基于Merkle树的TPM单一密钥撤销

余发江; 申淦; 张焕国

doi:10.12263/DZXB.20211638

您当前的位置：

首页 >

文章列表页 >

基于Merkle树的TPM单一密钥撤销

学术论文 | 更新时间：2025-12-08

- 基于Merkle树的TPM单一密钥撤销
- Single Key Revocation Based on Merkle Tree for TPM
- 电子学报 2023年51卷第4期页码：792-800
- 作者机构：
  
  武汉大学国家网络安全学院空天信息安全与可信计算教育部重点实验室，湖北武汉430040
- 作者简介：
  
  [ "余发江男，1980年出生于重庆市，2007年毕业于武汉大学计算机学院信息安全专业，获博士学位.现为武汉大学国家网络安全学院副教授，硕士生导师.主要从事系统安全、可信计算等方面的教学和研究工作. E-mail: fjyu@whu.edu.cn" ]
  [ "申淦男，1998年6月出生于贵州毕节，现为武汉大学国家网络安全学院硕士.主要研究方向为可信计算. E-mail: 2016301200081@whu.edu.cn" ]
- 基金信息：
  
  国家自然科学基金(61772384)
- DOI：10.12263/DZXB.20211638
  中图分类号： TP309
- 收稿：2021-12-09，
  
  修回：2022-08-05，
  
  纸质出版：2023-04-25
- 稿件说明：
移动端阅览
余发江,申淦,张焕国.基于Merkle树的TPM单一密钥撤销[J].电子学报,2023,51(04):792-800.

YU Fa-jiang,SHEN Gan,ZHANG Huan-guo.Single Key Revocation Based on Merkle Tree for TPM[J].ACTA ELECTRONICA SINICA,2023,51(04):792-800.
余发江,申淦,张焕国.基于Merkle树的TPM单一密钥撤销[J].电子学报,2023,51(04):792-800. DOI： 10.12263/DZXB.20211638.

YU Fa-jiang,SHEN Gan,ZHANG Huan-guo.Single Key Revocation Based on Merkle Tree for TPM[J].ACTA ELECTRONICA SINICA,2023,51(04):792-800. DOI： 10.12263/DZXB.20211638.

摘要

可信平台模块（Trusted Platform Module，TPM）内部存储空间有限，TPM生成的密钥绝大部分并不会存储于较为安全的TPM内部，而是经过父密钥加密之后再存储于外部存储空间，不完全受TPM控制.在单一密钥无效的情况下，TPM1.2和TPM2.0规范中未提供相关命令来撤销该密钥，只提供了撤销所有密钥的命令，这在多数情况下不方便且降低了TPM的可用性.但是如果不撤销该无效的密钥，攻击者可能会将其加载到TPM中使用，会带来安全隐患.因此，本文基于Merkle树提出了一种能进行单一密钥撤销的密钥管理方案.通过构建动态或者静态Merkle树的方式，将TPM生成的密钥链接到树的叶结点进行密钥管理，在需要的时候可撤销单一无效密钥而不会影响其他有效密钥的正常使用.与基于黑白名单撤销TPM密钥的方案相比，在本文方案中，TPM内部仅需额外保存树的根结点，其余结点存储于TPM的外部，该方案的开销与树能管理的密钥数成对数关系，而黑白名单方案的开销则与被撤销密钥或者未被撤销密钥数量成线性关系；与基于变色龙散列函数构建树来撤销TPM密钥的方案相比，本文的方案更加简便，降低了计算的复杂性.本文基于TPM2.0模拟器构建了一个原型系统，经测试达到了预期目标，具备较好的实用性.

Abstract

As the internal storage space of trusted platform module (TPM) is limited

most of the keys generated by TPM will not be stored inside TPM. Instead

these keys are encrypted by their parent keys and then stored in external storage space

which is not completely controlled by TPM. In case that one single key is invalid

TPM1.2 and TPM2.0 specifications do not provide any commands to revoke this single key except the command to revoke all keys

which is inconvenient in most cases and reduces the availability of TPM. But if the invalid key is not revoked

an attacker may load it into the TPM for use and this will result in some security issues. Thus

this paper proposes a scheme based on Merkle tree to revoke single key. By constructing dynamic or static Merkle tree

the keys generated by TPM are linked to leaves of the tree for key management

which can revoke single invalid key if needed without affecting the normal use of other keys. Compared with the scheme based on blacklist and whitelist to revoke single key for TPM

our scheme shows only the root of the tree is stored inside the TPM and the remaining nodes are stored outside the TPM. The cost of the scheme has a logarithmic relationship with the number of keys managed by the tree

while the cost of the scheme based on blacklist and whitelist is linear to the number of revoked or unrevoked keys. Compared with the scheme that constructs a tree based on chameleon hash function to revoke single key for TPM

our scheme is simpler and reduces the calculation complexity. This paper builds a prototype system based on TPM2.0 simulator. Through testing

the system achieves the expected goal and has good practicability.

