一种TPM2.0密钥迁移协议及安全分析

doi:10.3969/j.issn.0372-2112.2019.07.008

电子学报 ›› 2019, Vol. 47 ›› Issue (7): 1449-1464.DOI: 10.3969/j.issn.0372-2112.2019.07.008

一种TPM2.0密钥迁移协议及安全分析

宋敏¹, 谭良^1,2

1. 四川师范大学计算机科学学院, 四川成都 610101;
2. 中国科学院计算技术研究所, 北京 100190

收稿日期:2018-06-11 修回日期:2018-11-12 出版日期:2019-07-25
- 作者简介:
- 宋敏女.1994年6月生,四川宜宾人.现于四川师范大学计算机科学学院攻读硕士.主要研究方向:可信计算,信息安全.E-mail:songxiao8@yeah.net;谭良男.1972年3月生,四川泸州人,博士,教授.现为四川师范大学继续教育学院副院长.研究方向为可信计算、网络安全.
- 基金资助:
- 国家自然科学基金 (No.61373162）; 四川省科技支撑项目 (No.2014GZ0007）; 可视化计算与虚拟现实四川省重点实验室项目 (No.KJ201402）

A TPM2.0 Key Migration Protocol and Security Analysis

SONG Min¹, TAN Liang^1,2

1. College of Computer Science, Sichuan Normal University, Chengdu, Sichuan 610101, China;
2. Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190, China

Received:2018-06-11 Revised:2018-11-12 Online:2019-07-25 Published:2019-07-25

摘要/Abstract

摘要： 国际规范《TPM-Rev-2.0-Part-1-Architecture-01.38》允许用户基于密钥复制接口来设计密钥迁移协议以实现芯片间密钥的共享，并在复制过程中通过innerwrap和outerwrap为复制密钥提供机密性、完整性和认证性.然而通过分析发现基于密钥复制接口设计的密钥迁移协议存在三个问题：（1）缺少交互双方TPM的相互认证，会导致密钥能够在敌手和TPM间迁移；（2）当复制密钥的属性encryptedDuplication=0且新父密钥的句柄newParentHandle=TPM_RH_NULL时，复制接口不能实施innerwrap和outerwrap，复制密钥将以明文传输而造成泄露；（3）当新父密钥是对称密钥时，innerwrap中的对称加密密钥以及outerwrap中的密钥种子如何在源TPM与目标TPM之间安全交换，《TPM-Rev-2.0-Part-1-Architecture-01.38》并没有给出具体的解决办法.不仅如此，该协议流程还非常复杂，也无法统一，容易导致复制密钥泄露.针对以上问题，本文提出了基于MAK（Migrate Authentication Key）和复制接口的新密钥迁移协议-MDKMP（Make Duplication Key Migration Protocol）.首先在TPM中的SRK下新增只用于TPM密钥迁移的非对称密钥MAK，并申请相应证书-TPM迁移认证证书；然后基于MAK证书和复制接口设计新的TPM密钥迁移协议MDKMP.MDKMP采用两阶段迁移模式，第一阶段将源TPM密钥迁移到目的TPM的MAK下，第二阶段再将密钥迁移到新父密钥下.

关键词: 可信计算, TPM2.0, 迁移证书, 密钥复制, 密钥迁移

Abstract: TPM specification allows users to design key migration protocol to share keys,and the key is provided with confidentiality,integrity and authentication through innerwrap and outerwrap process.However,it is found that there are three problems in this protocol:(1) lack of authentication,which results in the fact that the key can be migrated between adversary and TPM;(2) when encryptedDuplication=0 and newparentHandle=TPM_RH_NULL,it cannot implement innerwrap and outerwrap,the key will be leakaged;(3) when the new parent key is a symmetric key,how will the symmetric encryption key and the seed exchange securely between the source TPM and the target TPM.To solve the above problems,a new key migration protocol MDMKP is proposed.The MDMKP uses a two-phase migration mode.In the first phase,the key is migrated to the MAK of the destination TPM.In the second phase,the key is migrated to the new parent key.

Key words: trusted computing, TPM2.0, migration certificate, key duplication, key migration

中图分类号:

TP309

宋敏, 谭良. 一种TPM2.0密钥迁移协议及安全分析[J]. 电子学报, 2019, 47(7): 1449-1464.

SONG Min, TAN Liang. A TPM2.0 Key Migration Protocol and Security Analysis[J]. Acta Electronica Sinica, 2019, 47(7): 1449-1464.

参考文献

[1] 冯登国,秦宇,汪丹,等.可信计算技术研究[J].计算机研究与发展,2011,48(8):1332-1349. FENG Deng-guo,QIN Yu,WANG Dan,et al.Research on trusted computing technology[J].Journal of Computer Research and Development,2011,48(8):1332-1349.(in Chinese)
[2] YU F,ZHANG H,ZHAO B,et al.A formal analysis of trusted platform module2.0 hash-based message authentication code authorization under digital rights management scenario[J].Security & Communication Networks,2016,9(15):2802-2815.
[3] 张焕国,韩文报,来学嘉,等.网络空间安全综述[J].中国科学:信息科学,2016,46(2):125-164. ZHANG Huan-guo,HAN Wen-bao,LAI Xue-jia,et al.Cyberspace security review[J].Scientia Sinica Informationis,2016,46(2):125-164.(in Chinese)
[4] 威尔·亚瑟,大卫·查林纳.TPM 2.0原理及应用指南新安全时代的可信平台模块[M].北京:机械工业出版社,2017. Will ARTHUR,David CHALLENER.A Practical Guide to TPM 2.0:Using the Trusted Platform Module in the New Age of Security[M].Beijing:Machinery Industry Press,2017.(in Chinese)
[5] 谭良,陈菊.一种可信终端运行环境远程证明方案[J].软件学报,2014,25(6):1273-1290. TAN Liang,CHEN Ju.Remote attestation project of the running environment of the trusted terminal[J].Journal of Software,2014,25(6):1273-1290.(in Chinese)
[6] 谭良,陈菊,周明天.可信终端动态运行环境的可信证据收集机制[J].电子学报,2013,41(1):77-85. TAN Liang,CHEN Ju.Unambiguous general framework design and applications for BOC signals[J].Acta Electronica Sinica,2013,41(1):77-85.(in Chinese)
[7] 徐明迪,张焕国,张帆,等.可信系统信任链研究综述[J].电子学报,2014,42(10):2024-2031. XU Ming-di,ZHANG Huan-guo,ZHANG Fan,et al.Survey on chain of trust of trusted system[J].Acta Electronica Sinica,2014,42(10):2024-2031.(in Chinese)
[8] 谭良,刘震,周明天.TCG架构下的证明问题研究及进展[J].电子学报,2010,38(5):1105-1112. TAN Liang,LIU Zhen,ZHOU Ming-tian.Development of attestation in TCG[J].Acta Electronica Sinica,2010,38(5):1105-1112.(in Chinese)
[9] 徐甫.基于可信根的计算机终端免疫模型[J].电子学报,2016,44(3):653-657. XU Fu.Trusted root based computer terminal immune model[J].Acta Electronica Sinica,2016,44(3):653-657.(in Chinese)
[10] 吴呈邑,熊焰,黄文超,等.移动自组网中基于动态第三方的可信公平非抵赖协议[J].电子学报,2013,41(2):227-232. WU Cheng-yi,XIONG Yan,HUANG Wen-chao,et al.A trusted fair non-repudiation protocol based on dynamic third party in mobile ad hoc networks[J].Acta Electronica Sinica,2013,41(2):227-232.(in Chinese)
[11] 胡玲碧,谭良.云计算中可信虚拟平台的远程证明方案研究[J/OL].软件学报,https://doi.org/10.13328/j.cnki.jos.005264,2018-06-08. HU Ling-bi,TAN Liang.Research on the trusted virtual platform remote attestation method in cloud computing[J/OL].Journal of Software,https://doi.org/10.13328/j.cnki.jos.005264,2018-06-08.
[12] 冯登国.可信计算——理论与实践[M].北京:清华大学出版社,2013. FENG Deng-guo.Trusted Computing Theory and Practice[M].Beijing:Tsinghua University Press,2013.(in Chinese)
[13] 陈军.可信平台模块安全性分析与应用[D].北京:中国科学院计算技术研究所,2006. CHEN Jun.Security Analysis of Trusted Platform Module and Application[D].Beijing:Institute of Computing Technology Chinese Academy of Sciences,2006.(in Chinese)
[14] 徐士伟,张焕国.基于应用π演算的可信平台模块的安全性形式化分析[J].计算机研究与发展,2011,48(8):1421-1429. XU Shi-wei,ZHANG Huan-guo.Formal security analysison trusted platform module based on applied π calculus[J].Journal of Computer Research and Development,2011,48(8):1421-1429.(in Chinese)
[15] 张倩颖,赵世军,冯登国.TPM可迁移密钥安全性分析与研究[J].小型微型计算机系统,2012,33(10):2188-2193. ZHANG Qian-ying,ZHAO Shi-jun,FENG Deng-guo.Security analysis and research on TPM migratable key[J].Journal of Chinese Computer Systems,2012,33(10):2188-2193.(in Chinese)
[16] SHAO J,FENG D,QIN Y.Type-based analysis of protected storage in the TPM[A].Information and Communications Security[M].Berlin:Springer International Publishing,2013.135-150.
[17] ZHANG QY,ZHAO SJ,QIN Y,FENG DG.Formal analysis of TPM2.0 key management APIs[J].Chinese Science Bulletin,2014,59:4210-4224.
[18] 徐扬,赵波,米兰·黑娜亚提,等.TPM2.0密钥复制安全性增强方案[J].武汉大学学报(理学版),2014,60(6):471-477. XU Yang,ZHAO Bo,MILAN Heinayati.Security enhancement of key duplication in TPM2.0[J].Journal of Wuhan University (Natural Science Edition),2014,60(6):471-477.(in Chinese)
[19] 张倩颖,冯登国,赵世军.TCM密钥迁移协议设计及形式化分析[J].软件学报,2015,26(9):2396-2417. ZHANG Qian-ying,FENG Deng-guo,ZHAO Shi-jun.Design and formal analysis of TCM key migration protocols[J].Journal of Software,2015,26(9):2396-2417.(in Chinese)

一种TPM2.0密钥迁移协议及安全分析

A TPM2.0 Key Migration Protocol and Security Analysis

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 12

编辑推荐

Metrics

[1]	秦超霞, 郭兵, 沈艳, 苏红, 张珍, 周驰岷. 区块链的安全风险评估模型[J]. 电子学报, 2021, 49(1): 117-124.
[2]	徐甫. 基于可信根的计算机终端免疫模型[J]. 电子学报, 2016, 44(3): 653-657.
[3]	徐明迪, 张焕国, 张帆, 杨连嘉. 可信系统信任链研究综述[J]. 电子学报, 2014, 42(10): 2024-2031.
[4]	吴呈邑, 熊焰, 黄文超, 陆琦玮, 龚旭东. 移动自组网中基于动态第三方的可信公平非抵赖协议[J]. 电子学报, 2013, 41(2): 227-232.
[5]	谭良, 陈菊, 周明天. 可信终端动态运行环境的可信证据收集机制[J]. 电子学报, 2013, 41(1): 77-85.
[6]	陈小峰;冯登国. 隐私增强直接匿名证明方案研究[J]. 电子学报, 2011, 39(9): 2166-2172.
[7]	谭良;刘震;周明天. TCG架构下的证明问题研究及进展[J]. 电子学报, 2010, 38(5): 1105-1112.
[8]	王世华;李晓勇. 基于策略的计算平台可信证明[J]. 电子学报, 2009, 37(4): 900-904.
[9]	李兴华;马建峰;马卓. 可信计算环境下的Canetti-Krawczyk模型[J]. 电子学报, 2009, 37(1): 7-12.
[10]	张晓菲, 许访, 沈昌祥. 基于可信状态的多级安全模型及其应用研究[J]. 电子学报, 2007, 35(8): 1511-1515.
[11]	李晓勇, 左晓栋, 沈昌祥. 基于系统行为的计算平台可信证明[J]. 电子学报, 2007, 35(7): 1234-1239.
[12]	周明辉, 梅宏, 焦文品. 基于中间件的可定制信任管理框架[J]. 电子学报, 2005, 33(5): 820-826.