| There are an increasing number of activities carried out on the network in digital age, like e-commerce, e-government, online shopping and social networking. Big data seems to bring much more convenience. However, the negative impact of big data like privacy protection has become increasingly attracted people’s thinking.Trusted computing (TC) technology is proposed by trusted computing group (TCG) to make sure computing as secure and reliable as people expect. Remote attestation is one main function specified by TCG, which provides the evidence of the configuration integrity between two interactive parties. Since TCG v1.2, an anonymous attestation protocol was proposed, called direct anonymous attestation (DAA), which is designed to preserve the user privacy. However, this scheme on one hand is vulnerable to the masquerading attack, on the other hand cannot be practically deployed with existing network protocols. In this paper, we proposed a novel anonymous remote attestation protocol based on the direct anonymous attestation and the transport layer security (TLS) protocol. Base trusted platform module (TPM), we utilized anonymous attestation, integrity reporting and key agreement mechanisms to establish a trusted channel, which provides secure communication, better performance, platform configuration attestation and anonymous identity authentication between the interactive two parties. Security analysis showed that our protocol satisfies anonymity, unforgeability, uncloneability and user-control linkability in identity authentication as well as forward security, resists the replay attack and the masquerading attack.In terms of security analysis, we use the method of formal analysis based Dolev-Yao model, designed protocol into high-level protocol specification language, simulation protocol interaction flow in tool of SPAN, automatically detect potential possible attack paths. Finally, design an analog implementation in the Linux environment and apply our scheme to the UnionPay minipay environment... |
PDF Full Text Request