可信计算平台密钥管理技术及应用
|
摘要
密码技术一直以来都是信息安全领域的重要部分,对致力于从源头上解决信息系统安全问题的可信计算技术来讲,密码技术更是可信计算技术关键机制的基础,是可信计算体系中最重要的核心技术。密钥管理是密码系统的基本要素之一,可信计算平台中密钥管理体系的有效性直接关系着整个可信计算系统的安全性,在整个可信计算体系中占有举足轻重的地位。因此,研究可信计算平台中的密钥管理技术具有重要意义。
论文在深入分析TCG规范中密钥管理相关技术的基础上,重点研究了可信计算平台中所涉及的密码算法、不同类型的密钥和证书及其生成过程、密钥存储结构、密钥使用等技术,并针对现有方案中存在的不足,结合传统信息安全领域中的密钥管理技术,提出了相应的解决方案。本论文的创新性工作主要有以下两点:(1)在对TCG规范中密钥使用技术深入研究的基础上,针对规范中现有的密钥迁移方案的安全性进行了分析,指出了其中存在的不足之处,并结合动态口令认证技术,在密钥迁移过程中引入动态迁移授权数据,提出了一种新的基于动态迁移授权数据的密钥迁移方案。该方案增强了密钥迁移操作的安全性,为用户提供了一种安全性高且易于管理的密钥迁移操作。(2)在对密钥相关技术综合研究的基础上,结合对密钥协商协议的研究和可信计算平台的特性,利用McCullagh-Barreto协议的思想,提出了一个可信计算环境下无PKG的认证密钥协商协议,并通过定性安全分析和形式化的安全性证明方法,证明了该密钥协商协议的正确性和有效性。用形式化方法对协议进行了安全性分析,结果表明该协议具备已知密钥安全性,完善前向保密性及密钥泄露安全性等安全属性。
Cryptography has always been an important part of the information security field. For the trusted computing technology which commits to resolve the information system security from the source, cryptography is the foundation of the key mechanism of trusted computing technology, is the most important core technology of the trusted computing system. As one of the basic elements of cryptography, key management of trusted computing platforms has a direct effective on the entire trusted computing system security and in the entire trusted computing system occupies an important position. Therefore, the study on trusted computing platform key management technology is of great significance.
This thesis is based on the in-depth analysis on key management technologies in the TCG specification and focus on the cryptographic algorithm, different types of keys and certificates and their formation process, key storage structure, the use technologies of key involved in the trusted computing platform, and for the shortcomings in existing programs, combined with the key management techniques in the traditional information security field, put forword the corresponding solution. The innovatives of this thesis have the following two points:
1) On the base of the depth study on the use technology of key in the TCG specifications, this thesis analysis the key migration program in the existing specification and point out the shortcomings, and takes advantage of dynamic password authentication technology and introduces the dynamic migration authorization data, proposes a new key migration scheme based on dynamic migration authorization data. The scheme not only enhances the operational safety of key migration, but also reduces the management complexity of the authorization data and provides a safe and convenient key migration operation.
2) With the study of key agreement protocol the characteristics of the TPM platform based on the comprehensive analysis of the key technologies, combining with McCullagh-Barreto authenticated key agreement protocol, the thesis proposes a TPM platform based authenticated key agreement protocol in trusted computing. Especially, the security properties of the protocol are analyzed in detail in Canetti-Krawczyk model. The results indicate that the protocol has the corresponding security attributes in CK security model such as known key security, perfect forward secrecy, key-compromise impersonation.
论文在深入分析TCG规范中密钥管理相关技术的基础上,重点研究了可信计算平台中所涉及的密码算法、不同类型的密钥和证书及其生成过程、密钥存储结构、密钥使用等技术,并针对现有方案中存在的不足,结合传统信息安全领域中的密钥管理技术,提出了相应的解决方案。本论文的创新性工作主要有以下两点:(1)在对TCG规范中密钥使用技术深入研究的基础上,针对规范中现有的密钥迁移方案的安全性进行了分析,指出了其中存在的不足之处,并结合动态口令认证技术,在密钥迁移过程中引入动态迁移授权数据,提出了一种新的基于动态迁移授权数据的密钥迁移方案。该方案增强了密钥迁移操作的安全性,为用户提供了一种安全性高且易于管理的密钥迁移操作。(2)在对密钥相关技术综合研究的基础上,结合对密钥协商协议的研究和可信计算平台的特性,利用McCullagh-Barreto协议的思想,提出了一个可信计算环境下无PKG的认证密钥协商协议,并通过定性安全分析和形式化的安全性证明方法,证明了该密钥协商协议的正确性和有效性。用形式化方法对协议进行了安全性分析,结果表明该协议具备已知密钥安全性,完善前向保密性及密钥泄露安全性等安全属性。
Cryptography has always been an important part of the information security field. For the trusted computing technology which commits to resolve the information system security from the source, cryptography is the foundation of the key mechanism of trusted computing technology, is the most important core technology of the trusted computing system. As one of the basic elements of cryptography, key management of trusted computing platforms has a direct effective on the entire trusted computing system security and in the entire trusted computing system occupies an important position. Therefore, the study on trusted computing platform key management technology is of great significance.
