抗量子可信计算安全支撑平台技术

随着科技的发展,量子计算机大规模部署逐渐变为可能,基于部分计算困难问题的公钥密码算法将被量子算法有效求解.传统的可信硬件芯片如TCM/TPM等由于广泛使用了RSA、SM3、ECC等公钥密码体制,其安全性将受到严重影响;而绝大部分具有抗量子能力的密码算法并不适配现有TCM/TPM芯片有限的计算能力,因此需要对抗量子可信计...

Technology of Quantum-resistant Trusted Computing Security Support Platform

With the development of science and technology, the deployment of large-scale quantum computers is becoming possible, and the public-key cryptographic algorithms based on some difficult problems will be solved by quantum algorithms effectively. The security of traditional trusted hardware chips such as TCM/TPM will be seriously affected due to the wide use of public-key cryptosystems such as RSA, SM3, and ECC, and most of the quantum-resistant (QR) cryptographic algorithms cannot be implemented on hardware chips with limited computational resources. Therefore, it is necessary to redesign the QR trusted computing platform. In this study, considering the security challenges faced by trusted computing in quantum computing models, we summarize the present situation of QR trusted computing research and propose a QR trusted computing technology system. Combined with the existing post-quantum cryptographic protocol and trusted computing software and hardware technology framework, we transplant the QR cryptographic algorithms and protocol on the trusted computing platform and implement a prototype system of a QR trusted computing security support platform based on TCM. The work includes the design of the primitive root key and QR extensions such as TCM cipher library, remote attestation, and LDAA. Finally, the results of function and performance tests on the emulator for the above TCM modules show that the prototype system is resistant to attacks by quantum algorithms, with acceptable application performance overhead.