摘要
在IKEv2协议基础上,利用ISO/IEC 9798-3:1998/Amd 1:2010中的认证机制,提出了一种可信计算环境下的IKEv2协议扩展方案,实现了发起者和响应者之间的双向身份认证和平台认证,并建立了它们之间的会话密钥,且与IKEv2协议是向后兼容的,其中可信第三方(TTP)负责它们的身份证书验证、平台证明身份密钥(AIK)证书验证和平台完整性评估,它们的存储完整性度量日志(SML)被加密传输给可信第三方,从而有效地解决了现有可信计算环境下IKE协议扩展方案所存在的问题.此外,利用针对可信网络连接协议的串空间模型证明了该IKEv2协议扩展方案是安全的.
On the basis of the IKEv2,an extended IKEv2 in trusted computing environment based on ISO/IEC 9798-3:1998/Amd 1:2010 is proposed in this paper.It realizes mutual identity authentication and PlatformAuthentication between an initiator and a responder,and establishes session keys between them,and is backward compatible with the IKEv2,where a trusted third party(TTP)is responsible for validating the identity and Attestation Identity Key(AIK)certificates of them,and evaluating the platform integrity of them,and the stored integrity measurement logs(SML)of them are encrypted and sent to the TTP.Thus,it is able to solve the problems of the existing extended IKE protocol for trusted computing environment effectively.Moreover,the extended IKEv2 is proved secure based on the strand space model for trusted network connect protocols.
引文
[1] Kent S,Seo K.RFC 4301.Security architecture for the internet protocol[S].USA:IETF,2005.
[2] Kaufman C,Hoffman P,Nir Y,et al.RFC 7296.Internet key exchange protocol version 2(IKEv2)[S].USA:IETF,2014.
[3] Piper D.RFC 2407,The internet IP security domain ofinterpretationforISAKMP[S]. USA:IETF,1998.
[4] Maughan D,Schneider M,Schertler M.RFC 2408,Internet security association and key management protocol(ISAKMP)[S].USA:IETF,1998.
[5] Harkins D,Carrel D.RFC 2409.The internet key exchange(IKE)[S].USA:IETF,1998.
[6] Kaufman C.RFC 4306,Intern,t key exchange(IKEv2)protocol[S].USA:IETF,2005.
[7] Eronen P,Hoffman P.RFC 4718,IKEv2clarifications and implementation guidelines[S]. USA:IETF,2006.
[8] Kaufman C,Hoffman P,Nir Y,et al.RFC 5996,Internet key exchange protocol version 2(IKEv2)[S].USA:IETF,2010.
[9] TCG.TCG trusted network communications:TNC architecture for interoperability specification version 1.5[EB/OL].(2012-05-07).[2018-04-29].https://trustedcomputinggroup.org/wp-content/uploads/TNC_Architecture_v1_5_r4.pdf.
[10]Xia H D,Kanchana J,Brustoloni J C.Enforcement of security policy compliance in virtual private networks[EB/OL].(2015-11-23).[2018-04-29].http://people.cs.pitt.edu/~hdxia/papers/ssi2005_xia.pdf
[11]Sadeghi A R,Schulz S.Extending IPSec for efficient remote attestation[C]//Proceedings of the 14th international conference on financial cryptography and data security.Tenerife:Springer,2010:150-165.
[12]Abd Aziz N,Setapa S,Udzir N I.Mutual remote attestation in IPSec based VPN[J].International Journal of Cryptology Research,2013,4(1):55-67.
[13]Lai X L.ISO/IEC 9798-3:1998/Amd 1:2010,Information technology security techniques entity authentication mechanisms-Part 3:Entity authentication using a public key algorithm-Amendment 1[S].USA:ISO/IEC,2010.
[14]Xiao Y L,Wang Y M,Pang L J.Verification of trusted network access protocols in the strand space model[J].IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences,2012,E95-A(3):665-668.
[15]Herzog J C.The Diffie-Hellman key-agreement scheme in the strand space model[C]//Proceedings of the 16th IEEE computer security foundations workshop.Pacific,Grove:IEEE Computer Society,2001,(3):234-247.