基于计算平台安全属性的高效远程证明方案.PDF

第43卷 第9期 北 京 工 业 大 学 学 报 Vol.43 No.9 2017年 9月 JOURNAL OF BEIJING UNIVERSITY OFTECHNOLOGY Sept. 2017 基于计算平台安全属性的高效远程证明方案 陈摇 勋,刘吉强,韩摇 臻,邱摇 硕 (北京交通大学智能交通数据安全与隐私保护技术北京市重点实验室,北京摇 100044) 摘摇 要:现有的基于平台安全属性的远程证明方法对认证双方所传输的信息进行了加密,虽然可以实现数据保密, 但认证过程耗时比较长,针对该问题,提出2个基于平台属性的远程证明方案以提高平台属性的验证效率,其中基 于可部分否认的认证方案在远程证明的性能优化方面表现显著,基于Bloom过滤器与Paillier加密的认证方案的性 能提升虽然不如可部分否认的认证方案,但是该方案对所传输的信息能够具备保密特性,这2个认证方案适用于 对远程证明效率要求较高的应用场景,同时能够实现身份认证时对计算平台安全性的检查与校验. 关键词:可信计算;远程证明;平台属性;部分可否认认证 中图分类号:TP301 文献标志码:A 文章编号:0254-0037(2017)09-1357-09 doi:10.11936/ bjutxb2017050033 Effective Remote Attestation Scheme Based on Computing Platform Security Attributes CHEN Xun,LIUJiqiang,HAN Zhen,QIU Shuo (Beijing Key Laboratory of Security and Privacy in Intelligent Transportation,BeijingJiaotong University,Beijing 100044,China) Abstract:The existing platform security attributes鄄based remote attestation method encrypts all the information transmitted between senders and receivers. Although it can achieve data confidentiality,it consumes too much time to complete authentication. Two remote attestation schemes based on platform attributes proposed in this paper can effectively improve the verification efficiency. The performance optimization result from the partial deniable authentication scheme is very significant. Although the performance improvement produced by the Bloom鄄filter鄄with鄄Paillier鄄encryption鄄based authentication scheme is not as remarkable as that of the partial deniable authentication scheme,the Bloom鄄filter鄄with鄄 Paillier鄄encryption鄄based authentication scheme has the confidential characteristics for the transmitted information. Bothauthenticationschemesaresuitab