关键词

Keywords

references

沈昌祥 , 张焕国 , 王怀民 , 等 . 可信计算的研究与发展 [J ] . 中国科学: 信息科学 , 2010 , 40 ( 2 ): 139 - 166 .

SHEN Chang-xiang , ZHANG Huan-guo , WANG Huai-min , et al . Research and development of trusted computing [J ] . Chinese Science: Information Science , 2010 , 40 ( 2 ): 139 - 166 . (in Chinese)

张焕国 , 赵波 . 可信计算 [M ] . 武汉 : 武汉大学出版社 , 2011 .

ZHANG Huanguo , ZHAO Bo . Trusted Computing [M ] . Wuhan : Wuhan University Press , 2011 . (in Chinese)

YU Fajiang , ZHANG Huanguo , ZHAO Bo , et al . A formal analysis of trusted platform module 2.0 hash-based message authentication code authorization under digital rights management scenario [J ] . Security and Communication Networks , 2015 , 9 ( 15 ): 1 - 14 .

宋敏 , 谭良 . 一种TPM 2 .0密钥迁移协议及安全分析[J ] . 电子学报 , 2019, 47 ( 7 ): 1449 - 1464 .

SONG Min , TAN Liang . A TPM2.0 key migration protocol and security analysis [J ] . Acta Electronica Sinica , 2019 , 47 ( 7 ): 1449 - 1464 . (in Chinese)

Corporation Microsoft . Bitlocker overview [EB/OL ] . [ 2021-12-09 ] . https://docs.microsoft.com/zh-cn/windows/security/information-protection/bitlocker/bitlocker-overview https://docs.microsoft.com/zh-cn/windows/security/information-protection/bitlocker/bitlocker-overview .

Corporation Microsoft . Get-Windows-11 [EB/OL ] . [ 2021-12-09 ] . https://www.microsoft.com/zh-cn/windows/get-win- dows-11 https://www.microsoft.com/zh-cn/windows/get-win-dows-11 .

Oracle . Oracle solaris and oracle SPARC T4 servers—Engineered together for enterprise cloud deployments [EB/OL ] . [ 2021-12-09 ] . https://www.oracle.com/us/products/servers-storage/solaris/solaris-and-sparc-t4-497273.pdf https://www.oracle.com/us/products/servers-storage/solaris/solaris-and-sparc-t4-497273.pdf .

Cloud Google . Shielded-VM [EB/OL ] . [ 2021-12-09 ] . https://cloud.google.com/shielded-vm https://cloud.google.com/shielded-vm .

Trusted Computing Group . TPM 2 . 0 library specification pa- rt 1 Architecture[EB/OL ] . [ 2021-12-09 ] . https://trustedcomputin-ggroup.org/wp-content/uploads/TCG_TPM2_r1p59_ Part1_Architecture_pub.pdf https://trustedcomputin-ggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part1_Architecture_pub.pdf .

Trusted Computing Group . TPM 2 . 0 library specification part 3 Commands[EB/OL ] . [ 2021-12-09 ] . https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part3_Commands_pub.pdf https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part3_Commands_pub.pdf .

徐扬 , 赵波 , 米兰·黑娜亚提 , 等 . TPM2.0密钥复制安全性增强方案 [J ] . 武汉大学学报(理学版) , 2014 , 60 ( 6 ): 471 - 477 .

XU Yang , ZHAO Bo , Heinayati Milan , et al . Security enhancement of key duplication in TPM2.0 [J ] . Journal of Wuhan University (Natural Science Edition) , 2014 , 60 ( 6 ): 471 - 477 . (in Chinese)

SHAO J , QIN Y , FENG D . Formal analysis of HMAC authorization in the TPM2.0 specification [J ] . IET Information Security , 2018 , 12 ( 2 ): 133 - 140 .

CHAKRABORTY D , HANZLIK L , BUGIEL S . Simtpm: User-centric TPM for mobile devices [C ] // 28th USENIX Security Symposium (USENIX Security 19) . Santa Clara : USENIX Association , 2019 : 533 - 550 .

