TPM 2.0密钥迁移协议研究
|
摘要
国际规范《TPM-Rev-2.0-Part-1-Architecture-01.38》允许用户基于密钥复制接口来设计密钥迁移协议以实现芯片间密钥的共享,并在复制过程中通过innerwrap和outerwrap为复制密钥提供机密性、完整性和认证性.本文首先对规范《TPM-Rev-2.0-Part-1-Architecture-01.38》中密钥复制接口进行了深入分析,讨论了密钥复制接口中innerwrap和outerwrap存在的不足;然后基于密钥复制接口设计了密钥迁移协议,并发现该密钥迁移协议存在的三个问题:(1)是缺少交互双方TPM的相互认证,会导致密钥能够在敌手和TPM间迁移;(2)是当复制密钥的属性encrypted Duplication=0且新父密钥的句柄newParent Handle=TPM_RH_NULL时,复制接口不能实施innerwrap和outerwrap,复制密钥将以明文传输而造成泄露;(3)是当新父密钥是对称密钥时,innerwrap中的对称加密密钥以及outerwrap中的密钥种子如何在源TPM与目标TPM之间安全交换,《TPM-Rev-2.0-Part-1-Architecture-01.38》并没有给出具体的解决办法.最后通过模拟实验证明了这三个问题确实存在.
The international specification " TPM-Rev-2. 0-Part-1-Architecture-01. 38" allows users to design a key migration protocol based on a key duplication interface for sharing of keys between chips,and the duplication key is provided confidentiality,integrity and authentication through innerwrap and outerwrap during duplication. First,in this paper an in-depth analysis of key duplication interfaces is addressed and the deficiencies of innerwrap and outerwrap in the key duplication interface are discussed. Then the key transfer protocol is designed based on the key duplication interface,and three problems of the key transfer protocol are found as follow: one is the lack of mutual authentication between the two parties of the interaction TPM,which results in the transfer of keys between adversaries and TPM; The other is that when the property of the duplication key encrypted Duplication = 0 and the newparent key handle newarent Handle = TPM_RH_NULL,the duplication interface cannot implement innerwrap and outerwrap,the migration key will be transmitted in clear text; Third,when the newparent key is a symmetric key,howare the symmetric encryption key in innerwrap and the seed in outerwrap exchanged securely between the source TPMand the target TPM. " TPM-Rev-2. 0-Part-1-Architecture-01. 38 " did not give a specific solution. Finally,it is proved through simulation experiments that these three problems do exist.
The international specification " TPM-Rev-2. 0-Part-1-Architecture-01. 38" allows users to design a key migration protocol based on a key duplication interface for sharing of keys between chips,and the duplication key is provided confidentiality,integrity and authentication through innerwrap and outerwrap during duplication. First,in this paper an in-depth analysis of key duplication interfaces is addressed and the deficiencies of innerwrap and outerwrap in the key duplication interface are discussed. Then the key transfer protocol is designed based on the key duplication interface,and three problems of the key transfer protocol are found as follow: one is the lack of mutual authentication between the two parties of the interaction TPM,which results in the transfer of keys between adversaries and TPM; The other is that when the property of the duplication key encrypted Duplication = 0 and the newparent key handle newarent Handle = TPM_RH_NULL,the duplication interface cannot implement innerwrap and outerwrap,the migration key will be transmitted in clear text; Third,when the newparent key is a symmetric key,howare the symmetric encryption key in innerwrap and the seed in outerwrap exchanged securely between the source TPMand the target TPM. " TPM-Rev-2. 0-Part-1-Architecture-01. 38 " did not give a specific solution. Finally,it is proved through simulation experiments that these three problems do exist.
引文
[1]Feng Deng-guo,Qin Yu,Wang Dan,et al.Research on trusted computing technology[J].Journal of Computer Research and Development,2011,48(8):1332-1349.
[2]Yu F,Zhang H,Zhao B,et al.A formal analysis of trusted platform module 2.0 hash-based message authentication code authorization under digital rights management scenario[J].Security&Communication Netw orks,2016,9(15):2802-2815.
[3]Zhang Huan-guo,Han Wen-bao,Lai Xue-jia.Cyberspace security review[J].Scientia Sinica Informationis,2016,46(2):125-164.
