东南大学学报(自然科学版)2011,Vol.41Issue(6):1158-1164,7.DOI:10.3969/j.issn.1001-0505.2011.06.007
基于密钥隔离的直接匿名证明方案
Key-insulated direct anonymous attestation
摘要
Abstract
To reduce the damage to direct anonymous attestation (DAA) from the key-exposure of platform, a key-insulated DAA (KIDAA) is proposed. First, the lifetime of the system is divided into discrete periods. Then, the secret key of the trusted platform is processed through evolution, a temporary secret key is used to sign a message during the corresponding time period, thus the exposure of the temporary secret key at a given period will not enable an adversary to derive temporary secret keys for the remaining time periods. The secret key is divided into two parts: a helper key and temporary secret key. The former is stored in the trusted platform model (TPM), and the latter is kept by the platform. At the beginning of each time period, the platform can derive the temporary secret key for the current time period under the TPM server. The signature length of scheme is shortened through elliptic curve cryptography (ECC)-based sign algorithm, meanwhile the computational cost of the TPM is reduced. At last, the security in standard model under decision linear (DLIN) assumption and q-strong Diffie-Hellman (q-SDH) assumption is proved, which show that the scheme meets the security requirements of key insulation, variable-anonymity and unlink ability.关键词
直接匿名证明/群签名/前向安全/密钥隔离/双线性映射Key words
direct anonymous attestation/group signature/forward security/key insulation/bilinear map分类
信息技术与安全科学引用本文复制引用
锁琰,乐康,徐小岩,张毓森..基于密钥隔离的直接匿名证明方案[J].东南大学学报(自然科学版),2011,41(6):1158-1164,7.基金项目
国家自然科学基金资助项目(60973135) (60973135)
