強化隱私保護之系統完整性回報系統

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：74

、訪客IP：18.216.19.68

姓名

蘇奕彰(Yi-Zhang Su) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

強化隱私保護之系統完整性回報系統
(Privacy Enhanced Integrity Reporting Scheme)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

隨著科技的快速發展，諸如電子商務與數位版權管理等系統皆被應用在各式各樣存有敏感性資料的儲存平台上，因此在進行交易或使用應用程式前，先行確保運算平台的狀態與完整性是必需的。為了驗證遠端運算平台完整性，可信賴運算集團(trusted computing group)提出了基於可信賴平台模組所設計的完整性回報系統(trusted platform module based integrity reporting scheme)。然而該方法卻無法抵抗偽裝攻擊(masquerading attack)，除此之外，其他可以抵擋偽裝攻擊的一些現有方法卻會遭受金鑰洩漏攻擊(key disclosure attack)。另一類透過Secure Sockets Layer (SSL)或Transport Layer Security (TLS)來建立安全通道並鎖定身份的方法被使用來抵擋偽裝攻擊，但是該類方法卻嚴重缺乏對隱私性的保護。身份相關訊息的洩漏能使攻擊者輕易的進行社交工程攻擊。因此在本論文中，我們提出一個強化隱私保護並成功抵擋偽裝攻擊以及金鑰洩漏攻擊的完整性回報系統。同時，我們也透過對隱私性的保護，大幅降低攻擊者成功進行社交工程攻擊的可能性。

摘要(英)

With the rapid development of information technology, many digital applications take place on heterogeneous platforms storing sensitive data, such as e-commerce, on-line banking, enterprise security, and digital rights management. Ensuring the configurations and system status of the computing platforms is crucial before carrying out the applications. The trusted computing group proposed a trusted platform module based integrity reporting scheme used for verifying the configurations of a remote computing platform. Unfortunately, such scheme is vulnerable to a masquerading attack and existing solutions addressing the masquerading attack however suffered from a key disclosure attack. Alternative identity-based approach had been suggested by employing a secure channel (e.g., the SSL and TLS) for defending the masquerading attack, but the approach however was short of privacy protection. The leakage of identity information may be subject to a social engineering attack. In this thesis, we propose an enhanced integrity reporting scheme with user privacy protection and is free from the masquerading and key disclosure attacks that previous studies are vulnerable to.

關鍵字(中)

★ 完整性回報
★ 隱私性
★ 偽裝攻擊
★ 可信賴平台模組
★ 遠端驗證

關鍵字(英)

★ Integrity reporting
★ Privacy
★ Masquerading attack
★ Trusted Platform Module
★ Remote Attestation

論文目次

1 Introduction 1
1.1 Background of the Research . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Motivation of the Research . . . . . . . . . . . . . . . . . . . . . . . . 2
1.3 Organization of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Preliminary of Trusted Computing and Related Work 7
2.1 Preliminary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.1 Hash Function . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.2 Message Authentication Code and MAC based on Hash Function 7
2.1.3 Counter Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2 Introduction to TPM . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2.1 Functionalities of TPM . . . . . . . . . . . . . . . . . . . . . . 9
2.2.2 Hierarchical Key Management of TPM . . . . . . . . . . . . . 11
2.2.3 Transitive Trust . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.3 Related Work of Integrity Reporting . . . . . . . . . . . . . . . . . . 13
2.3.1 TPM-based Integrity Reporting Schemes . . . . . . . . . . . . 13
2.3.2 Masquerading Attack on Integrity Reporting Schemes . . . . . 14
2.3.3 Integrity Reporting Schemes against Masquerading Attack . . 15
2.3.4 Integrity Reporting Schemes with Secure Communication Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3 Assumptions and the Proposed Scheme 20
3.1 Assumptions and Attack Models . . . . . . . . . . . . . . . . . . . . . 20
3.1.1 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.1.2 Attack Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.2 Definition of Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.2.1 Anonymity . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.2.2 Unlinkability . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.3 Contradiction between Security and User Privacy Protection . . . . . 23
3.4 Issuance of Authentication Token . . . . . . . . . . . . . . . . . . . . 25
3.5 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.5.1 Registration Phase . . . . . . . . . . . . . . . . . . . . . . . . 28
3.5.2 Verification Phase and Transaction Phase . . . . . . . . . . . 29
4 Security Analysis 32
4.1 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4.1.1 Replay Attack . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4.1.2 Collusion Attack . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.1.3 Malware Infection Attack . . . . . . . . . . . . . . . . . . . . 33
4.1.4 Pre-computation Attack . . . . . . . . . . . . . . . . . . . . . 33
4.1.5 Masquerading Attack and Man-in-the-Middle Attack . . . . . 34
4.1.6 Key Disclosure Attack . . . . . . . . . . . . . . . . . . . . . . 34
4.1.7 Security Analysis on Service Provider . . . . . . . . . . . . . . 35
4.1.8 Protection on User Privacy . . . . . . . . . . . . . . . . . . . . 36
4.2 Update of Authentication Token . . . . . . . . . . . . . . . . . . . . . 38
4.3 Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
4.4 Limitation of the Proposed Scheme . . . . . . . . . . . . . . . . . . . 43
5 Conclusions and Future Work 45
Bibliography 47

