降低可信賴平台模組計算需求之直接匿名遠程證實協定

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：38

、訪客IP：18.223.172.252

姓名

許文洋(Wen-Yang Hsu) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

降低可信賴平台模組計算需求之直接匿名遠程證實協定
(Improved Direct Anonymous Attestation with Less Trusted Platform Module Computation)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

隨著數位服務的蓬勃發展，服務提供者必須先確認使用者平台的可信賴性 (Trustworthiness)，以避免使用者對數位服務做未經授權的轉移或分享。可信賴計算組織 (Trusted Computing Group) 一直致力於推廣使用者藉由一個防竄改 (Tamper-resistant) 的硬體安全模組，稱作可信賴平台模組 (Trusted Platform Module) 建立可信賴計算平台 (Trusted Platform)，以保護服務提供者的數位財產權。可信賴平台模組被安裝在使用者平台的主機板上，並且執行平台狀況與軟體完整性的測量，將測量的結果儲存於其內部暫存器之中。

遠端證實協定 (Remote Attestation) 得以讓服務提供者要求使用者提出由可信任平台模組執行的檢查結果，並且利用此結果來評估使用者平台的可信任性。然而，一般的遠端證實協定並沒有考量使用者的隱私性，使得服務提供者可以在網路上追蹤使用者的行蹤，甚至連結使用者在網路上的身分。

直接匿名遠程證實協定 (Direct Anonymous Attestation) 是由Brickell等人所提出，是一項能達到匿名性並且不需要線上公正第三方協助的解決方案。然而Brickell等人所提出的解決方案對計算能力受限的可信賴平台模組而言，其計算複雜度甚鉅。學者陳提出了輕量化可信賴平台模組的直接匿名遠程證實協定。在本論文中，我們承襲了陳的精神，持續對可信賴平台模組的計算進行簡化，最後得到一個可信賴平台模組計算複雜度需求遠低於陳的方案之新協定。

摘要(英)

With rapid development of electronic service, service provider must confirm user′s computing platform whether it is trustworthy that protects digital product from being abused.

Trusted computing group makes efforts to establish a trusted computing platform through a tamper-resistant cryptographic chip, namely trusted platform module (TPM). The TPM, which is embedded on the motherboard of a host platform, measures the software and hardware configurations and stores the measurement results in internal registers. Remote attestation enables a
verifier (i.e., service provider) to request a prover (i.e., user′s computing platform with TPM) which returns the measurement results used for justifying the trustworthiness.
However, a classical remote attestation scheme did not considerthe user′s privacy that allows the verifier to learn information about all user′s transactions on the Internet.

Direct anonymous attestation (DAA) scheme, which was first proposed by Brickell et al., is a promising solution used to address the privacy issues without employing an on-line trusted third party (i.e., an on-line certificate authority). However,the Brickell et al. DAA scheme incurs a considerably computational overhead for a resource-constraint TPM. Chen proposed a lightweight DAA scheme requiring less TPM
computation. In this thesis, we propose an improved DAA scheme based on the Chen′s DAA scheme, and our proposed DAA scheme is more efficient than the Chen′s DAA scheme in computational complexity of the TPM.

關鍵字(中)

★ 直接匿名遠程證實協定
★ 可信賴平台模組
★ 運算效率

關鍵字(英)

