CN107395366A - A kind of Efficient Remote method of proof towards industry control credible calculating platform - Google Patents
A kind of Efficient Remote method of proof towards industry control credible calculating platform Download PDFInfo
- Publication number
- CN107395366A CN107395366A CN201710671181.4A CN201710671181A CN107395366A CN 107395366 A CN107395366 A CN 107395366A CN 201710671181 A CN201710671181 A CN 201710671181A CN 107395366 A CN107395366 A CN 107395366A
- Authority
- CN
- China
- Prior art keywords
- credible
- platform
- private key
- remote
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to information security field, more particularly to a kind of Efficient Remote method of proof towards industry control credible calculating platform.It can solve the problem that credible calculating platform remote certification method disposes the problems such as difficulty is big and real-time is low under industrial control condition.The easy deployment of method of proof and real-time in the case where being able to ensure that industrial control condition on the basis of realizing remote proving.Towards the Efficient Remote method of proof of industry control credible calculating platform;Comprise the following steps:Private key, which is issued, is centrally generated remote proving associated cryptographic parameter;Private key issues center and issues signature private key to credible platform module TPM;Credible platform client remote proves the security of credible platform client;The validity of remote validation end server authentication remote proving.
Description
Technical field
The present invention relates to information security field, is demonstrate,proved more particularly to a kind of Efficient Remote towards industry control credible calculating platform
Bright method.
Background technology
As Internet technology, the fast development of technology of Internet of things and made in China 2025, industrial 4.0 revolutions are arrived
Come, the demand that industrial control system is connected to information network increasingly increases, therewith the information security issue of caused industrial control system
Become to become increasingly conspicuous.And the industrial control system of early stage isolated island formula in communications protocol, operating system, peace pipe strategy and management process, answer
The potential safety hazard buried with software etc. make it that industrial control system information security is filled with flaws, " the shake net Iranian from 2010
(Stuxnet) " by 2016, German Gong Deleiminggen nuclear power stations found " W32.Ramnit " virus for viral outburst, had triggered each
Extensive concern of the state to industrial control system information security.To ensure computing terminal security Trusted Computing Group (Trusted
Computing Group, TCG) concept of trust computing is proposed, and the standard for having formulated correlation is used to ensure calculating platform
Security.
To prove platform credible in trust computing standard, TCG proposes two kinds of remote certification methods, first, directly hideing
Name authentication method, but this method be based on a variety of cryptography prototypes and it is complex be not easy deployment realize;Second, it is based on privacy CA
The certification of (Privacy Certification Authority), the program have continued to use PKI (Public
KeyInfrastructure) architectural framework, but at present not yet with the presence of available business prototype and overall architecture performance issue.
Above two method is to ensure the privacy of platform user, therefore and architecture complexity more low in aspect of performance, nothing
Method meets the real-time and availability required by industrial control field, especially, under Industry Control scene, without to industry control meter
Calculate platform user and carry out secret protection.
The content of the invention
The defects of present invention exists aiming at prior art, there is provided the Efficient Remote towards industry control credible calculating platform is demonstrate,proved
Bright method, it can solve the problem that credible calculating platform remote certification method deployment difficulty is big under industrial control condition and real-time is low etc.
Problem.The easy deployment of method of proof and real-time in the case where being able to ensure that industrial control condition on the basis of realizing remote proving.
To achieve the above object, the present invention adopts the following technical scheme that;Including:
Credible platform client, remote validation server and private key issue center.
The credible platform client is including credible platform module TPM (Trusted Platform Module) and remotely
Prove module.
Described remote validation server is used to verify the signature value that credible platform client is generated, to pass through checking
Credible platform client provides service.
Described private key issues center and is used to according to the unique ID of TPM be that credible platform client issues signature private key, is responsible for
The management (including search and cancel) of TPM unique ID values.
Described credible platform module TPM is not direct to be interacted with outside entity, is realized by remote proving module and outer
The interaction of boundary's inter-entity;Described remote proving module assists credible platform module TPM to issue center acquisition according to it to private key
The signature private key of unique ID generations, the platform where proving client to remote validation server using the signature private key of acquisition are
Credible platform.
Further, described credible platform client is:Under industrial control condition, the calculating platform visitor for industry control
The embedded credible platform module TPM in family end, and (software and hardwares of all devices) must follow the standard of Trusted Computing Group proposition.
