下一代可信计算平台远程证明理论与方法研究

项目名称： 下一代可信计算平台远程证明理论与方法研究

项目编号： No.61202414

项目类型： 青年科学基金项目

立项/批准年度： 2013

项目学科： 计算机科学学科

项目作者： 秦宇

作者单位： 中国科学院软件研究所

项目金额： 23万元

中文摘要： 下一代可信计算平台远程证明已成为目前国内外研究的热点，它在解决云计算终端和服务器信任、移动互联网终端安全、数字版权系统、可信网络接入等方面的应用有着现实重要意义。本课题重点突破下一代可信计算平台远程证明关键技术，研究基于 TPM/TCM安全芯片的匿名属性远程证明模型及其安全协议；采用密码协议证明和有限状态机自动化验证相结合的方法，进行远程证明的正确性、匿名性以及隐私性的安全性分析验证研究；同时还将研发一套远程证明协议仿真测试工具，通过安全性测试分析实现协议算法和参数的优化。总之，本课题从远程证明安全性论证和验证角度展开下一代远程证明协议的设计、分析和验证研究，不仅为下一代可信计算平台远程证明系统设计和应用奠定理论基础，还提供相应的分析验证、仿真检测工具支撑。

中文关键词： 可信计算；远程证明；移动可信计算；可信平台模块；安全协议

英文摘要： The remote attestation for next generation trust computing platform has already been becoming the research hotspot at home and abroad, which has great significance to solve the application problem in cloud server and terminal trust, mobile terminal security, digital right system, trust network connection, etc.. The research will makes the breakthroughs in key technology of remote attestation for next generation trust computing platform, study the model and protocol on the anonymous property attestation for TPM/TCM; It will study the security analysis verification for the correctness, anonymity and privacy by the method of integrating the cryptographic protocol proof with finite states machine verification; It will also develop a simulation testing tool for remote attestation, and optimize the protocol algorithms and parameters by the test and analysis. In a word, the research will make the studies on the remote attestation design, analysis and verification for next generation trust computing platform in the view of security argument and verification. It will not only lay the theory foundation of remote attestation system design and application for next generation trust computing platform, but also provide the tools supporting for the relative analysis and test.

英文关键词： Trusted Computing；Remote Attestation；Mobile Trusted Computing；Trusted Platform Module；Security Protocol