★ Direct Anonymous Attestation
★ Trusted Platform Module
★ Efficiency

論文目次

1 Introduction .......................................1
1.1 Introduction and Motivation.......................1
1.2 Overview of the Thesis............................3
2 Preliminary ........................................6
2.1 Introduction to Trusted Platform Module...............6
2.1.1 Architecture of Trusted Platform Module.............6
2.1.2 The Chain of Trust in TPM...................7
2.1.3 Remote Attestation by Using TPM...............8
2.2 DAA Model................................8
2.3 DAA Requirement............................10
2.4 Formal DAA Specication and Security Model.............11
2.5 Bilinear Map...............................14
2.6 The Boneh-Boyen Signature Scheme..................14
2.7 Boneh,Boyen,and Shacham′s Signature Scheme............15
3 Related Work 17
3.1 The First DAA Scheme from BilinearMap...............17
3.1.1 Cryptographic Assumption....................18
3.1.2 The Camenisch-Lysyanskaya Signature Scheme........18
3.1.3 Brickell et al. DAA Scheme...................19
3.2 Chen′s DAA Scheme...........................22
3.2.1 Cryptographic Assumption....................22
3.2.2 Chen′s DAAScheme.......................22
3.3 Revocation Consideration in DAA Schemes...............25
4 The Proposed DAA Scheme 27
4.1 Security Assumption...........................28
4.2 Proposed Scheme.............................28
4.3 Security Analysis.............................30
5 Performance Comparison 37
6 Conclusions 41
6.1 Brief Review and Main Contribution..................41
6.2 Future Work................................41
Bibliography 44