Further, described unique ID, it is to be formulated when credible platform module safety chip dispatches from the factory by manufacturer
Global unique ID value.
Further, described signature private key is issued center by private key and issued for credible platform module TPM, is stored in TPM
Inside safety chip;Credible platform client can use private key generation signature value to prove its platform to remote validation server
Credibility, the signature private key can allow credible platform client to prove that it possesses credible platform module to remote validation server
TPM, the credibility of platform are ensured by credible platform module TPM and client platform configuration information.
A kind of Efficient Remote method of proof towards industry control credible calculating platform;Comprise the following steps:
Step 1:Private key, which is issued, is centrally generated remote proving associated cryptographic parameter;Comprise the following steps:
Step 1-1:Based on the Bilinear Pairing on elliptic curve, rank is selected as the multiplicative cyclic group G of prime number p, makes the g be
The generation member of cyclic group, and have e:G×G→GTSet up, wherein e is bilinear map, GTFor Maps Group.
Step 1-2:Randomly choose a master keyWhereinFor rank p integer fields, and calculate public key pk=
gmk。
Step 1-3:Select two hash functions:Hash2:{ 0,1 }*→ G, wherein
{ 0,1 }*Random length binary stream is represented,Represent multiplicative group.
By above-mentioned steps, it is (g, pk, Hash that private key, which issues the open parameter being centrally generated,1, Hash2), privately owned parameter is
Master key mk.
Step 2:Private key issues center and issues signature private key to credible platform module TPM, comprises the steps of:
Step 2-1:According to credible platform module TPM unique ID value id, Hash is utilized2Calculate signature verification key vk=
Hash2(id)。
Step 2-2:According to credible platform module TPM unique ID value id, and master key mk, Hash is utilized2Calculate label
Name private key sk=(Hash2(id))mk。
Step 2-3:Signature private key sk is stored in credible platform module TPM key storage area.
Private key issues center and generates signature private key for credible platform module TPM, and is stored in TPM internal non-volatiles and deposits
In storage area, TPM reads the signature private key and carries out corresponding calculating operation when carrying out remote proving.
Step 3:Credible platform client remote proves the security of credible platform client;Comprise the steps of:Remotely
Verifying end server carries out security requirement verification to the credible platform client platform configuration information of request service on the one hand;
On the other hand verify whether the platform is credible platform;Therefore remote validation end server is initiated long-range to credible platform client
Request is proved, the content of the remote proving request includes:PCR (Platform corresponding to platform configuration information
Configuration Register, PCR) sequence number, the signature value to PCR value.
Step 3-1:Choose a random numberTo ensure message freshness.
Step 3-2:Signature value relevant parameter is calculated using the signature private key of credible platform module TPM storage insides, including:
Sign the first element u=gr, signature second element v=vkr×skh, wherein cryptographic Hash h=Hash1(mPCR, u), mPCRFor platform
Configuration information.
Step 3-3:By signature value σ=(u, v) and platform configuration information mPCRAs remote proving, it is sent to and remotely tests
Demonstrate,prove server.
Step 4:The validity of remote validation end server authentication remote proving, is comprised the steps of:
Step 4-1:After receiving signature value and platform configuration information, judge whether platform configuration information meets related peace
Full demand, following step is carried out if meeting, otherwise flow terminates, and handles the safety problem according to corresponding security strategy.
Step 4-2:H'=Hash is calculated according to signature value and platform configuration information1(mPCR, u).
Step 4-3:According to remote validation end server end reserve on the unique ID of the TPM corresponding to signature verification it is close
Key, checking e (vk, u × pkh′Whether)=e (g, v) equation is set up:If invalid, it is invalid signature to show the signature;It is no
Then show that signature is effective, further indicate that the security and credibility of the credible platform client.
Beneficial effect of the present invention compared with prior art.
To solve to be difficult to dispose existing for the credible calculating platform remote proving in industrial control condition, degraded performance and
The problems such as real-time is not strong, the present invention proposes the Efficient Remote method of proof towards industry control credible calculating platform, in this method
In, the entity being related to issues center, remote validation server and credible platform client including private key, with reference to the number of identity-based
Word signature algorithm, give and be easy to deployment, the remote certification method that easy to implement, performance is higher, real-time is stronger, it is especially suitable
In industrial control condition.
Brief description of the drawings
The present invention will be further described with reference to the accompanying drawings and detailed description.The scope of the present invention not only limits to
In the statement of herein below.