LU D , HAN R , WANG Y , et al . A secured TPM integration scheme towards smart embedded system based collaboration network [J ] . Computers Security , 2020 , 97 : 101922 .

DAVE A , WISEMAN M , SAFFORD D . SEDAT: Security enhanced device attestation with TPM 2 . 0 [EB/OL ] . ( 2021-01-16 )[ 2021-12-09 ] . https://doi.org/10.48550/arXiv.2101. 06362 https://doi.org/10.48550/arXiv.2101.06362 .

KATZENBEISSER S , KURSAWE K , STUMPF F . Revocation of tpm keys [C ] // Trusted Computing . Berlin : Spri- nger Berlin Heidelberg , 2009 : 120 - 132 .

余发江 , 陈宇驰 , 张焕国 . 具备撤销单一密钥功能的TPM动态密钥管理机制 [J ] . 清华大学学报(自然科学版) , 2020 , 60 ( 6 ): 464 - 473 .

YU Fajiang , CHEN Yuchi , ZHANG Huanguo . Dynamic key management mechanism with individual key revocation ability for TPM [J ] . Journal of Tsinghua University (Science and Technology) , 2020 , 60 ( 6 ): 464 - 473 . (in Chinese)

MERKLE R . A certified digital signature [C ] // Crypto 1989 . New York : ACM , 218 - 238 .

邵奇峰 , 金澈清 , 张召 , 等 . 区块链技术:架构及进展 [J ] . 计算机学报 , 2018 , 41 ( 5 ): 969 - 988 .

SHAO Qi-Feng , JIN Che-Qing , ZHANG Zhao , et al . Blockchain: Architecture and research progress [J ] . Chinese Journal of Computers , 2018 , 41 ( 5 ): 969 - 988 . (in Chinese)

陈露 , 相峰 , 孙知信 . 基于属性密码体制的区块链安全技术研究进展 [J ] . 电子学报 , 2021 , 49 ( 1 ): 192 - 200 .

CHEN Lu , XIANG Feng , SUN Zhi-xin . A survey of blockchain security technologies based on attribute-based cryptography [J ] . Acta Electronica Sinica , 2021 , 49 ( 1 ): 192 - 200 . (in Chinese)

马晓婷 , 马文平 , 刘小雪 . 基于区块链技术的跨域认证方案 [J ] . 电子学报 , 2018 , 46 ( 11 ): 2571 - 2579 .

MA Xiao-ting , MA Wen-ping , LIU Xiao-xue . A cross domain authentication scheme based on blockchain technology [J ] . Acta Electronica Sinica , 2018 , 46 ( 11 ): 2571 - 2579 . (in Chinese)

于戈 , 聂铁铮 , 李晓华 , 等 . 区块链系统中的分布式数据管理技术——挑战与展望 [J ] . 计算机学报 , 2021 , 44 ( 1 ): 28 - 54 .

YU Ge , NIE Tie-Zheng , LI Xiao-Hua , et al . The challenge and prospect of distributed data management techniques in blockchain systems [J ] . Chinese Journal of Computers , 2021 , 44 ( 1 ): 28 - 54 . (in Chinese)

秦超霞 , 郭兵 , 沈艳 , 等 . 区块链的安全风险评估模型 [J ] . 电子学报 , 2021 , 49 ( 1 ): 117 - 124 .

QIN Chao-xia , GUO Bing , SHEN Yan , et al . Security risk assessment model of blockchain [J ] . Acta Electronica Sinica , 2021 , 49 ( 1 ): 117 - 124 . (in Chinese)

BRUSCHI F , RANA V , PAGANI A , et al . Tunneling trust into the blockchain: A merkle based proof system for structured documents [J ] . IEEE Access , 2021 , 9 : 103758 - 103771 .

陈兰香 , 邱林冰 . 基于Merkle哈希树的可验证密文检索方案 [J ] . 信息网络安全 , 2017 , ( 4 ): 1 - 8 .

CHEN Lanxiang , QIU Linbing . A verifiable ciphertext retrieval scheme based on Merkle Hash tree [J ] . Netinfo Security , 2017 , ( 4 ): 1 - 8 . (in Chinese)

IBM . IBM's Software TPM 2 .0[CP/OL ] . [ 2021-12-09 ] . https://sourceforge.net/projects/ibmswtpm2/ https://sourceforge.net/projects/ibmswtpm2/ .

Linux TPM 2 & TSS2 Software[CP/OL] . [2021-12-09] . https://github.com/tpm2-software https://github.com/tpm2-software .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

隐私增强直接匿名证明方案研究