| With the rapid development of information technology, computer system has brought great convenience to people’s daily life, so people are more and more dependent on computer. Especially the computer platform’s growing mobility and the more and more vulnerabilities of platform’s software lead to hackers’attack to the users via exploiting these vulnerabilities, therefore more attention to the security of computer platforms should be paid. Now if only software means are used to avoid these potential threats, it will not work. So relying on the solutions of trusted platform with hardware-level has been paid more and more attention.By configuring the user platform with hardware possessing security protection and detection characteristics, the Trusted Computing establishes trusted computing environment which is based on combining hardware and software and strengthens the physical protection ability of the user platform. Meanwhile, the Trusted Computing can guarantee the controllability, authenticity and confidentiality of computing on the user platform. Therefore, the security of procedures and data on the user platform can be guaranteed.Remote attestation is one of the core functions in trusted computing. Through the analysis and research of the existing property-based remote attestation and binary remote attestation, remote attestation protocol based on module property is proposed. The protocol improves the efficiency of remote attestation via setting module attributes which can reduce the range of certificates. The existing property-based remote attestation has the following defects to some extent. There are many independent hosts and corresponding modules in the distributed system operation, and if only a single module is allowed to be proved in the remote attestation procedure between user platform and service provider, then it will bring adverse effect on the whole system. Therefore, in order to solve the problem of poor security and low efficiency in remote attestation, a proxy multi-signature based on elliptic curve discrete logarithm problem of module property remote attestation protocol is proposed.In this protocol, the proxy multi-signature is used to sign and verify the module, which can simplify the process of signature verification and improve the efficiency of the remote attestation. And the proxy multi-signature remote attestation protocol based on the elliptic curve digital signature algorithm greatly improve the safety of the properties’ certificate.The verification of the feasibility of the protocol is presented through experiment. Experimental results show that the scheme can quickly generate the module signature in the trusted platform, improving the efficiency of remote attestation. Meanwhile, the security and privacy and unforgeability of trusted platform can be satisfied. |
PDF Full Text Request