Fig. 1 is a kind of Efficient Remote method of proof structural representation towards industry control credible calculating platform of the invention.
Fig. 2 is a kind of Efficient Remote method of proof general flow chart towards industry control credible calculating platform of the invention.
Fig. 3 is that a kind of private key center of issuing of Efficient Remote method of proof towards industry control credible calculating platform of the invention is issued
Send out signature private key flow chart.
Fig. 4 is a kind of credible platform client of Efficient Remote method of proof towards industry control credible calculating platform of the invention
Remote proving flow chart.
Fig. 5 is a kind of remote validation end service of Efficient Remote method of proof towards industry control credible calculating platform of the invention
Device remote proving verifies flow chart.
Embodiment
A kind of embodiment is provided, the method structural representation of the present embodiment, as Figure 1-5.Fig. 1, including industry control are credible
Calculating platform (by credible platform module TPM, credible platform groups of clients into), remote validation server and private key are genuinely convinced in issuing
Business device.Described credible platform client is connected by EPA each other with remote validation server, described private
Key is issued centrally and remotely authentication server and connected each other by Internet.
The present embodiment uses the Efficient Remote method of proof towards industry control credible calculating platform, as shown in Fig. 2 including following
Step:
S101:Start.
S102:Private key issues central server and issues signature private key for creditable calculation modules TPM.
S103:Credible platform client with creditable calculation modules TPM interactive computing signature values by being used as platform credible
Remote proving.
S104:Remote validation server receives remote proving, and the public ginseng of central server offer is issued using private key
Number checking proves validity.
Specifically, S101 includes step 1 and step 2 again.
Step 1:Private key, which is issued, is centrally generated remote proving associated cryptographic parameter.
The private key center of issuing needs to generate associated cryptographic parameter to perform the specific algorithm of identity-based digital signature, this
The Bilinear Pairing group that embodiment uses is based on Barreto-Naehrig (BN) elliptic curves E:y2=x3+b。
For b ≠ 0, wherein order of a curve and finite field can be defined by following multinomials:
Q (s)=36s4-36s3+18s2-6s+1;
P (s)=36s4-36s3+24s2-6s+1;
To generate above-mentioned elliptic curve E, first by randomly select s values come the polynomial value q (s) of above-mentioned two with
P (s) is prime number, then chooses b values to generate a rank be q finite fields FpOn elliptic curve.In the present embodiment, build ellipse
Circular curve choose parameter be:S=-7493989779944505618, b=18, q (s) and p (s) value size are 256-bit,
To meet 128-bit level of security.
Based on the curve, curve E (F are chosenp) on rational point (Rational Points) be used as group G;Choose finite fieldQ ranks subgroup as group GT, wherein finite fieldOn element by one on multinomial X12+ 6 polynomial basis comes
Represent.Utilize the group G and G of generationT, it is possible to achieve Ate Bilinear Pairing algorithms, that is, there is e:G×G→GTSet up, wherein e is
Bilinear map, GTFor Maps Group.
Step S201:One first g ∈ G of generation of random selection, master keyWhereinFor rank p integer fields, and
Calculate public key pk=gmk。
Step S202:Select two hash functions:Hash2:{ 0,1 }*→ G, wherein
{ 0,1 }*Random length binary stream is represented,Represent multiplicative group, in the present embodiment, Hash1For SHA-256, Hash2For
SHA-128。
By above-mentioned steps, it is (g, pk, Hash that private key, which issues the open parameter being centrally generated,1, Hash2), privately owned parameter is
Master key mk.And open parameter is utilized from signature key generation digital certificate Certpp。
Step 2:Private key issues central server and generates signature private key to credible calculating platform module.
Without loss of generality, private key is issued center and is generally responsible for by credible calculating platform module TPM manufacturers, is given birth in TPM
During production, private key is injected into chip by hardware devices such as private key rifles.Specific key produces flow chart such as Fig. 3
It is shown, by step S102 to step 3 is undergone between step S103, specifically comprise the steps of:
Step S301:According to credible platform module TPM unique ID value id, similar MAC Address addressing rule can be used raw
Into the ID values, Hash is utilized2Calculate signature verification key vk=Hash2(id)。
Step S302:According to credible platform module TPM unique ID value id, and master key mk, Hash is utilized2For this
TPM calculates signature private key sk=Hash2(id))mk。
Step S303:Signature private key sk is stored in credible platform module TPM key non-volatile storage area.