This thesis is based on the in-depth analysis on key management technologies in the TCG specification and focus on the cryptographic algorithm, different types of keys and certificates and their formation process, key storage structure, the use technologies of key involved in the trusted computing platform, and for the shortcomings in existing programs, combined with the key management techniques in the traditional information security field, put forword the corresponding solution. The innovatives of this thesis have the following two points:
1) On the base of the depth study on the use technology of key in the TCG specifications, this thesis analysis the key migration program in the existing specification and point out the shortcomings, and takes advantage of dynamic password authentication technology and introduces the dynamic migration authorization data, proposes a new key migration scheme based on dynamic migration authorization data. The scheme not only enhances the operational safety of key migration, but also reduces the management complexity of the authorization data and provides a safe and convenient key migration operation.
2) With the study of key agreement protocol the characteristics of the TPM platform based on the comprehensive analysis of the key technologies, combining with McCullagh-Barreto authenticated key agreement protocol, the thesis proposes a TPM platform based authenticated key agreement protocol in trusted computing. Especially, the security properties of the protocol are analyzed in detail in Canetti-Krawczyk model. The results indicate that the protocol has the corresponding security attributes in CK security model such as known key security, perfect forward secrecy, key-compromise impersonation.
引文
[1]沈昌祥,张焕国,冯登国.信息安全综述[J].中国科学.2007,37(2):129-150
[2]沈昌祥.基于可信平台构筑积极防御的信息安全保障框架.信息安全与通信保密,2004
[3]China Information Technology Security Evaluation Center http://www.itsec.gov.cn/jctj/1807.htm
[4]张焕国,罗捷,金刚等,可信计算机技术与应用综述,《计算机安全》,2006.
[5]Trusted Computing Group. TPM Main Specification version 1.2[EB/OL].2003.10. https://www. trustedcomputinggroup.org/
[6]谭良.可信操作系统若干关键问题的研究[D].博士.电子科技大学.2007.6
[7]林宏刚.可信网络连接若干关键技术的研究[D].博士.四川大学.2006.8
[8]Trusted Computing Group:Main Specification Versionl.1b[EB/OL].2002.2 https://www. trustedcomputinggroup.org/
[9]Trusted Computing Group:TCG Specification Architecture Overview[EB/OL].2007.8. https://www. trustedcomputinggroup.org/
[10]杨波.可信计算平台密钥管理机制的应用与研究[D].硕士.西安电子科技大学.2008.2
[11]Mark Ryan. Introduction to the TPM 1.2. University of Birmingham. October 31, 2008.
[12]TCG PC Client Specific Implementation Specification For Convertional BIOS Version 1.2 reversion1.0 July13,2005
[13]陈幼雷.可信计算模型及体系结构研究[D].博士.武汉大学.2006.6
[14]郭传鹏,王宇.可信计算中的密钥管理技术研究[J].计算机与信息技术.2007.11
[15]Trusted Computing Group:TCG Infrastructure Working Group Reference Architecture for Interoperability (Part 1) Specification Version 1.0[EB/OL].2005.6. https://www. trustedcomputinggroup.org/
[16]Trusted Computing Group:Trusted Storage Key Management Services Subgroup [EB/OL].2007.11. https://www. trustedcomputinggroup.org/
[17]中国可信计算工作组.http://www.tcmu.org.cn/
[18]董瑞敏.基于“恒智”芯片的可信计算系统的研究[D].硕士.西安建筑科技大 学.2007.6
[19]Pfred Schneider. Trust Computing in Context[J]. IEEE security and Privacy. Mar, 2007,5 (2)
[20]赵佳.可信认证关键技术研究[D].博士.北京交通大学.2008.5
[21]龙毅宏.可信计算中的数字证书.网络信息安全.2004.10
[22]Trusted Computing Group. TCG Credential Profiles Specification Version 1.1 Revision 1.014[S]. www.trustedcomputinggroup.org.May.2007.
