|Table of Contents|

Key Management Based on Trusted Computing Platform


Research Field:
Publishing date:


Key Management Based on Trusted Computing Platform
LI Xin-ming12ZHANG Gong-xuan1SHI Chao1SONG Bin1
1.School of Computer Science and Technology,NUST,Nanjing 210094,China;2.Key Lab,Institute of Equipment Command & Technology,Beijing 101416,China
trusted computing trusted computing platform key key management
Duo to the limitation of security protection only by software,a trusted computing framework of embedded trusted security model(ETSM) is proposed according to the trusted computing technology and the national related trusted cryptography module(TCM) interface specification.Moreover,for the key management methods of the trusted computing core content,an ETSM-based key management architecture is presented.The modules of encryption/decryption algorithms(or engines),key management and random key generation are built and stored in ETSM hardware.Some important functions of key management are designed and implemented in the key management architecture.The management strategies are given for dual-port key cache management and external key storage management.As for the hardware environment,it is a heterogeneous system of dual processors with individual ETSM and personal computer(PC) host.The PC host can quickly exchange messages with ETSM through the peripheral component interconnect(PCI) interface and achieve the encryption/decryption of sensitive data or files.The related keys are stored in non-violate memory of ETSM so that the encrypted data are of high security.It is an efficient scheme to enhance the system’s trustworthiness and the scheme meets the requirement of trusted computing platform’s integrity and security.


[ 1] ?? Trusted Compu ting Group. TCG So ftw are Stack ( TSS) Spec ifica tion Ve rsion 1. 2 Leve l 1[ EB /OL]. http: / / www. trustedcom putinggroup. org / resources/ tcg _ so ft?? w are_stack_tss_spec ifica tion. 2006- 01- 06.
[ 2] Trusted Computing Group. TPM M ain Specification Leve l 2 V1. 2, Reversion 103 Part 1- Design Pr inc iples[ EB / OL ]. http: / /www. trustedcomputinggroup. org / re?? sources/ tpm_ma in_specification. 2007- 07- 09. [ 3 ] Trusted Com puting G roup. TCG Specifica tion A rch i?? tectu re Overv iew Rev ision 1. 4 [ EB /OL ] . http: / / www. trustedcom putingg roup. o rg / resources/ tcg _arch i?? tectu re_ove rv iew _version_14. 2007- 08- 02.
[ 4] 国家密码管理局. ( 第13号公告) 可信计算密码支 撑平台功能与接口规范[ EB /OL]. http: / /www. osc?? ca. gov. cn /Doc /17/New s_1133. htm. 2007- 12- 29.
[ 5] 赵波, 张焕国, 李晶, 等. 可信PDA计算平台系统结构 与安全机制[ J]. 计算机学报, 2010, 33( 1): 82- 92.
[ 6] Gabr iel Lo?? pezM illa?? n, M anuel G il Pe?? rez, Grego rio M art???? nez Pe?? rez, et a .l PKI??based trust m anag em ent in inte r??dom a in scenar ios[ J] . Com pute rs & Security, 2010, 29( 3) : 278- 290. [ 7 ] 杨波. 可信计算平台密钥管理机制的应用与研 究[ D]. 西安电子科技大学计算机学院, 2008: 28- 37.
[ 8] 艾俊, 吴秋新. 可信计算密码支撑平台中的密钥管 理技术研究[ J]. 北京信息科技大学学报, 2009, 25( 4): 92- 96.
[ 9] 张淼, 杨昌, 张焕国, 等. 可信计算平台中的密钥管 理[ J] . 楚雄师范学院学报, 2006, 21( 9) : 17- 22.
[ 10] 许丽京. 可信计算技术安全协议与密钥管理研 究[ J]. 数据通信, 2007( 2): 41- 45.


Last Update: 2012-11-02