密码学报2024,Vol.11Issue(1):3-21,19.DOI:10.13868/j.cnki.jcr.000667
虚拟化与密码技术应用:现状与未来
When Virtualization Meets Applied Cryptography:Current Status and Future Trend
摘要
Abstract
Virtualization is a typical technology for resource management.It abstracts computing and storage resources of a computer system into isolated execution environments for multiple indepen-dent user-mode programs or guest virtual machines(VMs).In a virtualization system,cryptography is further applied to protect information,such as data and codes of user-mode programs or guest VMs,against malicious programs,VMs,operating systems,and even the hypervisor,to achieve more security guarantees.On the other hand,the isolated execution environments built based on virtual-ization are used for the secure execution of cryptosystems,providing additional security guarantees for cryptographic implementations and applications.This paper investigates and summarizes the re-lated research advances about integration of virtualization and applied cryptography.Firstly,from the above two perspectives,this paper surveys solutions about integrating virtualization and cryptography in a common computer system(only using CPU and TPM chips without special security features),and summarizes the advantages and disadvantages.Then,considering the recent computer systems supporting trusted execution environments(using CPU with special hardware security features,such as Intel SGX,AMD SEV,ARM TrustZone,etc.),this paper discusses the applied cryptographic tech-nologies and the cryptosystems,and summarizes these research topics.Finally,this paper discusses the future research directions about integrating virtualization and applied cryptography.关键词
虚拟化/密码应用/可信执行环境Key words
virtualization/cryptographic application/trusted execution environment分类
信息技术与安全科学引用本文复制引用
付裕,林璟锵,冯登国..虚拟化与密码技术应用:现状与未来[J].密码学报,2024,11(1):3-21,19.基金项目
国家重点研发计划(2022YFB4501500)National Key Research and Development Program of China(2022YFB4501500) (2022YFB4501500)
