Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (35): 115-118.DOI: 10.3778/j.issn.1002-8331.2010.35.033

• 网络、通信、安全 • Previous Articles     Next Articles

TPM-based authenticated key agreement protocol in trusted computing

WANG Hai-yan,WU Zhen-qiang,CHONG Hui-fang,JIANG Li   

  1. College of Computer Science,Shaanxi Normal University,Xi’an 710062,China
  • Received:2009-04-20 Revised:2009-06-16 Online:2010-12-11 Published:2010-12-11
  • Contact: WANG Hai-yan

可信计算环境下基于TPM的认证密钥协商协议

王海燕,吴振强,种慧芳,蒋 李   

  1. 陕西师范大学 计算机科学学院,西安 710062
  • 通讯作者: 王海燕

Abstract: There are some inherent problems in the identity-based authenticated key agreement protocol:key escrow,identity management,unique identity values and secure channel to distribution private key.At present,trusted computing technology provide a good method to solve these problems.With the characteristics of EK and tpmproof keys in the TPM platform,combining with McCullagh-Barreto authenticated key agreement protocol,the paper proposes a TPM platform based authenticated key agreement protocol in trusted computing,the protocol provide a better solution to the above mentioned problems of the identity-based authenticated key agreement protocol.Especially,the security properties of the protocol are analyzed in detail in Canetti-Krawczyk model.The results indicate that the protocol has the corresponding security attributes in CK security model such as known key security,perfect forward secrecy,key-compromise impersonation.

Key words: trusted computing, key agreement protocol, authenticated key agreement, Canetti-Krawczyk model

摘要: 基于身份的认证密钥协商协议存在密钥托管、ID管理、ID唯一性和私钥的安全分发等问题,目前的可信计算技术为此提供了很好的解决方案。利用TPM平台中EK和tpmproof唯一性的特点,结合McCullagh-Barreto认证密钥协商协议思想,提出了一个在可信计算环境下基于TPM的认证密钥协商协议,该协议较好地解决了上述基于身份的密钥协商协议所存在的问题。用CK模型对所提协议进行了安全性分析,结果表明该协议具备已知密钥安全性,完善前向保密性及密钥泄露安全性等CK安全模型下相应的安全属性。

关键词: 可信计算, 密钥协商协议, 认证密钥协商, Canetti-Krawczyk模型

CLC Number: