Research And Implementation Of Property-based Attestation Scheme For Trusted Computing Platform

With the development of the network,the information interaction between hosts has expanded to the whole network,but because there is no security control over the interaction behavior between hosts,it ignores whether the computer itself is safe and trustworthy.The proposal of trusted computing fundamentally solves the authentication problem of communication between hosts in the network.The integrity of the current trusted computing platform is guaranteed by the trust chain transfer mechanism of trusted computing,and the trusted authentication between trusted computing platforms is realized by remote attestation of trusted computing.In the trusted computing environment,the binary direct attestation scheme based on platform configuration adopted by the traditional trusted remote attestation platform will expose the platform configuration information of the attestor,which will lead to differentiated services,targeted attacks and destroy the privacy of platform configuration,and greatly increase the burden of the verifier in the verification process.In order to solve the above problems,this paper proposes an property-based attestation scheme under the standard model under the trusted computing environment,which is as follows: Based on the “push” remote attestation model,a new remote attestation scheme is designed by using group signature technology,and the formal definition of the scheme is given,including five algorithms/protocols: system parameter setting,joining,attestation,verification and revocation query,which make the attestor,and trusted third party.In the aspect of scheme construction,this paper uses SDA assumption,HSDH assumption,bilinear pairing and other cryptographic tools,and gives a concrete scheme construction method based on the idea of group signature.Under the standard model,the formal security attestation of the proposed scheme is carried out,which proves that the scheme has the security attributes of correctness,non-repudiation and configuration privacy,and has higher security than other schemes which have been proved under the random prediction model.Around the property-based remote attestation scheme,this paper simulates the scheme with Python language coding and implements the cryptographic algorithm with Crypto module,and realizes five algorithms/protocols including parameter setup,join,attest,verify and check,and tests the performance of the attestation and verification algorithms.The results show that the proposed scheme is superior to other similar schemes at present.