摘要
论文针对Needham—Schroeder对称密钥协议存在的问题,提出了在参与协议运行的各个实体中嵌入可信平台模块TPM,利用TPM的保护存储等功能,实现对各个实体的本地保护;利用TPM的平台证实功能使得认证服务器与实体A、实体A与实体B在协议的运行中分别进行双向证实;由此对协议进行改进,增强了协议运行的安全性。
This paper analyses the problems that exists in the Needham-Schroeder single key distribution protocol, and proposes an improved Needham-Schroeder protocol based on TPM. By TPM's function of protected storage, every entity can be protected locally, and by the function of remote attestation, the Authentication Server, entity A and entity B can attest each other respectively during the protocol. Consequently, the security of the protocol can be strengthened.
出处
《信息安全与通信保密》
2006年第11期82-84,共3页
Information Security and Communications Privacy
基金
国家自然科学基金资助项目可信计算体系结构研究(60573003)