[4]Will Arthur,David Challener.A practical guide to TPM 2.0:using the trusted platform module in the new age of security[M].Beijing:M achinery Industry Press,2017.
[5]Tan Liang,Chen Ju.Remote attestation project of the running environment of the trusted terminal[J].Journal of Softw are,2014,25(6):1273-1290.
[6]Hu Ling-bi,Tan Liang.Research on the trusted virtual platform remote attestation method in cloud computing[J/OL].Journal of Softw are,https://doi.org/10.13328/j.cnki.jos.005264,2018-07-08.
[7]Liu Lei.Cryptographic service platform based on trusted computing technology[J].Journal of Information Security Research,2017,3(4):305-309.
[8]An Ning-yu,Zhao Bao-hua,Wang Zhi-hao.An overview of trusted computing structure specification[J].Journal of Information Security,2017,3(4):299-304.
[9]Feng Deng-guo.Trusted computing theory and practice[M].Beijing:Tsinghua University Press,2013.
[10]Chen Jun.Security analysis of trusted platform module and applica tion[D].Beijing:Institute of Computing Technology Chinese Academy of Sciences,2006.
[11]Xu Shi-wei,Zhang Huan-guo.Formal security analysison trusted platform module based on appliedπcalculus[J].Journal of Computer Research and Development,2011,48(8):1421-1429.
[12]Zhang Qian-ying,Zhao Shi-jun,Feng Deng-guo.Security analysis and research on TPM migratable key[J].Journal of Chinese Computer Systems,2012,33(10):2188-2193.
[13]Shao J,Feng D,Qin Y.Type-based analysisof protected storage in the TPM[M].Information and Communications Security,Springer International Publishing,2013:135-150.
[14]Zhang Q Y,Zhao S J,Qin Y,et al.Formal analysis of TPM2.0 key management APIs[J].Science Bulletin,2014,59(32):4210-4224.
[15]Xu Yang,Zhao Bo,Milan·Heinayati.Security enhancement of key duplication in TPM2.0[J].Journal of Wuhan University(Natural Science Edition),2014,60(6):471-477.
[16]Zhang Qian-ying,Feng Deng-guo,Zhao Shi-jun.Design and formal analysis of TCM key migration protocols[J].Journal of Softw are,2015,26(9):2396-2417.
[1]冯登国,秦宇,汪丹,等.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349.
[3]张焕国,韩文报,来学嘉,等.网络空间安全综述[J].中国科学:信息科学,2016,46(2):125-164.
[4]威尔·亚瑟,大卫·查林纳.TPM 2.0原理及应用指南新安全时代的可信平台模块[M].北京:机械工业出版社,2017.
[5]谭良,陈菊.一种可信终端运行环境远程证明方案[J].软件学报,2014,25(6):1273-1290.
[6]胡玲碧,谭良.云环境中可信虚拟平台的远程证明方案研究[J/OL].软件学报,https://doi.org/10.13328/j.cnki.jos.005264,2018-07-08.
[7]刘磊.基于可信计算技术的密码服务平台[J].信息安全研究,2017,3(4):305-309.
[8]安宁钰,赵保华,王志皓.《可信计算体系结构》标准综述[J].信息安全研究,2017,3(4):299-304.
[9]冯登国.可信计算—理论与实践[M].北京:清华大学出版社,2013.
[10]陈军.可信平台模块安全性分析与应用[D].北京:中国科学院计算技术研究所,2006.
[11]徐士伟,张焕国.基于应用π演算的可信平台模块的安全性形式化分析[J].计算机研究与发展,2011,48(8):1421-1429.
[12]张倩颖,赵世军,冯登国.TPM可迁移密钥安全性分析与研究[J].小型微型计算机系统,2012,33(10):2188-2193.
[15]徐扬,赵波,米兰·黑娜亚提,等.TPM2.0密钥复制安全性增强方案[J].武汉大学学报(理学版),2014,60(6):471-477.
[16]张倩颖,冯登国,赵世军.TCM密钥迁移协议设计及形式化分析[J].软件学报,2015,26(9):2396-2417.
[2]Yu F,Zhang H,Zhao B,et al.A formal analysis of trusted platform module 2.0 hash-based message authentication code authorization under digital rights management scenario[J].Security&Communication Netw orks,2016,9(15):2802-2815.
