【作者】 宋成；

【导师】 胡正名；

【作者基本信息】 北京邮电大学 ， 密码学， 2011， 博士

【摘要】 面临当前计算机网络和信息安全的严峻形势,大部分网络信息安全系统主要是由传统的防火墙、入侵检测和病毒防范等“老三样”被动的防御技术措施组成。防御的办法就是捕捉黑客攻击和病毒入侵的特征信息,但由于该特征信息往往是已发生过的滞后的信息,因而不能够准确科学地预测和判断未来的侵袭变化,更不能防止来自内部和操作层面上的“内患”发生,其结果往往是顾此失彼,防不胜防。为了有效地解决这些问题的根源,变被动防御为主动防御,近十多年来,无论是国内还是国外,无论是学术界还是企业界,可信计算技术一直是信息安全界研究的热点课题之一。目前可信计算技术的研究虽然取得了一些重要的成果,并且这些成果对信息系统安全的发展发挥了重要的作用,但是,由于可信计算技术的研究与实践仍处于发展阶段,还存在研究仍停留在工程技术层面、缺乏成熟理论模型支撑、体系结构不完整、应用操作复杂等问题。本文紧跟可信计算技术研究趋势,针对可信计算平台发展中所存在的若干关键问题展开研究。如何实现方便可靠的可信计算平台的安全存储,如何实现安全有效的可信计算平台远程完整性报告,如何实现高效低耗的可信计算平台直接匿名认证机制等一直是可信计算技术领域重要研究课题。本文从可信计算平台原理、密钥管理机制、远程完整性报告机制和直接匿名认证机制四个方面对可信计算平台进行了详细的研究并提出了新的解决方案。本论文的主要贡献如下：(1)对可信计算平台原理的研究为了对可信计算平台有一个全面的了解和认识以及对可信计算平台中的若干关键技术进行深入的研究,本文中,我们对可信计算平台的核心技术——可信平台模块的组件组成及其各个组件的功能进行综述和分析,对可信计算平台体系架构的层次结构及其各个层次的组成和功能进行了分析和研究,对可信计算平台三大功能原理(安全存储、证明机制及完整性度量、存储和报告)进行了研究和分析,同时列举和分析了可信计算平台封装功能的若干应用场景。(2)对可信计算平台密钥管理机制的研究安全存储可信计算平台重要功能之一,密钥管理技术是安全存储核心技术之一。传统的可信计算平台密钥管理方案是基于RSA的公钥密码体制而设计的,该方法在装载密钥过程中,装载操作的次数跟装载目标对象的父密钥个数成正比,当密钥层次结构比较复杂的情况下,该方法效率较低。本文提出一种基于身份的可信计算平台密钥装载方案,该方法在装载过程中,装载操作的次数与密钥层次的复杂度无关,任何目标对象装载到TPM内部,装载操作的次数不超过两次。如此以来,该方案提高了装载效率,极大的方便了用户的操作,为可信计算安全存储功能的广泛应用起着一定的推动作用。(3)对可信计算平台远程完整性报告机制的研究可信计算平台远程完整性报告是可信计算平台一个重要的功能之一。传统的方案中,远程实体验证终端发送来的完整性报告时,它仅仅判断接收的完整性报告值的安全性,而不能确定具体是哪一个平台发送过来的完整性报告。这样就可能会产生中间人攻击问题：远程实体不能判定与之通信的实体与完整性报告所对应的实体是否是同一个实体。本文提出一种安全加强的可信计算平台完整性报告协议,该协议把远程平台完整性认证协议的流程集成到了SSL/TLS握手协议之中,有效的保证了跟服务器通信的实体与完整性报告对应的实体是同一个实体,从而有效的解决了传统可信计算平台完整性报告的中间人攻击问题,进一步加强了远程认证的安全。(4)对可信计算平台直接匿名认证机制的研究直接匿名认证(Direct Anonymous Attention, DAA)机制通过知识证明的方式向远程实体证明自身的身份,能够在远程平台认证中保护用户隐私。传统的方案计算要求严格、设计复杂、计算量大,对于计算性能较低的设备无法接受,从而阻碍了DAA方案的实施,进而阻碍可信计算技术的进一步普及,限制了其更广泛的应用。本文提出一个改进的基于双线性映射的,以q-SDH假设和DDH假设为安全基础的直接匿名认证方案,该方案需要更低的计算开销,不仅仅适合计算能力强大的PC设备,也适合低计算能力的智能设备(如手机),能够进一步缓解可信平台的计算瓶颈问题。综上所述,论文紧密围绕可信计算平台原理、可信计算平台的密钥管理机制、可信计算平台远程完整性报告机制和可信计算平台直接匿名认证机制等关键技术的研究展开工作,文中分析以及提出的方法和解决方案,对可信计算平台原理的研究和实践及信息安全的理论研究将有积极的意义。更多还原

