| 基于可信平台模块的虚拟单调计数器研究 |
| |
| 引用本文: | 李昊,秦宇,冯登国.基于可信平台模块的虚拟单调计数器研究[J].计算机研究与发展,2011,48(3). |
| |
| 作者姓名: | 李昊 秦宇 冯登国 |
| |
| 作者单位: | 1. 信息安全国家重点实验室(中国科学院软件研究所),北京,100190
2. 信息安全共性技术国家工程研究中心,北京,100190 |
| |
| 基金项目: | 国家"八六三"高技术研究发展计划基金项目,国家科技支撑计划基金项目,中国科学院知识创新工程领域前沿项目 |
| |
| 摘 要: | 分析了存储中常见的重放攻击问题,提出一种基于可信平台模块TPM构造虚拟单调计数器的方案以阻止重放攻击.该方案基于TPM提供的硬件计数器、传输会话与私钥保护3种机制建立起虚拟计数器管理器(virtual counter manager,VCM),再由VCM构造和管理虚拟单调计数器.同时提出了一种VCM恶意行为检测算法,用以确保VCM的可信性,使得该方案的安全性仅依赖于TPM的防篡改性.最后,通过实验分析,提出了2个性能改进方案,以确保方案的可行性.
|
| 关 键 词: | 可信计算 重放攻击 可信平台模块 单调计数器 传输会话 |
Virtual Monotonic Counters Using Trusted Platform Module |
| |
| Li Hao,Qin Yu,Feng Dengguo.Virtual Monotonic Counters Using Trusted Platform Module[J].Journal of Computer Research and Development,2011,48(3). |
| |
| Authors: | Li Hao Qin Yu Feng Dengguo |
| |
| Affiliation: | Li Hao,Qin Yu,and Feng Dengguo(State Key Laboratory of Information Security(Institute of Software,Chinese Academy of Sciences),Beijing 100190)(National Engineering Research Center of Information Security,Beijing 100190) |
| |
| Abstract: | Any security storage system needs to address at least three security issues:confidentiality,integrity and freshness.Of these,freshness is the most challenging problem.However,the traditional software-based solutions themselves are on the storage device,such as a hard disk.Hence,they can not solve the problem.The attacker can replay the whole disk data using an out-of-date image of hard disk.Thus,the only solution to this problem would be to employ some form of irreversible state change.In this paper,we anal... |
| |
| Keywords: | trusted computing replay attack TPM monotonic counter transport session |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