參考文獻

[1] F. Armknecht, Y. Gasmi, A.R. Sadeghi, P. Stewin, M. Unger, G. Ramunno, and D. Vernizzi, “An Efficient Implementation of Trusted Channels based on
Openssl,” Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, pp. 41-50, 2008.
[2] N. Aziz, N. Udzir, and R. Mahmod, “Extending TLS with Mutual Attestation for Platform Integrity Assurance,” Journal of Communications, vol. 9, no. 1, pp. 63-72, 2014.
[3] B. Bruno, “Automatic Veri_cation of Correspondences for Security Protocols,” Journal of Computer Security vol. 17, no. 4, pp. 363-434, 2009.
[4] E. Brickell, J. Camenisch, and L. Chen, “Direct Anonymous Attestation,” Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132-145, 2004.
[5] B. Balacheff, L. Chen, S. Pearson, D. Plaquin, and G. Proudler, “Trusted
Computing Platforms,” Hewlett-Packard Company, 2003.
[6] W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644-654, 1976.
[7] T. Dierks and E. Rescorla, “The Transport Layer Security (TLS) Protocol
Version 1.2,” IETF RFC 5246, 2008.
[8] A. Freier, P. Karlton, and P. Kocher, “The Secure Sockets Layer (SSL) Protocol Version 3.0,” IETF RFC 6101, 2011.
[9] FIPS 198, “The Keyed-Hash Message Authentication Code (HMAC),” NIST, US Department of Commerce, Washington, D.C., 2002.
[10] K. Goldman, R. Perez, and R. Sailer, “Linking Remote Attestation to Secure Tunnel Endpoints,” Proceedings of the 1st ACM workshop on Scalable Trusted Computing, pp. 21-24, 2006.
Y. Gasmi, A.R. Sadeghi, P. Stewin, M. Unger, and N. Asokan, “Beyond Secure Channels,” Proceedings of the 2007 ACM Workshop on Scalable Trusted
Computing, pp. 30-40, 2007.
[12] ISO/IEC 11889, “Information Technology-Trusted Platform Module,” first edition, 2009.
[13] H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” IETF RFC 2104, 1997.
[14] S. Kent and K. Seo, “Security Architecture for the Internet Protocol,” IETF
RFC 4301, 2005.
[15] M. Dworkin, “Recommendation for Block Cipher Modes of Operation-Methods and Techniques,” http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
2001 Edition.
[16] F.B.M. Nor, K.A. Jalil, and J.L.A. Manan, “Remote User Authentication
Scheme with Hardware-Based Attestation,” Proceedings of 4th International
Conference on Software Engineering and Computer Systems, pp. 437-447, 2009.
[17] B. Parno, “The Trusted Platform Module (TPM) and Sealed Storage,” RSA Laboratories′ Technical Notes, 2007.
[18] C. Song, B. Liu, Y. Xin, Y. Yang, Z. Li, and H. Yin, “A Security-enhanced
Remote Platform Integrity Attestation Scheme,” Proceedings of the 5th International Conference on Wireless Communications, Networking and Mobile
Computing, pp. 4420-4423, 2009.
[19] A.R. Sadeghi and S. Schulz, “Extending IPsec for Efficient Remote Attestation,” Proceedings of the 14th International Conference on Financial Cryptography and Data Security,, pp. 150-165, 2010.
[20] F. Stumpf, O. Tafreschi, P. Roder, and C. Eckert, “A Robust Integrity Reporting Protocol for Remote Attestation,” Proceedings of the 2nd Workshop on
Advances in Trusted Computing, pp. 25-36, 2006.
[21] R. Sailer, X. Zhang, T. Jaeger, and L.V. Doorn, “Design and Implementation of a TCG-based Integrity Measurement Architecture,” Proceedings of 13th USENIX Security Symposium, pp. 16-16, 2004.
[22] T. Wu, “The Secure Remote Password Protocol,” Proceedings of the Internet Society Network and Distributed Systems Security Symposium, pp. 97-111, 1998.
[23] L. Zhu, Z. Zhang, L. Liao, and C. Guo, “A Secure Robust Integrity Reporting Protocol of Trusted Computing for Remote Attestation under Fully Adaptive Party Corruptions,” Proceedings of Future Wireless Networks and Information Systems, vol. 143 of Lecture Notes in Electrical Engineering, pp. 211-217, 2012.

指導教授

顏嵩銘(Sung-Ming Yen)

審核日期

2017-7-25

推文