基于完整性度量的端到端可信匿名认证协议

针对目前端到端认证协议只认证平台身份，缺乏对平台可信性的验证，存在安全性的问题。通过改进的ELGamal签名方案，利用可信计算技术，提出了一种基于完整性度量的端到端可信匿名认证协议ETAAP(End-to-end Trusted Anonymous Authentication Protocol)。协议的首轮交互中实现了可信平台真实性验证，在此基础上通过IMC/IMV交互完成对平台完整性验证和平台安全属性的可信性评估，并采用通用可组合安全模型对协议的安全性进行了分析，证明协议是安全的。最后通过实验表明该协议具有较好的性能，可实现基于完整性的端到端可信匿名认证。

End-to-end Trusted Anonymous Authentication Protocol based on Integrity Measurement

Aiming at the end-to-end authentication protocol identity authentication platform, lack of validation platform credibility, safety problem exists . This paper presents a based on integrity measurement end to output of trusted anonymous authentication protocol ETAAP (end-to-end trusted anonymous authentication protocol) by using the modified ElGamal signature scheme and the trusted computing technology. In the first round of the protocol, the protocol implements the authenticity verification of the trusted platform. On this basis, through the IMC/IMV interaction, the protocol completes the integrity verification of the platform and the reliability evaluation of the platform security attributes. Verification result under Universally Composable(UC) security model shows that this protocol has safety and trustworthy. Further experiments show that the protocol has good performance.