| 引用本文: | 池亚平,李志鹏,魏占祯,方勇.可信计算授权协议分析与改进[J].哈尔滨工业大学学报,2012,44(3):119.DOI:10.11918/j.issn.0367-6234.2012.03.023 |
| CHI Ya-ping,LI Zhi-peng,WEI Zhan-zhen,FANG Yong.Analysis and improvement of trusted computing authorization protocol[J].Journal of Harbin Institute of Technology,2012,44(3):119.DOI:10.11918/j.issn.0367-6234.2012.03.023 |
|
| 摘要: |
| 针对TCG授权协议OIAP和OSAP的安全缺陷、功能重叠等问题,提出了一种新的可信计算授权协议(OICAP).该协议通过引入Diffie-Hellman密钥交换算法产生的会话密钥保证其机密性,适用于多个实体,能够抗重放攻击,保证了通信数据的完整性和机密性.通过对新授权协议进行BAN逻辑分析,表明该协议能够达到预期效果. |
| 关键词: 可信计算 授权协议 DH算法 重放攻击 BAN逻辑 |
| DOI:10.11918/j.issn.0367-6234.2012.03.023 |
| 分类号:TG146 |
| 基金项目:国家自然科学基金资助项目(60951001),北京市自然科学基金资助项目(4102057), 国家科技支撑计划重点资助项目(2009BAH52B06). |
|
| Analysis and improvement of trusted computing authorization protocol |
|
CHI Ya-ping,LI Zhi-peng,WEI Zhan-zhen,FANG Yong
|
| Abstract: |
| To overcome the problems that there are unsafe loopholes, functional duplication in TCG authorization protocols, a new trusted computing authorization protocol is proposed in the paper, in which the session key is introduced in the new protocol generated by Diffie_Hellman algorithm to guarantee its confidentiality. The new protocol can provide the function of anti-replay attack and can be applied to multiple entities. It can also guarantee the communication integrity and confidentiality of data effectively. The security properties are analyzed and verified by BAN logic in the paper. |
| Key words: Trusted Computing authorization protocol Diffie_Hellman algorithm replay attack BAN logic |