[23]陆建新.可信存储及其在安全数据管理中的应用研究[D].硕士.上海交通大学.2007.12
[24]苏涤生.可信计算开发环境的设计与实现[D].硕士.电子科技大学.2007.5
[25]张淼,杨昌,孙琪,沈志东,张焕国.可信计算中的密钥管理[J].楚雄师范学院学报.2006.9.Vol.21 No.9
[26]Trusted Computing Group. TPM Main Part1 Design Principles Specification Version 1.2[S].www.trustedcomputinggroup.org.Mar.2006.
[27]段斌.基于PKI的可信计算体系研究及其应用[D].博士.湘潭大学.2004.11
[28]许丽星.基于可信计算的手机访问控制研究[D].硕士.西南交通大学.2006.2
[29]赵宇.基于TPM规范的HMAC/SHA-1 IP设计[D].硕士.上海交通大学.2006.12
[30]郭菲菲.可信密码模块的密码方案研究与仿真实现[D].硕士.北京交通大学.2008.5
[31]罗捷,严飞,余发江,张焕国.可信计算平台模块密码机制研究[J].计算机应用.2008.8 Vol.28 No.8
[32]Trusted Computing Group:TCG Software Stack Specification Version 1.2 Levell [EB/OL].2006.1. https://www. trustedcomputinggroup.org/
[33]Trusted Computing Group. TPM specification version 1.2.Part1 Design Principe, Revision103.[EB/OL].2007.5. https://www.trustedcomputinggroup.org/
[34]Trusted Computing Group. TPM specification version 1.2.Part2 TPM Structures, Revision103.[EB/OL].2006.10.
[35]Trusted Computing Group. TPM specification version 1.2.Part3 Commands, Revision103.[EB/OL].2006.10. https://www.trustedcomputinggroup.org/
[36]陈军.可信平台模块安全性分析与应用[D].博士.中国科学院研究生院.2006.3
[37]季晓玉.动态口令双向身份认证系统的研究与实现[D].大连理工大学.硕士.2008.12.
[38]王圣宝,曹珍富,董晓蕾.标准模型下可证安全的身份基认证密钥协商协议[J]. 计算机学报.2007.10.
[39]Boneh D, Franklin M. Identity-based encryption from the Weil pairing. Proceedings of the CRYPTO'01.Lecture Notes in Computer Science 2139. Berlin:Springer-Verlag,2001:213-229
[40]Smart N. An ID-based authenticated key agreement protocol based on the Weil pairing.Electronic Letters,2002,38 (13):630-632
[41]张兴,张晓菲,刘毅,沈昌祥.可信计算授权数据管理与安全协议研究.全国网络与信息安全技术研讨会.2007.7
[42]林闯,彭雪海.可信网络研究[J].计算机学报.2005,5,28(5)
[43]张淼,徐国爱,胡正名,杨义先.可信计算环境下基于主机身份的一次性密钥交换协议[J].电子与信息学报.2007.6..Vo1.29No.6
[44]Gent ry C. Practical identity-based encryption wit hout random oracles// Proceedings of t he EUROCRYPT06, Lecture Notes in Computer Science 4004. Berlin:Springer-Verlag,2006:445-464
[45]McCullagh N, Barreto P S L M. A new two-party identity-based authenticated key agreement. Proceedings of t he CT-RSA'05,Lecture Notes in Computer Science 3376.Berlin:Springer-Verlag,2005:262-274
[46]Z.Cheng, L.Chen, On Security Proof of McCullagh-Barreto's Key Agreement Protocol and its Variants, Cryptology ePrint Archive, http://eprint.iacr.org/2005/201,2005.
[47]Brickell E, Camenisch J, Chen L. Direct Anonymous Attestation[C].Proceedings ofllth ACM Conference on Computer and Communications Security. New York:ACM Press,2004
[48]Ben Smyth, Mark Ryan, Liqun Chen. DAA:Ensuring privacy with corrupt administrators.2008.1
[49]Canetti R and Krawczyk H.Analysis of key-exchange protocol and their use for building secure channels.Proceeding of Eurocrypt 2001, LNCS 2045.Berlin, Springer-Verlag,2001:453-474
[50]李洁,吴振强等.一种改进的直接匿名认证方案[J].计算机应用.2009.29(2009-2):364-366
[51]Bellare M, Canetti R, Krawczyk H.A Modular Approach to the Design and Analysis of Authentication and Key-exchange Protocols[C].Proc.of the 30th Annual ACM Symposium on Theory of Computing.New York:ACM Press,1998:419-428.
