Module Property Protocol Based Remote Attestation

Today, the Internet business has the rapid development all over the world. It brings great convenience and unlimited business opportunities. The wide Use of Cloud Computing, Mobile Internet Platform, Wireless Communication System are changing our lives bit by bit. But network security issues have also become the biggest factor to hinder further development of Internet business. The development of Trusted computing is in this context, It can enable computer’s security level from the software level to hardware level and greatly improve the computer platform for privacy and anti-aggressive.Remote attestation in trusted computing is developed to solve the mutual authentication problem when computers are connecting with each other and we call that "trust" issue. Now there are two remote attestation programs:binary remote attestation program and property-based remote attestation program. The first option is to use the Trusted Platform’s platform configuration information PCR to verify the credibility of the computer. This verification process is simple, but this proof will reveal the hardware and software information of host computer to the outside. The second program uses the conversion from configuration to property. It judges the credibility of the user platform by authenticating the property certificate. The disadvantage of this program is low real-time, low credibility of the attribute certificate.The remote attestation based on module attribute make the prove range from the platform level down to the module level and greatly improve the efficiency of the remote proof. But the existing module attribute certification schemes have many deficiencies in the safety and efficiency. This paper proposed a remote attestation program from the security and authentication efficiency of certificate issued. In this paper, make the following three areas of work:1. Summarized and analyzed the existing binary remote attestation program and property-based remote attestation program, pointing out the strengths and weaknesses of existing programs. Introduces module property-based remote attestation program.2. On the basis of original module property-based remote attestation Pro-gram, a new module property-based remote attestation protocol is proposed. The blind signature is used to build the module property signature, which can reduce the risk of Certificate Authorization to be attacked. The virtual sub-group signature is adopted to achieve the privacy of user platform. Relative to the existing programs which used zero-knowledge signature commonly, Signature of the sub-group with higher efficiency.3. A realization of a prototype model of the protocol is given, the module mechanism, computing process and operating efficiency of each component in this model is analyzed.