Research On Dynamic Remote Attestation In Trusted Computing

Trusted Computing is a new type of computer architecture. Remote attestation is one of the critical functions, which is to ensure credible state before two nodes interact each other. Due to low performance, poor extensibility and leaking privacy, the solution method of attestation in TCG is becoming bottleneck to widespread of Trusted Computing, especially, property attestation of run-time environment and behavior measurement of application program are the main difficult problems in the trusted remote attestation.The paper studies dynamic remote attestation base on trusted computing.(1) To improve encryption efficiency of storage data, such as configuration file, security policy file and so on, data sealing based on hybrid encryption is proposed in TCG Software Stack (TSS).(2) Dynamic Properties Attestation (DPA) is proposed, which overcomes the problem of static and privacy exposure.(3)After security attributes of the platform is attested, Attestation of Measurement Action Information Base (AM_AIB) is proposed to attest behavior. Application of trusted remote attestation is analyzed and designed in the Digital Rights Management (DRM). The main contributions of the paper are as follows:(1) The time of sealing and unsealing in TSS increases almost linearly along with the size of encryption data, and it is suitable only for smaller datasets. The reason is that the RSA keys mechanism restrict the speed of trusted computing. Therefore, applying hybrid key mechanism into trusted computing is proposed, which can improve the performance of cryptographic modules. Analysis shows that the improved method can reduce encryption time effectively and encrypt mass data with little cost. Application program can select the suitable sealing function according to the size of sealed data. The process of sealing file and working principle of TSS are illustrated through one sealed program based on Trusted Computing, which show the mutual relationship among application program, TCS and TPM terminal.(2) Binary attestation and property-based attestation are two kinds of remote attestation. The former verifies the integrity of remote computing platform or application and can reflect real-time status of the system. The latter can conceal information about the platform configuration of hardware and software or application, but cannot get dynamic runtime properties. Combining with advantages of the two methods, Dynamic Property Attestation (DPA) protocol is proposed. For using service, attestor must be checked whether it satisfies certain property requirements through comparing PCR (Platform Configuration Register) value of certificate with real-time PCR values by verifier. The protocol is demonstrated in detail, and its security is analyzed. Experiment verifications show that the scheme has improved the efficiency and credibility of remote attestation.(3) After the remote challenger attests security properties of the platform and software, behavior of each other should be verified, therefore, by means of the short calculated characteristics of Merkle hash tree, behavior dynamic attestation is proposed based on Merkle hash tree. The method can verify security only by calculating the root_hash value of client in attestation process, which can protect the privacy of the client. The model of AM_AIB can also be designed by different granularity according to characteristics of behavior and environment use variety of ways. The experimental results show that the method improves the time performance, protects the platform privacy, has flexible validation way, overcomes the static feature and ensures platform application software is running credibly.(4) Theory of trusted remote attestation is applied to DRM, the protocol is designed among RS (Right Server), CS(Content Server) and user. DAA(Direct Anonymous Attestation) way is used in mutual identity attestation; DH (Diffie-Hellman) key protocol into the integrity reporting protocol is integrated between RS and user; DPA is used in attestation between RS and DRM Controller, behavior of real-time system is monitored by AM_AIB; the relevant protocol is designed among content download, right negotiation and rights package. Security analysis shows that the method is undeniable, ensures integrity and confidentiality of DRM content with RO (Rights Object), and prevents attacks to CS and RS.In summary, the dynamic remote attestation based on trusted computing is discussed and analyzed from TSS, DPA, AM_AIB and its application on DRM. In theory, the models are formalized and the security is analyzed. In experiment, trusted computing platform on the Linux Operation System is built for test and analysis. The principal achievements of the paper present a new approach for the design and implementation of trusted remote attestation.