-chi

基于CPK的可信平台用户登录认证方案

马宇驰，赵远，邓依群，李益发

解放军信息工程大学信息工程学院应用数学系，郑州 450002

通讯作者: 马宇驰

Abstract

Abstract: Identity authentication for user login is very important to the operation system，and is the basis for building the trus-ted computing environment.The related technology of authentication is discussed.The theory of CPK（Combination of Public Key） is introduced.In addition，according to the standards of the Trusted Computing Group（TCG），using CPK and dynamic authentication code technology，a trusted computing platform login authentication scheme based on CPK is proposed.The scheme is double ingredient，separates authentication and warrant strictly.This paper not only shows a heuristic analysis about the characteristic and security of the scheme，but also，in strand space model，proves the security of the scheme，which indicates the scheme is more secure than the corresponding scheme presented in TCG standard.

Key words: trusted computing, Combination of Public Key（CPK）, identity authentication, trusted login, strand space model

摘要： 用户登录身份认证是建立操作系统可信性的一个非常重要的环节，是建立可信计算环境的基础。首先讨论了认证的相关技术，介绍了CPK（组合公钥）原理，然后根据可信计算组织的规范，利用CPK算法和动态验证码的技术，提出了一种基于CPK的可信平台用户登录认证方案，该方案属于双因素认证方案，将认证和授权严格分开，并启发式分析了方案的特色和安全，最后在串空间模型下证明了方案的安全性，取得了比TCG标准中引用的方案更好的性能。

关键词: 可信计算, 组合公钥（CPK）, 身份认证, 可信登录, 串空间模型

CLC Number:

TP311

MA Yu-chi，ZHAO Yuan，DENG Yi-qun，LI Yi-fa. Trusted computing platform login authentication scheme based on CPK[J]. Computer Engineering and Applications, 2010, 46(1): 90-94.

马宇驰，赵远，邓依群，李益发. 基于CPK的可信平台用户登录认证方案[J]. 计算机工程与应用, 2010, 46(1): 90-94.

[1]	HE Liwen, HOU Xiaoyu, TANG Chengcheng, ZHOU Rui, ZHANG Xingning. Rootkit Universality Detection Method for Heterogeneous BIOS Environments [J]. Computer Engineering and Applications, 2019, 55(23): 105-112.
[2]	XIAO Meihua, LI Wei, LI Yanan, MEI Yingtian. Security communication framework of DICOM protocol based on PACS cloud [J]. Computer Engineering and Applications, 2018, 54(7): 107-113.
[3]	WANG Yong1，2, SHANG Wenli2, ZHAO Jianming2, WAN Ming2, YUAN Weiwei1. Design of embedded trusted computing platform based on TPM [J]. Computer Engineering and Applications, 2018, 54(13): 105-110.
[4]	MA Liang, QIAN Xuezhong. Research on critical path of Web service call based on trusted computing [J]. Computer Engineering and Applications, 2016, 52(3): 230-235.
[5]	ZHANG Gang, SHI Runhua, ZHONG Hong. Anonymous authentication scheme based on identity in VANET [J]. Computer Engineering and Applications, 2016, 52(17): 101-106.
[6]	DENG Fei1, ZHU Ying2. Mutual password-based client/server authentication protocol [J]. Computer Engineering and Applications, 2015, 51(20): 72-76.
[7]	SHANG Jing, XU Kaiyong, YANG Qichao. Trusted boot for computer centralized control system-oriented architecture [J]. Computer Engineering and Applications, 2015, 51(17): 64-69.
[8]	YU Lei1, WEI Shimin1, ZHUO Zepeng2. Research on consistence of strand parameters for protocol principals in authentication test theory [J]. Computer Engineering and Applications, 2015, 51(13): 86-91.
[9]	ZHAO Bo1，2, FEI Yongkang1，2, XIANG Shuang1，2, LI Yifan1，2. Research and implementation of secure boot mechanism for embedded systems [J]. Computer Engineering and Applications, 2014, 50(10): 72-77.
[10]	YU Lei, WEI Shimin. Analysis on properties for principals’ keys on construction of test components [J]. Computer Engineering and Applications, 2013, 49(6): 114-117.
[11]	CHENG Ge, LI Cong. Research progress of trusted computing environment [J]. Computer Engineering and Applications, 2013, 49(13): 59-64.
[12]	LIU Lan, YUAN Daohua, TONG Xing, WANG Zhonglei. Distributed trusted verification mechanism for trusted computing platform [J]. Computer Engineering and Applications, 2012, 48(2): 99-102.
[13]	CHONG Huifang，WU Zhenqiang，WANG Haiyan. Property-supported self-attestation model and its secure protocol [J]. Computer Engineering and Applications, 2011, 47(7): 110-113.
[14]	GAI Xinmao1，2，SHEN Changxiang2，3，LI Yong2，4，LIU Yi3. Method for layering components towards structured protection [J]. Computer Engineering and Applications, 2011, 47(36): 25-28.
[15]	YANG Bei，WU Zhenqiang，YANG Xiaobo. Multi-level security model based on trusted computing [J]. Computer Engineering and Applications, 2011, 47(27): 122-125.

Trusted computing platform login authentication scheme based on CPK

基于CPK的可信平台用户登录认证方案

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics