Trusted Computing Platform Key Management Technology And Applications

Cryptography has always been an important part of the information security field. For the trusted computing technology which commits to resolve the information system security from the source, cryptography is the foundation of the key mechanism of trusted computing technology, is the most important core technology of the trusted computing system. As one of the basic elements of cryptography, key management of trusted computing platforms has a direct effective on the entire trusted computing system security and in the entire trusted computing system occupies an important position. Therefore, the study on trusted computing platform key management technology is of great significance.This thesis is based on the in-depth analysis on key management technologies in the TCG specification and focus on the cryptographic algorithm, different types of keys and certificates and their formation process, key storage structure, the use technologies of key involved in the trusted computing platform, and for the shortcomings in existing programs, combined with the key management techniques in the traditional information security field, put forword the corresponding solution. The innovatives of this thesis have the following two points:1) On the base of the depth study on the use technology of key in the TCG specifications, this thesis analysis the key migration program in the existing specification and point out the shortcomings, and takes advantage of dynamic password authentication technology and introduces the dynamic migration authorization data, proposes a new key migration scheme based on dynamic migration authorization data. The scheme not only enhances the operational safety of key migration, but also reduces the management complexity of the authorization data and provides a safe and convenient key migration operation.2) With the study of key agreement protocol the characteristics of the TPM platform based on the comprehensive analysis of the key technologies, combining with McCullagh-Barreto authenticated key agreement protocol, the thesis proposes a TPM platform based authenticated key agreement protocol in trusted computing. Especially, the security properties of the protocol are analyzed in detail in Canetti-Krawczyk model. The results indicate that the protocol has the corresponding security attributes in CK security model such as known key security, perfect forward secrecy, key-compromise impersonation.