[52]ZHOU Yong-Bin, ZHANG Zhen-Feng, FENG Deng-Guo. Analysis and Improvement of a Security-Provable Mutually Authenticated Key Agreement Protocol[J].Journal of Software.2006.4
[53]Popescu C.A Secure Authenticated Key Agreement Protocol. In:Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference, MELECON 2004.
[54]赵菲.认证密钥协商协议的研究[D].硕士.电子科技大学.2007.11
[55]Canetti R and Krawczyk H.Analysis of key-exchange protocol and their use for building secure channels.Proceeding of Eurocrypt 2001, LNCS 2045.Berlin, Springer-Verlag,2001:453-474
[56]Bellare M, Rogaway P.Entity Authentication and Key Distribution.Advances in Cryptology[C].Proceedings of the CRYPTO'93.Berlin:Springer-Verlag,1994
[57]Bellare M, Canetti R, Krawczyk H.A Modular Approach to the Design and Analysis of Authentication and Key-exchange Protocols[C].Proc.of the 30th Annual ACM Symposium on Theory of Computing.New York:ACM Press,1998:419-428.
[2]沈昌祥.基于可信平台构筑积极防御的信息安全保障框架.信息安全与通信保密,2004
[3]China Information Technology Security Evaluation Center http://www.itsec.gov.cn/jctj/1807.htm
[4]张焕国,罗捷,金刚等,可信计算机技术与应用综述,《计算机安全》,2006.
[5]Trusted Computing Group. TPM Main Specification version 1.2[EB/OL].2003.10. https://www. trustedcomputinggroup.org/
[6]谭良.可信操作系统若干关键问题的研究[D].博士.电子科技大学.2007.6
[7]林宏刚.可信网络连接若干关键技术的研究[D].博士.四川大学.2006.8
[8]Trusted Computing Group:Main Specification Versionl.1b[EB/OL].2002.2 https://www. trustedcomputinggroup.org/
[9]Trusted Computing Group:TCG Specification Architecture Overview[EB/OL].2007.8. https://www. trustedcomputinggroup.org/
[10]杨波.可信计算平台密钥管理机制的应用与研究[D].硕士.西安电子科技大学.2008.2
[11]Mark Ryan. Introduction to the TPM 1.2. University of Birmingham. October 31, 2008.
[12]TCG PC Client Specific Implementation Specification For Convertional BIOS Version 1.2 reversion1.0 July13,2005
[13]陈幼雷.可信计算模型及体系结构研究[D].博士.武汉大学.2006.6
[14]郭传鹏,王宇.可信计算中的密钥管理技术研究[J].计算机与信息技术.2007.11
[15]Trusted Computing Group:TCG Infrastructure Working Group Reference Architecture for Interoperability (Part 1) Specification Version 1.0[EB/OL].2005.6. https://www. trustedcomputinggroup.org/
[16]Trusted Computing Group:Trusted Storage Key Management Services Subgroup [EB/OL].2007.11. https://www. trustedcomputinggroup.org/
[17]中国可信计算工作组.http://www.tcmu.org.cn/
[18]董瑞敏.基于“恒智”芯片的可信计算系统的研究[D].硕士.西安建筑科技大 学.2007.6
[19]Pfred Schneider. Trust Computing in Context[J]. IEEE security and Privacy. Mar, 2007,5 (2)
[20]赵佳.可信认证关键技术研究[D].博士.北京交通大学.2008.5
[21]龙毅宏.可信计算中的数字证书.网络信息安全.2004.10
[22]Trusted Computing Group. TCG Credential Profiles Specification Version 1.1 Revision 1.014[S]. www.trustedcomputinggroup.org.May.2007.
[23]陆建新.可信存储及其在安全数据管理中的应用研究[D].硕士.上海交通大学.2007.12
[24]苏涤生.可信计算开发环境的设计与实现[D].硕士.电子科技大学.2007.5
[25]张淼,杨昌,孙琪,沈志东,张焕国.可信计算中的密钥管理[J].楚雄师范学院学报.2006.9.Vol.21 No.9
[26]Trusted Computing Group. TPM Main Part1 Design Principles Specification Version 1.2[S].www.trustedcomputinggroup.org.Mar.2006.
