检索结果-内蒙古大学图书馆

International Forum on Information Technology and Applications (IFITA 2009)

作者： Yang Yang Zhang Huanguo Xu Shiwei Zhang Fan Wuhan Univ Sch Comp Wuhan 430072 Peoples R China

ISBN: (纸本)9780769536002

trusted platform module (TPM) provides the cryptographic functions through the Application Programming Interfaces (APIs). The specification of APIs reflects the security policies of the designers, in order to manage and protect the sensitive information of users, which is stored in the hardware module. But the security of these APIs has not guaranteed. In this paper, a formal model to describe the APIs based on the specification is proposed;based on the model, the attacker ability and the system security target are defined. In order to find the API-chain attack automatically, a formal method based on resolution principle and theorem proving is presented, and the method takes in practical using an automata theorem prover Otter;a mechanism of executability determination is also integrated in the method to alleviate state space explosion problem to some extent, and the state of TPM can be guaranteed The proposed theory and method are then applied in the Key Migration module of TPM APIs to show the feasibility of this method.

关键词： trusted platform module application programming interfaces first-order logic theorem proving

来源：评论

学校读者我要写书评

暂无评论

A DAA Scheme Requiring Less TPM Resources

A DAA Scheme Requiring Less TPM Resources

引用

5th China International Conference on Information Security and Cryptology

作者： Chen, Liqun Hewlett-Packard Laboratories United Kingdom

ISBN: (纸本)9783642163418

Direct anonymous attestation (DAA) is a special digital signature primitive, which provides a balance between signer authentication and privacy. One of the most interesting properties that makes this primitive attractive in practice is its construction of signers. The signer role of DAA is split between two entities, a principal signer (a trusted platform module (TPM)) with limited computational capability and an assistant signer (a computer platform into which the TPM is embedded) with more computational power but less security tolerance. Our first contribution in this paper is a new DAA scheme that requires very few TPM resources. This new scheme has better performance than the existing DAA schemes and is provable secure based on the q-SDH problem and DDH problem under the random oracle model. Our second contribution is a modification of the DAA security model defined in [12] to cover the property of non-frameability.

关键词： direct anonymous attestation trusted platform module bilinear map

来源：评论

学校读者我要写书评

暂无评论

A Secure Channel Establishment Method on A Hardware Security module 5

A Secure Channel Establishment Method on A Hardware Security...

引用

5th International Conference on Information and Communication Technology Convergence (ICTC)

作者： Kim, Daewon Jeon, Yongsung Kim, Jeongnyeo Elect & Telecommun Res Inst Cyber Secur Res Dept Daejeon South Korea

ISBN: (纸本)9781479967865

In various computing environments, hardware security modules are needed for protecting cryptographic keys and security services from threats of information leakage. For that protection, the modules normally have the methods of password-based access control and message encryption. Nowadays, a password itself can be easily exposed by a variety of password hacking techniques and the secure channel for encrypting messages can be connected to a malicious program which already knows the password. Moreover, frequent password inputs are inconvenient to users. To solve these problems, we propose an enhanced secure channel establishment method on a hardware security module. The method has been implemented on our prototype mobile trusted module.

关键词： trusted platform module mobile trusted module hardware security module authentication secure channel

来源：评论

学校读者我要写书评

暂无评论

Towards Practical Hardware Fingerprinting for Remote Attestation 1

引用

39th International Conference on ICT Systems Security and Privacy Protection (SEC)

作者： Eckel, Michael Fenzl, Florian Jaeger, Lukas Fraunhofer SIT Cyber Phys Syst Secur Rheinstr 75 D-64295 Darmstadt Germany ATHENE Natl Res Ctr Appl Cybersecur Rheinstr 75 D-64295 Darmstadt Germany

ISBN: (数字)9783031651755

ISBN: (纸本)9783031651779;9783031651755;9783031651748

In the realm of trusted Computing for embedded systems, ensuring the integrity of both firmware and hardware presents a complex challenge. Traditional approaches have focused on detecting firmware and operating system (OS) software manipulations, leaving a gap in the identification of subtle hardware modifications and attacks. This paper extends previous work on hardware fingerprinting for remote attestation by conducting and analyzing comprehensive long-term hardware measurements. Building upon the established methodology, we examine the correlation between environmental parameters and analog-to-digital converter (ADC) values to gain suitable reference values for remote attestation procedures. Our work introduces significant contributions: the implementation of two distinct test setups for enhanced hardware fingerprinting, a rigorous evaluation of these measurements to identify strong correlations, the development of a standardized log format for hardware measurements aimed at adoption by the trusted Computing Group (TCG), and the application to trusted platform module TPM based measured boot and remote attestation. In summary, we integrate hardware manipulation detection with the TPM, and lay the groundwork for a more secure and reliable computing environment in embedded systems.