By above-mentioned steps, private key issues center and generates signature private key for credible platform module TPM, and is stored in TPM
In internal non-volatile memory block, TPM can be read the signature private key and carry out corresponding calculating operation when carrying out remote proving.
Step 3:Industry control credible calculating platform proves its security to remote validation server.
In the present embodiment, industry control credible calculating platform is mainly by credible platform client and credible calculating platform module
TPM is formed.When remote validation server before remote service is provided for industry control credible calculating platform, it is necessary to verify the platform
Credible and security, the validity of credible platform module TPM AIK certificates is first verified that, that is, ensures the credibility of the platform,
Secondly the security of user platform, remote proving flow chart are verified according to the platform configuration register PCR value of platform offer
As shown in Figure 4.By step S103 to step 4 is undergone between step S104, specifically comprise the steps of:
Step S401:PRNG chooses a random number inside credible platform client call TPM
For ensuring message freshness.
Step S402:Credible platform client call credible platform module TPM remote provings are instructed, and random number r is made
For remote proving challenging value.After TPM receives instruction, signature value relevant parameter, bag are calculated by the signature private key of storage inside
Include:Sign the first element u=gr, signature second element v=vkr×skh, wherein cryptographic Hash h=Hash1(mPCR, u), mPCRIt is flat
Platform configuration information, it is stored in TPM inside panel configuration information registers PCR.
Step S403:Credible platform client is by signature value σ=(u, v) and platform configuration information mPCRAs long-range card
It is bright, it is sent to remote validation end server.
Step 4:Remote validation server authentication remote proving.
Remote validation server is after the remote proving of industry control credible calculating platform transmission is received, it is necessary to according to the platform
Based on credible platform module TPM issue downloading digital certificate Cert at central server from private keyppFor follow-up long-range card
Bright verification;As shown in figure 5, by after S104 through going through following steps:
Step S501:Remote validation server issues center downloading digital certificate Cert from private keypp, including:Private key
Issue open parameter (g, pk, the Hash being centrally generated1, Hash2)。
Step S502:Remote validation server first determines whether platform configuration information mPCRWhether associated safety demand is met, if
Meet, carry out following step, otherwise flow terminates, and handles the safety problem according to corresponding security strategy.
Step S503:H '=Hash is calculated according to signature value and platform configuration information1(mPCR, u).
Step S504:According to remote validation end server end reserve on the unique ID of the TPM corresponding to signature verification it is close
Key, verifies whether following equatioies are set up:E (vk, u × pkh′)=e (g, v), if invalid, it is invalid label to show the signature
Name;Otherwise show that signature is effective, further indicate that the security and credibility of the credible platform client.
If meeting the demand for security of remote validation server, checking is above passed through, then remote validation server is true
Believe the credibility and security of the credible platform, and service is provided for the industry control credible platform.
It is understood that above with respect to the specific descriptions of the present invention, it is merely to illustrate the present invention and is not limited to this
Technical scheme described by inventive embodiments, it will be understood by those within the art that, still the present invention can be carried out
Modification or equivalent substitution, to reach identical technique effect;As long as meet use needs, all protection scope of the present invention it
It is interior.
Claims (9)
- A kind of 1. Efficient Remote method of proof towards industry control credible calculating platform, it is characterised in that including:Credible platform client, remote validation server and private key issue center;The credible platform client includes credible platform module TPM and remote proving module;Described remote validation server is used to verify the signature value that credible platform client is generated, to pass through the credible of checking Platform client provides service;Described private key issues center and is used to according to the unique ID of TPM be that credible platform client issues signature private key, is responsible for TPM only The management of one ID values;Described credible platform module TPM is not direct to be interacted with outside entity, is realized by remote proving module real with the external world Interaction between body;Described remote proving module assist credible platform module TPM to private key issue center obtain it is unique according to its The signature private key of ID generations, the platform where proving client to remote validation server using the signature private key of acquisition is credible Platform.
- 2. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 1, its feature exist In:Under industrial control condition, the embedded credible platform module TPM of calculating platform client for industry control, and must follow can Believe the standard that computation organization proposes.
- 3. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 1, its feature exist In:Described unique ID, it is the global unique ID value formulated when credible platform module safety chip dispatches from the factory by manufacturer.
- 4. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 1, its feature exist In:Described signature private key is issued center by private key and issued for credible platform module TPM, is stored in inside TPM safety chips.