參考文獻

[1] G. Ateniese, G. Tsudik, and D. Song, "Quasi-Efficient Revocation of Group
Signatures," Proc. of Financial Cryptography′02, LNCS Vol.2357, pp.183-197, 2003.
[2] M. Backes, M. Maffei, and D. Nruh, "Zero-knowledge in the Applied Pi-calculus
and Automated Verification of the Direct Anonymous Attestation Protocol," Proc. of IEEE Symposiumon Security and Privacy, IEEE Computer Society, pp. 202-215, 2008.
[3] D. Boneh and X. Boyen, "Short Signatures without Random Oracles," Proc.of EUROCRYPT′04, LNCS Vol.3027, pp.56-73, 2004.
[4] D. Boneh and H. Shacham, "Group Signatures with Verifier-Local Revocation,"Proc. of the 11th ACM conferenceon Computer and Communications Security- CCS′04, pp.168-177, 2004.
[5] D. Boneh, X. Boyen, and H. Shacham, "Short Group Signatures," Proc.of CRYPTO′04, LNCS Vol.3152, pp.41-55,2004.
[6] P.S.L.M. Barreto and M. Naehrig, "Pairing-Friendly Elliptic Curves of Prime Order," Selected Areas in Cryptography - SAC′05, LNCS Vol.3897, pp.319-331, 2006.
[7] E. Brickell, "An Efficient Protocol for Anonymously Providing Assurance of the Container of a Private Key," Submitted to the Trusted Computing Group, 2003.
[8] E. Brickell, J. Camenisch,and L. Chen, "Direct Anonymous Attestation," Proc. of the 11th ACM Conference on Computer and Communications Security - CCS′04, pp.132-145, 2004.
[9] E. Brickell, and J. Li, "Enhanced Privacy ID from Bilinear Pairing," Cryptology ePrint Archive, 2009, 95,
http://eprint.iacr.org/.
[10] E. Brickell, L. Chen, and J. Li, "A New Direct Anonymous Attestation Scheme
from Bilinear Maps," Proc. of 1st International Conferenceon Trusted Computing and Trust in Information
Technologies -Trust′08, LNCS Vol.4968, pp. 166-178, 2008.
[11] E. Brickell and J. Li, "Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities," Proc. of the 6th ACM Workshop on Privacy in the Electronic Society -WPES′07, pp.21-30,2007.
[12] E. Brickell, L. Chen, and J. Li, "Simplified Security Notions of Direct Anonymous Attestation and a Concrete Scheme from Pairings," International Journal of Information Security, Vol.8, No.5, pp.315-330, 2009.
[13] D. Chaum and E. VanHeyst, "GroupSignatures," Advance in Cryptography- EUROCRYPT′91, LNCS Vol.547, pp.257-265,
1991.
[14] J. Camenisch and A. Lysyanskaya, "Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials", Proc. of CRYPTO′02, LNCS Vol.2442, pp.61-76, 2002.
[15] J. Camenisch and A. Lysyanskaya, "Signature Schemes and Anonymous Credentials from Bilinear Maps," Proc. of
CRYPTO′04, LNCS Vol.3152, pp.56-72, 2004.
[16] X. Chen and D. Feng, "Direct Anonymous Attestation for Next Generation TPM," Journal of Computers, Vol.3, No.12, pp.43-50, 2008.
[17] L. Chen, D. Page, and N.P. Smart, "On the Design and Implementation of An Efficient DAA Scheme," Proc. of the
9th Smart Card Research and Advanced Application IFIP Conference, LNCS Vol.6035, pp.223-237, 2010.
[18] L. Chen, P. Morrissey, and N.P.Smart, "Pairings in Trusted Computing," Galbraith, S.D., Paterson,K.G. (eds.)-Pairing′08, LNCS Vol.5209, pp.1-17, 2008.
[19] L. Chen, P. Morrissey, and N.P. Smart, "Fixing the Pairing Based Protocols," Cryptology ePrint Archive, 2008, 198, http://eprint.iacr.org/.
[20] L. Chen, "A DAA Scheme Requiring Less TPM Resource," Proc. of the 5th China International Conference on Information Security and Cryptology, LNCS Vol.6151, pp.350-365, 2010.
[21] A. Fiat and A. Shamir, "How to Prove Yourself: Practical Solutions to Identification and Signature Problems," Proc. of CRYPTO′86, LNCS Vol.263, pp.186-194, 1987.
[22] FIPS 180-1, "Secure Hash Standard,"NIST, US Department of Commerce, Washington, D.C., 1995.
[23] G. Frey, M. Muller, and H.Ruck, "The Tate Pairing and the Discrete Logarithm Applied to Elliptic Curve
Cryptosystems," IEEE Transactions on Information Theory, Vol.45, No.5, pp.1717-1718, 1999.
[24] H. Ge and S.R. Tate, "A Direct Anonymous Attestation Scheme for Embedded Devices," Proc of Public Key
Cryptography -PKC′07, LNCS Vol.4450, pp.16-30, 2007.
[25] A. Lysyanskaya, R.L. Rivest, A. Sahai, and S. Wolf, "Pseudonym Systems," Heys, H.M., Adams, C.M.(eds.) -
SAC′99, LNCS Vol.1758, pp.184-199, 2000.
[26] A. Martin, "The Ten-page Introduction to Trusted Computing," TechnicalReport RR-08-11, OUCL, 2008.
[27] M. Jakobsson, K. Sako, and R. Impagliazzo, "Designated Verifiers Proofs and Their Applications," Advance in Cryptography -EUROCRYPT′96, LNCS Vol.1070, pp.143-154, 1996.
[28] V. Miller, "The Weil Pairing, and Its Efficient Calculation," Journal of Cryptology, Vol.17, No.4, pp.235-261, 2004.
[29] B. Paron, "The Trusted Platform Module(TPM) and Sealed Storage," Technical Report, 2007.
[30] M. Ryan, "Introduction to the TPM1.2," Draft, 2009.
[31] R. Rivest, L. Shamir, Y. Tauman, "How to Leak A Secret" Advance in Cryptography -ASIACRYPT′01, LNCS Vol.2248, pp.552-565, 2001.
[32] G. Tsudik and S. Xu, "Accumulating Composites and improved Group Signing," Proc. of Asiacrypt′03, LNCS
Vol.2894, pp.269-286, 2003.
[33] Trusted Computing Group, "TCG Specification Architecture Overview," Trusted computing platform alliance(TCPA) main specification, version1.1a, 2001.
[34] Trusted Computing Group, "TCG Specification Architecture Overview," TCG Specification Revision1.4, 2007.
[35] Trusted Computing Group, "Trusted Platform Module Library Part1: Architecture," Revision 00.96, March 2013.

指導教授

顏嵩銘(Sung-Ming Yen)

審核日期

2016-1-21

推文