关键词： Hardware Fingerprinting Remote Attestation Integrity Verification trusted Computing trusted platform module

来源：评论

学校读者我要写书评

暂无评论

A New Process and Framework for Direct Anonymous Attestation Based on Symmetric Bilinear Maps

引用

Wuhan University Journal of Natural Sciences 2011年第5期16卷 369-375页

作者： TAN Liang1,2, ZHOU Mingtian3 1. College of Computer/Key Lab of Visualization in Scientific Computing and Virtual Reality of Sichuan, Sichuan Normal University, Chengdu 610066, Sichuan, China 2. Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190, China 3. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu 610054, Sichuan, China College of Computer/Key Lab of Visualization in Scientific Computing and Virtual Reality of Sichuan Sichuan Normal University Chengdu Sichuan China Institute of Computing Technology Chinese Academy of Sciences Beijing China School of Computer Science and Engineering University of Electronic Science and Technology of China Chengdu Sichuan China

For the problem of the original direct anonymous attestation （DAA） scheme＇s complexity and great time consumption, a new DAA scheme based on symmetric bilinear pairings is presented, which gives a practical solution to ECC-based TPM in protecting the privacy of the TPM. The scheme still includes five procedures or algorithms： Setup, Join, Sign, Verify and Rogue tagging, but gets rid of zero-knowledge proof and takes on a new process and framework, of which the main operations are addition, scalar multiplication and bilinear maps on supersingular elliptic curve systems. Moreover, the scheme adequately utilizes the properties of bilinear maps as well as the signature and verification of the ecliptic curve system itself. Compared with other schemes, the new DAA scheme not only satis- fies the same properties, and shows better simplicity and high effi- ciency. This paper gives not only a detailed security proof of the proposed scheme, but also a careful performance analysis by comparing with the existing DAA schemes.

关键词： direct anonymous attestation bilinear map privacy authentication trusted computing platform trusted platform module

来源：评论

学校读者我要写书评

暂无评论

Procedures for sensor nodes operation in the secured domain

Procedures for sensor nodes operation in the secured domain

引用

Annual Workshop on Intelligent Systems for the Internet of Things

作者： Furtak, Janusz Zielinski, Zbigniew Chudzikiewicz, Jan Mil Univ Technol Fac Cybernet PL-00908 Warsaw Poland

Currently, the networks of mobile sensor nodes, which are IoT components, are increasingly a source of data for building situational awareness. Such networks can be a source of data for critical infrastructure systems if, in addition to the timeliness (freshness) of the data, it will also be possible to ensure the reliability of these data. Such requirements are met by a secure domain of sensor nodes, in which all sensor nodes are authenticated, sensitive data is stored in protected resources of sensor nodes, and data exchange in the domain and outside the domain is cryptographically protected. This paper presents the concept of a safe domain of sensor nodes for IoT and describes the data structures necessary to ensure security in the domain and the way of protecting the resources of each node. Particular attention was paid to the procedure of preparing a sensor node for work in a secured domain of sensor nodes.

关键词： security in IoT trusted platform module wireless sensor networks

来源：评论

学校读者我要写书评

暂无评论

System Integrity - A Cautionary Tale

System Integrity - A Cautionary Tale

引用

IEEE International Conference on Physical Assurance and Inspection of Electronics (PAINE)

作者： Surendrababu, Hema Karnam Univ Trans Disciplinary Hlth Sci & Technol Natl Inst Adv Studies Bengaluru India

ISBN: (纸本)9798350399097

One of the vital security requirements in information systems is integrity of information that is processed. Current security practices place more emphasis on protection of data with less focus on protection of the system processing that data, with inadequate security requirements specification throughout the system development life cycle. The consequence of this practice is a potential system dysfunction or degraded performance thus compromising system integrity. This paper explores the current practices for providing system integrity protection and the limitations thereof which can potentially undermine system integrity.

关键词： System integrity Security trusted platform module Trustworthy system Root of Trust

来源：评论

学校读者我要写书评

暂无评论

Securing Elapsed Time for Blockchain: Proof of Hardware Time and some of its Physical Threats 27

Securing Elapsed Time for Blockchain: Proof of Hardware Time...

