Research And Application Of Property Attestation Protocol In The Trusted Computing Platform

Platform authentication technology is one of important mechanism of information security, because that the traditional security solutions would work properly only if the underlying computing platform, in particular the operating system is secure. The TCG solution for platform authentication is sometimes called binary attestation which is an approach based on the configuration. However, the binary attestation reveals information about the configuration of a platform in the attest phase, and it increases the burden of the verifier in the verify phase. The property-based attestation is proposed to overcome these problems.Consider the characteristics of property attestation and the group signature, This paper proposes a new property attestation protocol which is called PBA-BW, and it includes Setup, Join, Sign, Verify and Check. It divides the computation between TPM and the host in a secure way, and increases the check phase. It proves the security of this protocol in the standard model and compares with others property attestation protocols. We can see that under the same security requirement the PBA-BW protocol has shorter signature and less computation cost compared with the other property protocols in the phases of join, sign and verify, so the prover and the verifier has the less burden. But in the check phase, the computation cost of the PBA-BW relies on the numbers of the property certificates have been revoked in the CRL and it would increase the burden of the trusted third party.To address the shortcoming of PBA-BW, This paper proposes another property attestation protocol which is called PBA-BB. This protocol is based on the ideas of BB+signature and the zero-knowledge proof, and completea by constructing knowledge proof equations. PBA-BB addresses the problem of PBA-BW that has high computation cost in the phase of check. Compare with the other property protocols, the PBA-BB protocol has shorter signature and less computation cost.In the end of the paper, this paper improves the SSL protocol based on the property attestation. It increases the functionality of platform authentication in the SSL handshake phase. This can solve the problem that the customer’s platform was attacked by malware. Finally, it has the experiment in the the virtual machine of VMware-workstation-7.0.1.227600and SUSE11.2, Tpm_Emulator0.5.1simulate TPM chip and the openssl-0.9.8e.