[27]段斌.基于PKI的可信计算体系研究及其应用[D].博士.湘潭大学.2004.11
[28]许丽星.基于可信计算的手机访问控制研究[D].硕士.西南交通大学.2006.2
[29]赵宇.基于TPM规范的HMAC/SHA-1 IP设计[D].硕士.上海交通大学.2006.12
[30]郭菲菲.可信密码模块的密码方案研究与仿真实现[D].硕士.北京交通大学.2008.5
[31]罗捷,严飞,余发江,张焕国.可信计算平台模块密码机制研究[J].计算机应用.2008.8 Vol.28 No.8
[32]Trusted Computing Group:TCG Software Stack Specification Version 1.2 Levell [EB/OL].2006.1. https://www. trustedcomputinggroup.org/
[33]Trusted Computing Group. TPM specification version 1.2.Part1 Design Principe, Revision103.[EB/OL].2007.5. https://www.trustedcomputinggroup.org/
[34]Trusted Computing Group. TPM specification version 1.2.Part2 TPM Structures, Revision103.[EB/OL].2006.10.
[35]Trusted Computing Group. TPM specification version 1.2.Part3 Commands, Revision103.[EB/OL].2006.10. https://www.trustedcomputinggroup.org/
[36]陈军.可信平台模块安全性分析与应用[D].博士.中国科学院研究生院.2006.3
[37]季晓玉.动态口令双向身份认证系统的研究与实现[D].大连理工大学.硕士.2008.12.
[38]王圣宝,曹珍富,董晓蕾.标准模型下可证安全的身份基认证密钥协商协议[J]. 计算机学报.2007.10.
[39]Boneh D, Franklin M. Identity-based encryption from the Weil pairing. Proceedings of the CRYPTO'01.Lecture Notes in Computer Science 2139. Berlin:Springer-Verlag,2001:213-229
[40]Smart N. An ID-based authenticated key agreement protocol based on the Weil pairing.Electronic Letters,2002,38 (13):630-632
[41]张兴,张晓菲,刘毅,沈昌祥.可信计算授权数据管理与安全协议研究.全国网络与信息安全技术研讨会.2007.7
[42]林闯,彭雪海.可信网络研究[J].计算机学报.2005,5,28(5)
[43]张淼,徐国爱,胡正名,杨义先.可信计算环境下基于主机身份的一次性密钥交换协议[J].电子与信息学报.2007.6..Vo1.29No.6
[44]Gent ry C. Practical identity-based encryption wit hout random oracles// Proceedings of t he EUROCRYPT06, Lecture Notes in Computer Science 4004. Berlin:Springer-Verlag,2006:445-464
[45]McCullagh N, Barreto P S L M. A new two-party identity-based authenticated key agreement. Proceedings of t he CT-RSA'05,Lecture Notes in Computer Science 3376.Berlin:Springer-Verlag,2005:262-274
[46]Z.Cheng, L.Chen, On Security Proof of McCullagh-Barreto's Key Agreement Protocol and its Variants, Cryptology ePrint Archive, http://eprint.iacr.org/2005/201,2005.
[47]Brickell E, Camenisch J, Chen L. Direct Anonymous Attestation[C].Proceedings ofllth ACM Conference on Computer and Communications Security. New York:ACM Press,2004
[48]Ben Smyth, Mark Ryan, Liqun Chen. DAA:Ensuring privacy with corrupt administrators.2008.1
[49]Canetti R and Krawczyk H.Analysis of key-exchange protocol and their use for building secure channels.Proceeding of Eurocrypt 2001, LNCS 2045.Berlin, Springer-Verlag,2001:453-474
[50]李洁,吴振强等.一种改进的直接匿名认证方案[J].计算机应用.2009.29(2009-2):364-366
[51]Bellare M, Canetti R, Krawczyk H.A Modular Approach to the Design and Analysis of Authentication and Key-exchange Protocols[C].Proc.of the 30th Annual ACM Symposium on Theory of Computing.New York:ACM Press,1998:419-428.
[52]ZHOU Yong-Bin, ZHANG Zhen-Feng, FENG Deng-Guo. Analysis and Improvement of a Security-Provable Mutually Authenticated Key Agreement Protocol[J].Journal of Software.2006.4
[53]Popescu C.A Secure Authenticated Key Agreement Protocol. In:Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference, MELECON 2004.
[54]赵菲.认证密钥协商协议的研究[D].硕士.电子科技大学.2007.11
[55]Canetti R and Krawczyk H.Analysis of key-exchange protocol and their use for building secure channels.Proceeding of Eurocrypt 2001, LNCS 2045.Berlin, Springer-Verlag,2001:453-474
[56]Bellare M, Rogaway P.Entity Authentication and Key Distribution.Advances in Cryptology[C].Proceedings of the CRYPTO'93.Berlin:Springer-Verlag,1994
[57]Bellare M, Canetti R, Krawczyk H.A Modular Approach to the Design and Analysis of Authentication and Key-exchange Protocols[C].Proc.of the 30th Annual ACM Symposium on Theory of Computing.New York:ACM Press,1998:419-428.