The Research Of Trusted Terminal Interactive System Based On Portable TPM

Along with the development of information technology, people have an increasingly strong reliance on the Internet. A growing tendency for users to provide their confidential information has caused a great potential of danger. Therefore, establishing a safe communication channel has become one of the biggest issues in Information Security.Among all the communication protocols now in practice, TLS is the one, which is simple and easy to deploy. However, the simplicity also has generated a series of safety loopholes. For example, the insufficient authentication of the integrity of the underlying details could lead to the result that the communication channel would be connected to the untrusted terminals. Moreover, when the terminal is attacked or damaged (such as the leakage or loss of private key), the TLS protocol will be not able to detect the problem and therefore could not shut down the communication channel, resulting in the data leakage of the users.The trusted computing can guarantee the safety of the terminal from the bottom, because it starts the measurement of the platform configuration information when the system begins to boot. Through the trusted boot, the transmission of the chain of trust and the remote attestation, the credibility of the terminal could be ensured. However, since the hardware TPM is bound to the single platform, it cannot satisfy users’ need for the security of multi-platforms. And the portable TPM based on usb-key can provide the users with much more user-friendly trusted service and build a user-centered transmission of the chain of trust.Based on the detailed elaboration of the structure of the TLS protocol architecture and implementation principle of PTM, this essay would shed light on the expansion of the handshake process based on the PTM, and propose a secure communication protocol between trusted terminals. It also analyses the concrete content of the improved protocol, the design of the protocol and its implementation.Finally, this essay would implement the function of PTM, and establish trusted channel between client and server. Then we analyze the function structure used in the trusted authentication of TPM emulator and establish the virtualized trusted environment in the Linux system, setting the foundation for the next work plan.