- 5. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 1, its feature exist In comprising the following steps:Step 1:Private key, which is issued, is centrally generated remote proving associated cryptographic parameter;Step 2:Private key issues center and issues signature private key to credible platform module TPM;Step 3:Credible platform client remote proves the security of credible platform client;Step 4:The validity of remote validation end server authentication remote proving.
- 6. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 5, its feature exist In the step 1 comprises the following steps:Step 1-1:Based on the Bilinear Pairing on elliptic curve, rank is selected as the multiplicative cyclic group G of prime number p, makes g as circulation The generation member of group, and have e:G×G→GTSet up, wherein e is bilinear map, GTFor Maps Group;Step 1-2:Randomly choose a master keyWhereinFor rank p integer fields, and calculate public key pk=gmk;Step 1-3:Select two hash functions:Hash2:{ 0,1 }*→ G, wherein { 0,1 }* Random length binary stream is represented,Represent multiplicative group;By above-mentioned steps, it is (g, pk, Hash that private key, which issues the open parameter being centrally generated,1, Hash2), it is close based on privately owned parameter Key mk.
- 7. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 5, its feature exist In the step 2 comprises the steps of:Step 2-1:According to credible platform module TPM unique ID value id, Hash is utilized2Calculate signature verification key vk=Hash2 (id);Step 2-2:According to credible platform module TPM unique ID value id, and master key mk, Hash is utilized2Calculate signature private key Sk=(Hash2(id))mk;Step 2-3:Signature private key sk is stored in credible platform module TPM key storage area;Private key issues center and generates signature private key for credible platform module TPM, and is stored in TPM internal non-volatiles memory block Interior, TPM reads the signature private key and carries out corresponding calculating operation when carrying out remote proving.
- 8. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 5, its feature exist In the step 3 comprises the following steps:Step 3-1:Choose a random numberTo ensure message freshness;Step 3-2:Signature value relevant parameter is calculated using the signature private key of credible platform module TPM storage insides, including:Signature First element u=gr, signature second element v=vkr×skh, wherein cryptographic Hash h=Hash1(mPCR, u), mPCRFor platform configuration Information;Step 3-3:By signature value σ=(u, v) and platform configuration information mPCRAs remote proving, remote validation clothes are sent to Business device.
- 9. a kind of Efficient Remote method of proof towards industry control credible calculating platform according to claim 5, its feature exist In the step 4 comprises the following steps:Step 4-1:After receiving signature value and platform configuration information, judge whether platform configuration information meets associated safety need Ask, following step is carried out if meeting, otherwise flow terminates, and handles the safety problem according to corresponding security strategy;Step 4-2:H '=Hash is calculated according to signature value and platform configuration information1(mPCR, u);Step 4-3:According to remote validation end server end reserve on the unique ID of the TPM corresponding to signature verification key, test Demonstrate,prove e (vk, u × pkh′Whether)=e (g, v) equation is set up:If invalid, it is invalid signature to show the signature;Otherwise show Signature is effective, further indicates that the security and credibility of the credible platform client.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710671181.4A CN107395366A (en) | 2017-08-08 | 2017-08-08 | A kind of Efficient Remote method of proof towards industry control credible calculating platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710671181.4A CN107395366A (en) | 2017-08-08 | 2017-08-08 | A kind of Efficient Remote method of proof towards industry control credible calculating platform |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107395366A true CN107395366A (en) | 2017-11-24 |
Family
ID=60355072
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710671181.4A Pending CN107395366A (en) | 2017-08-08 | 2017-08-08 | A kind of Efficient Remote method of proof towards industry control credible calculating platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107395366A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107947927A (en) * | 2017-12-07 | 2018-04-20 | 湖北文理学院 | A kind of id password cipher key processing method and system |
CN109409086A (en) * | 2018-09-21 | 2019-03-01 | 中国科学院信息工程研究所 | The device that return address is tampered in detection storehouse based on newly-increased instruction |
CN109409083A (en) * | 2018-09-21 | 2019-03-01 | 中国科学院信息工程研究所 | The device that return address is tampered in detection storehouse |
CN112468473A (en) * | 2018-11-16 | 2021-03-09 | 创新先进技术有限公司 | Remote certification method and device for trusted application program and electronic equipment |
