| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Study of Remote Automated Anonymous Attestation in Trusted Computing |
| Authors | LIU Ji-Qiang1) ZHAO Jia1) ZHAO Yong1),2) |
| Address | 1)(School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044) 2)(College of Computer Science and Technology, Beijing University of Technology, Beijing 100022) |
| Year | 2009 |
| Issue | No.7(1304¡ª1310) |
| Abstract & Background | Abstract Remote attestation is an important attribute in trusted computing. The purpose of remote attestation is to attest the identity and configuration of remote platform. The shortcomings of popular binary attestation are not only revealing information about the configuration of platform or information, but also requiring the verifiers to know all possible ¡°trusted¡± configurations of all platform as well as managing updates and patches that change the configuration. The remote automated anonymous attestation hides the identity of platform by ring signature, replaces configuration by property-based certificate, which takes good reference for updates and patches of system. The hidden certificate signed by trusted computing module and its host does not need extra zero-knowledge proof, so our scheme is very efficient in realization. Keywords trusted computing; remote attestation; automated negotiation; property certificate; ring signature Background This work is supported by the National High Technology Research and Development Program (863 Program) of China (grant No.2007AA01Z177 and No.2007AA01Z410), the National Basic Research Program (973 Program) of China (grant No.2007CB307101), and also supported by Program for Changjiang Scholars and Innovative Research Team in University (No.IRT0707). The projects are involved in the key technology of trusted chain. Remote attestation is one of the fundamental trusted platform features. A terminal platform can attest to its description of characteristics to a remote party to guarantee the trustworthiness and freshness. TCG developed a solution using a trusted third party (Privacy CA), and then gave another solution which calls Direct Anonymous Attestation (DAA) to avoid of revealing the private information, but various of exponential operations in the DAA protocol make it not efficient enough. Moreover, it also needs negotiations between the issuer of the TPM and the platform in the join stage of DAA. The authors proposes a remote automated anonymous attestation protocol based on ring signature in this paper. The remote automated anonymous attestation hides the identity of platform, replaces configuration by property-based certificate, which takes good reference for updates and patches of system. Furthermore, the attestation protocol does not need the third party and extra zero-knowledge proof, which makes it very efficient in realization. This new protocol will present a useful method for the remote attestation. |