[3]Zhang Huan-guo,Han Wen-bao,Lai Xue-jia.Cyberspace security review[J].Scientia Sinica Informationis,2016,46(2):125-164.
[4]Will Arthur,David Challener.A practical guide to TPM 2.0:using the trusted platform module in the new age of security[M].Beijing:M achinery Industry Press,2017.
[5]Tan Liang,Chen Ju.Remote attestation project of the running environment of the trusted terminal[J].Journal of Softw are,2014,25(6):1273-1290.
[6]Hu Ling-bi,Tan Liang.Research on the trusted virtual platform remote attestation method in cloud computing[J/OL].Journal of Softw are,https://doi.org/10.13328/j.cnki.jos.005264,2018-07-08.
[7]Liu Lei.Cryptographic service platform based on trusted computing technology[J].Journal of Information Security Research,2017,3(4):305-309.
[8]An Ning-yu,Zhao Bao-hua,Wang Zhi-hao.An overview of trusted computing structure specification[J].Journal of Information Security,2017,3(4):299-304.
[9]Feng Deng-guo.Trusted computing theory and practice[M].Beijing:Tsinghua University Press,2013.
[10]Chen Jun.Security analysis of trusted platform module and applica tion[D].Beijing:Institute of Computing Technology Chinese Academy of Sciences,2006.
[11]Xu Shi-wei,Zhang Huan-guo.Formal security analysison trusted platform module based on appliedπcalculus[J].Journal of Computer Research and Development,2011,48(8):1421-1429.
[12]Zhang Qian-ying,Zhao Shi-jun,Feng Deng-guo.Security analysis and research on TPM migratable key[J].Journal of Chinese Computer Systems,2012,33(10):2188-2193.
[13]Shao J,Feng D,Qin Y.Type-based analysisof protected storage in the TPM[M].Information and Communications Security,Springer International Publishing,2013:135-150.
[14]Zhang Q Y,Zhao S J,Qin Y,et al.Formal analysis of TPM2.0 key management APIs[J].Science Bulletin,2014,59(32):4210-4224.
[15]Xu Yang,Zhao Bo,Milan·Heinayati.Security enhancement of key duplication in TPM2.0[J].Journal of Wuhan University(Natural Science Edition),2014,60(6):471-477.
[16]Zhang Qian-ying,Feng Deng-guo,Zhao Shi-jun.Design and formal analysis of TCM key migration protocols[J].Journal of Softw are,2015,26(9):2396-2417.
[1]冯登国,秦宇,汪丹,等.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349.
[3]张焕国,韩文报,来学嘉,等.网络空间安全综述[J].中国科学:信息科学,2016,46(2):125-164.
[4]威尔·亚瑟,大卫·查林纳.TPM 2.0原理及应用指南新安全时代的可信平台模块[M].北京:机械工业出版社,2017.
[5]谭良,陈菊.一种可信终端运行环境远程证明方案[J].软件学报,2014,25(6):1273-1290.
[6]胡玲碧,谭良.云环境中可信虚拟平台的远程证明方案研究[J/OL].软件学报,https://doi.org/10.13328/j.cnki.jos.005264,2018-07-08.
[7]刘磊.基于可信计算技术的密码服务平台[J].信息安全研究,2017,3(4):305-309.
[8]安宁钰,赵保华,王志皓.《可信计算体系结构》标准综述[J].信息安全研究,2017,3(4):299-304.
[9]冯登国.可信计算—理论与实践[M].北京:清华大学出版社,2013.
[10]陈军.可信平台模块安全性分析与应用[D].北京:中国科学院计算技术研究所,2006.
[11]徐士伟,张焕国.基于应用π演算的可信平台模块的安全性形式化分析[J].计算机研究与发展,2011,48(8):1421-1429.
[12]张倩颖,赵世军,冯登国.TPM可迁移密钥安全性分析与研究[J].小型微型计算机系统,2012,33(10):2188-2193.
[15]徐扬,赵波,米兰·黑娜亚提,等.TPM2.0密钥复制安全性增强方案[J].武汉大学学报(理学版),2014,60(6):471-477.
[16]张倩颖,冯登国,赵世军.TCM密钥迁移协议设计及形式化分析[J].软件学报,2015,26(9):2396-2417.