CN112583594A (en) * | 2020-11-24 | 2021-03-30 | 北京数字认证股份有限公司 | Data processing method, acquisition device, gateway, trusted platform and storage medium |
CN114006691A (en) * | 2020-07-13 | 2022-02-01 | 华为技术有限公司 | Method and device for remote attestation |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101951388A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Remote attestation method in credible computing environment |
CN102594558A (en) * | 2012-01-19 | 2012-07-18 | 东北大学 | Anonymous digital certificate system and verification method of trustable computing environment |
-
2017
- 2017-08-08 CN CN201710671181.4A patent/CN107395366A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101951388A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Remote attestation method in credible computing environment |
CN102594558A (en) * | 2012-01-19 | 2012-07-18 | 东北大学 | Anonymous digital certificate system and verification method of trustable computing environment |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107947927A (en) * | 2017-12-07 | 2018-04-20 | 湖北文理学院 | A kind of id password cipher key processing method and system |
CN107947927B (en) * | 2017-12-07 | 2021-02-19 | 湖北文理学院 | Method and system for processing identification cipher key |
CN109409086A (en) * | 2018-09-21 | 2019-03-01 | 中国科学院信息工程研究所 | The device that return address is tampered in detection storehouse based on newly-increased instruction |
CN109409083A (en) * | 2018-09-21 | 2019-03-01 | 中国科学院信息工程研究所 | The device that return address is tampered in detection storehouse |
CN112468473A (en) * | 2018-11-16 | 2021-03-09 | 创新先进技术有限公司 | Remote certification method and device for trusted application program and electronic equipment |
CN112468473B (en) * | 2018-11-16 | 2023-10-24 | 创新先进技术有限公司 | Remote proving method and device for trusted application program and electronic equipment |
CN114006691A (en) * | 2020-07-13 | 2022-02-01 | 华为技术有限公司 | Method and device for remote attestation |
CN114006691B (en) * | 2020-07-13 | 2023-02-28 | 华为技术有限公司 | Method and device for remote attestation |
CN112583594A (en) * | 2020-11-24 | 2021-03-30 | 北京数字认证股份有限公司 | Data processing method, acquisition device, gateway, trusted platform and storage medium |
CN112583594B (en) * | 2020-11-24 | 2023-03-31 | 北京数字认证股份有限公司 | Data processing method, acquisition device, gateway, trusted platform and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107395366A (en) | A kind of Efficient Remote method of proof towards industry control credible calculating platform | |
CN104811450B (en) | The date storage method and integrity verification method of a kind of identity-based in cloud computing | |
Alladi et al. | A lightweight authentication and attestation scheme for in-transit vehicles in IoV scenario | |
CN111147472B (en) | Lightweight authentication method and system for intelligent electric meter under edge computing scene | |
CN110011795B (en) | Symmetric group key negotiation method based on block chain | |
CN107659395B (en) | Identity-based distributed authentication method and system in multi-server environment | |
CN103259662B (en) | A kind of new allograph based on Integer Decomposition problem and verification method | |
US8452974B2 (en) | Image processing apparatus, electronic signature generation system, electronic signature key generation method, image processing method, and program | |
CN103563288B (en) | Single-round password-based key exchange protocols | |
CN112152792A (en) | MTS-based mutually authenticated remote attestation | |
Chow et al. | Server-aided signatures verification secure against collusion attack | |
CN103733564A (en) | Digital signatures with implicit certificate chains | |
CN103765809A (en) | Implicitly certified public keys | |
TWI608722B (en) | Public key certificate method | |
CN105515778B (en) | Cloud storage data integrity services signatures method | |
CN108390866B (en) | Trusted remote certification method and system based on double-agent bidirectional anonymous authentication | |
CN104767611A (en) | Signcryption method from public key infrastructure environment to certificateless environment | |
CN109951276A (en) | Embedded device remote identity authentication method based on TPM | |
CN110932865B (en) | Linkable ring signature generation method based on SM2 digital signature algorithm | |
CN116707956A (en) | Zero knowledge proof-based internet of things equipment authentication method and device | |
Liang et al. | Physically secure and conditional-privacy authenticated key agreement for VANETs | |
CN112804260B (en) | Information transmission method and node based on block chain | |
CN109766716A (en) | A kind of anonymous bidirectional authentication method based on trust computing | |
CN106534077B (en) | A kind of identifiable proxy re-encryption system and method based on symmetric cryptography | |
CN107547199B (en) | Method for realizing forward safety repudiation key exchange protocol for improving network competitive bidding system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171124 |