可信计算环境下基于TPM的认证密钥协商协议

基于身份的认证密钥协商协议存在密钥托管、ID管理、ID唯一性和私钥的安全分发等问题，目前的可信计算技术为此提供了很好的解决方案。利用TPM平台中EK和tpmproof唯一性的特点，结合McCullagh-Barreto认证密钥协商协议思想，提出了一个在可信计算环境下基于TPM的认证密钥协商协议，该协议较好地解决了上述基于身份的密钥协商协议所存在的问题。用CK模型对所提协议进行了安全性分析，结果表明该协议具备已知密钥安全性，完善前向保密性及密钥泄露安全性等CK安全模型下相应的安全属性。

TPM-based authenticated key agreement protocol in trusted computing

There are some inherent problems in the identity-based authenticated key agreement protocol：key escrowi,dentity management,unique identity values and secure channel to distribution private key.At present,trusted computing technology provide a good method to solve these problems.With the characteristics of EK and tpmproof keys in the TPM platformc,om-bining with McCullagh-Barreto authenticated key agreement protocolt,he paper proposes a TPM platform based authenticated key agreement protocol in trusted computingt,he protocol provide a better solution to the above mentioned problems of the identity-based authenticated key agreement protocol.Especiallyt,he security properties of the protocol are analyzed in detail in Canetti-Krawczyk model.The results indicate that the protocol has the corresponding security attributes in CK security model such as known key security,perfect forward secrecy,key-compromise impersonation.