【Abstract】 Faced with the current grim situation in computer network and information security, most of the network information security systems adopt such passive defensive technologies as the traditional firewall, intrusion detection and virus prevention in order to detect and catch the feature information of hacker attacks and virus intrusion. However, such feature information is usually lagged information that has happened, so that these systems fail to predict and determine the future invasion changes accurately and scientifically, much less to prevent the "inner threat/danger " arising from the inside and the operational level. As a result, those systems always carry with them defects and are inevitably subject to attacks.In order to strike at the root of this problem and defend actively instead of passively, trusted computing technology has always been one of the hot topics in the field of information security for more than one decade, whether at home or abroad, in academic circle or business world. Up to now, the research on trusted computing technology has acquired some fruitful results, which contribute a lot to the development of information system security, however, due to the immature theory and practice of trusted computing technology, there remain some problems like the insufficient research on the technological level, lack of developed theoretical support, incomplete systematic structure, complicated applied implementation, etc. Following the trend of trusted computing technology, this dissertation focuses on some key problems of trusted computing platform in trusted computing development.How to achieve convenient and reliable secure storage for trusted computing platform, how to ensure secure and effective remote integrity reporting for trusted computing platform, how to attain direct anonymous attestation with high efficiency but low cost for trusted computing platform, etc, have invariably been the important research points in the field of trusted computing technology. This dissertation conducts in-depth research into the theory of trusted computing platform and proposes some novel solutions from three aspects:key management, remote integrity reporting, direct anonymous attestation. The main contributions of this dissertation are as follows:(1) Research on the theory of trusted computing platform(TCP).In order to comprehensively know about trusted computing platform and conduct a deep research on some key technologies in trusted computing platform, this dissertation first of all introduces and analyzes the core technology of TCP—components of TCP’s modules(Trusted Platform Module, TPM) and each component’s function, then analyzes and investigates TCP’s hierarchical structure and the construction and function of each level, and finally researches and analyzes the theory of three functionalities of TCP (secure storage, attestation mechanism, integrity measurement, storage and reporting). In the meantime, some applications of TCP seal function are also enumerated and analyzed.(2) Research on key management in trusted computing platform.Secure storage is one of the important functionalities in trusted computing platform, and key management is one of the core technologies of secure storage. The traditional key management scheme for trusted computing platform is RSA-based public key cryptography system. In this scheme, the loading times are the same as the number of the loaded object’s parent objects. When the TPM key storage hierarchy is very complex, the response speed of loading can be lowered. This dissertation proposes an identity-based TPM key loading scheme. In this scheme, key-loading times are is irrelative to the complexity of TPM key storage hierarchy, so the loading times are not more than twice when any target object is loaded into TPM. In this way, this scheme can improve loading efficiency and brings great convenience to users, which may give certain impetus to the wide application of secure storage in TCP.(3) Research on remote integrity reporting in trusted computing platform.Remote integrity reporting is one of the important functionalities in trusted computing platform. In the traditional scheme, when attesting the integrity reporting sent from the terminal, the remote entity can only discern the security of integrity reporting it receives, but it fails to distinguish which Trusted Platform the integrity reporting comes from. As a result, the scheme is easy to suffer a man-in-the-middle(MiTM) attack: the remote entity fails to identify whether the entity with which it communicates is the same as the one involved in the integrity reporting. This dissertation proposes a security-enhanced remote platform integrity reporting protocol. This protocol integrates the process of the remote platform integrity attestation protocol into the SSL/TLS handshake protocol, and ensures that the entity communicating with the server is identical to the one involved in the integrity reporting, which successfully solves the problem of MiTM in the traditional remote integrity reporting in trusted computing platform, and further enhances the security of remote attestation.(4) Research on direct anonymous attestation in trusted computing platform.Direct Anonymous Attestation(DAA) can attest its identity to remote entity by the proof of knowledge, thereby protecting user’s privacy. The traditional DAA scheme is high in requirement, complicated in design and time-consuming that it is unavailable for those equipments with low computing ability, which serves as an obstacle in the application of DAA scheme, and further prevents TCP from widespread usage. This dissertation proposes a new DAA scheme based on bilinear maps under the assumption of q strong Diffie-Hellman and decisional Diffie-Hellman that adapts the limited computational resource of TPM. This scheme can reduce the computational expenses and can efficiently relieve the computation bottleneck of trusted platform, thus making it suitable to be used in equipment with high computing efficiency like PC or intelligent instrument with low computing efficiency like cell phone.To sum up, this dissertation centers on TCP theory and such key technologies as key management system, remote integrity reporting and direct anonymous attestation in TCP. The methods and solutions that have been put forward will have the Positive meaning for the research and practice of TCP theory and information security theory.更多还原