Research On Data Sealed Storage On Trusted Computing Platform

With the rapid development of the computer and IT industry,the information technology has been intergrated into all the aspects of people’s life, in recent years,and security of the information system is increasingly becoming the focus of people’s attention.At the same time,the security of the traditional information technology is gradually exposing.Its principle(focusing outside not inside) has been unable to meet today’s needs of the information security.In this situation,the Trusted Computing emerges,which aims to improve system security from fundamental by eliminating the insecurity on the system architecture from the underlying hardware and software.Data security has always been a hot issue of the information security field.As one of the four characteristics of the Trusted Computing,the sealed storage technology of Trusted Computing provides a new way for solving this problem.The zero-knowledge proof is an advanced cryptographic protocol.It can prove the authenticity of a particular assertion to a verifier without providing any other information related to the assertion. Especially in the authentication occasion,the zero-knowledge proof can prove the legitimacy of the identity without providing any identifiable information to other side.This paper describes the basic idea of Trusted Computing, Trusted Platform structure and function, and analyzes the current sealed storage technology research. Considering the problem that the property representation in the existing solutions is too simple, the paper proposes a method of property representation of Trusted Computing Platform,this method can fully characterize the characteristics of a Trusted Computing Platform,classify vastly different platform configurations by property and carry out the property verification by using the zero-knowledge proof. Since the property definition is not clearly and remote unsealing of data is not supported,the paper introduces a Trusted Third Party(TTP) responsible for the definition of the property of Trusted Computing Platform, and describes the mechanism of property defination by TTP detailed.Because of the inherent defects of the Trusted Computing Platform-privacy disclosure, the paper introduces the idea of zero-knowledge proof to the property verification process of the Trusted Computing Platform, and proposes a method of data sealed storage on property with zero-knowledge proof with Trusted Third Party involved.It either can verify the properties of the sealer and unsealer or can prevent the privacy disclosure of them.Finally,the paper carry out a security analysis of the method and proceeds a experimental verification in the TPM-Emulator.The results show that the method supports the remote unsealing of data and avoid the privacy disclosure of Trusted Computing Platform with a little increment of data maintaining the advantages of existing solutions.