引用

27th Euromicro Conference on Digital System Design

作者： Jayet, Quentin Hennebert, Christine Kieffer, Yann Beroulle, Vincent Univ Grenoble Alpes CEA LETI DSYS F-38000 Grenoble France Univ Grenoble Alpes Grenoble INP LCIS F-26000 Valence France

ISBN: (纸本)9798350380392;9798350380385

Blockchain technology enables the creation of a time-stamped, shared, and replicated history of events among participants who do not trust each other. To agree on the shared history, the blockchain uses a consensus protocol, such as Nakamoto's protocol in Bitcoin. This protocol relies on a proof that ensures the elapsed time between two blocks by design with the Proof of Work mechanism. This paper focuses on the use of hardware security components to guarantee the time elapsed between two events by design and at low-power. It introduces a Proof of Hardware Time (PoHT), a hardware-based proof of elapsed time compatible with embedded systems and based on a System on module (SoM) that features an ARM Cortex-A7 processor with a TrustZone and a trusted platform module. The issue of modifying the digital elapsed time measured by hardware components is examined in relation to real elapsed time. It considers whether it is possible to alter this measurement by carrying out hardware attacks on the target. Two main dreaded events are considered: compression and elongation of the digital value of the elapsed time. Experimental attacks on the SoM are performed in terms of temperature and supply voltage targeting clock oscillators and time measurement functions, after which a security analysis and a discussion of possible countermeasures are presented.

关键词： Physical attacks Elapsed time Clocks Temperature attacks System on module trusted Execution Environment trusted platform module Blockchain

来源：评论

学校读者我要写书评

暂无评论

Algorithm Agility - Discussion on TPM 2.0 ECC Functionalities 1

引用

3rd International Conference on Research in Security Standardization (SSR)

作者： Chen, Liqun Urian, Rainer Hewlett Packard Labs Palo Alto CA USA Univ Surrey Guildford Surrey England Infineon Technol AG Neubiberg Germany

ISBN: (数字)9783319491004

ISBN: (纸本)9783319491004;9783319490991

The TPM 2.0 specification has been designed to support a number of Elliptic Curve Cryptographic (ECC) primitives, such as key exchange, digital signatures and Direct Anonymous Attestation (DAA). In order to meet the requirement that different TPM users may favor different cryptographic algorithms, each primitive can be implemented from multiple algorithms. This feature is called Algorithm Agility. For the purpose of performance efficiency, multiple algorithms share a small set of TPM commands. In this paper, we review all the TPM 2.0 ECC functionalities, and discuss on whether the existing TPM commands can be used to implement new cryptographic algorithms which have not yet been addressed in the specification. We demonstrate that four asymmetric encryption schemes specified in ISO/IEC 18033-2 can be implemented using a TPM 2.0 chip, and we also show on some ECDSA variants that the coverage of algorithm agility from TPM 2.0 is limited. Security analysis of algorithm agility is a challenge, which is not responded in this paper. However, we believe that this paper will help future researchers analyze TPM 2.0 in more comprehensive methods than it has been done so far.

关键词： Algorithm Agility Elliptic Curve Cryptography trusted platform module

来源：评论

学校读者我要写书评

暂无评论

Trustworthy and Personalized Computing on Public Kiosks

Trustworthy and Personalized Computing on Public Kiosks

引用

6th International Conference on Mobile Systems, Applications, and Services

作者： Garriss, Scott Caceres, Ramon Berger, Stefan Sailer, Reiner van Doorn, Leendert Zhang, Xiaolan Carnegie Mellon Univ Pittsburgh PA 15213 USA

ISBN: (纸本)9781605581392

Many people desire ubiquitous access to their personal computing environments. We present a system in which a user leverages a personal mobile device to establish trust in a public computing device, or kiosk, prior to resuming her environment on the kiosk. We have designed a protocol by which the mobile device determines the identity and integrity of all software loaded on the kiosk, in order to inform the user whether the kiosk is trustworthy. Our system exploits emerging hardware security technologies, namely the trusted platform module and new support in x86 processors for establishing a dynamic root of trust. We have demonstrated the viability of our approach by implementing and evaluating our system on commodity hardware. Through a brief survey, we found that respondents are generally willing to endure a delay in exchange for an increased assurance of data privacy;acid that the delay incurred by our unoptimized prototype is close to the range tolerable to the respondents. We have focused on allowing the user to personalize a kiosk by running her own virtual machine there. However, our work is generally applicable to establishing trust on public computing devices before revealing any sensitive information to those devices.

关键词： Kiosk computing trusted platform module mobility personalized computing integrity verification virtualization

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：