| 引用本文: |
-
陈立全,张子燕,羊子煜,刘苏慧.适用于分布式DHR系统的可追溯直接匿名认证方案[J].信息安全学报,已采用 [点击复制]
- chen li quan,zhang zi yan,yang zi yu,liu su hui.Traceable Direct Anonymous Authentication Scheme for Distributed DHR System[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 作为拟态防御技术的基本实现模型,动态异构冗余(Dynamic Heterogeneous Redundancy, DHR)系统在分布式场景下存在通信安全问题:由于缺乏对于异构执行体的诚实性度量以及匿名保护措施等原因,异构执行体被攻击者入侵的风险较高,且不易被察觉。目前尚未有针对该安全问题的较好解决方案。引入可信计算是可行的解决方案之一,但其直接匿名认证(Direct Anonymous Attestation, DAA)方案将使得分布式DHR系统的动态反馈失效,因此无法直接应用。为此,本文对DAA方案进行改进,提出了一种适用于分布式DHR系统的可追溯直接匿名认证方案(Traceable Direct Anonymous Authentication Scheme, Tra-DAA)。本方案将一致性裁决匿名化并引入追溯参数,以完成对异常平台的信息的追踪,从而实现了可追溯和匿名的功能;同时采用委托计算技术,使得TPM在Sign协议中仅需进行一次指数运算,将其计算量降到了理论最低值,提升了方案的运行效率。安全分析证明Tra-DAA在DL、DH、DBDH和LRSW假设下具备安全性,且实现了匿名、证书不可伪造以及签名不可伪造。理论分析表明Tra-DAA相比多种代表性DAA方案在TPM运算量上具备显著优势。实验结果表明,Tra-DAA中新增的可追溯功能在整体耗时中仅占5%,且Tra-DAA的整体效率相比TPM v2.0中的DAA方案有显著提升。具体来说,在Join协议、伪名为空的Sign/ Verifier协议,以及伪名不为空的Sign/Verifier协议阶段,TPM的计算耗时分别缩短了33%、50%与70%。 |
| 关键词: 拟态防御 动态异构冗余 直接匿名认证 可信计算 异构执行体 |
| DOI: |
| 投稿时间:2022-03-09修订日期:2022-05-25 |
| 基金项目:国家科技攻关计划 |
|
| Traceable Direct Anonymous Authentication Scheme for Distributed DHR System |
|
chen li quan1,2, zhang zi yan1, yang zi yu1, liu su hui1
|
| (1.School of Cyber Science and Engineering, Southeast University;2.Purple Mountain Laboratories) |
| Abstract: |
| As the basic implementation model of mimic defense technology, dynamic heterogeneous redundancy (DHR) system has a communication security problem in distributed scenarios: due to the lack of honesty measures and anonymity protection measures for heterogeneous executives, the risk of a heterogeneous execution party being invaded by an attacker is high and those invasions usually cannot be detected easily. There is currently no good solution for this security problem. The introduction of trusted computing is a feasible idea, but its direct anonymous authentication (DAA) scheme will invalidate the dynamic feedback of the distributed DHR system, so it cannot be directly applied. In this paper, we improve the DAA scheme and propose a traceable direct anonymous authentication scheme (Tra-DAA) for distributed DHR system. Anonymity and traceability are realized by anonymization consistent adjudication and the introduction of traceable parameters. Through the above mechanisms, the system can track the information of abnormal platforms. Meanwhile, using the technology of delegation of computation, the TPM only needs to perform an exponential operation in the Sign protocol, thus the computation amount of TPM is reduced to the theoretical minimum, and the operation efficiency of the scheme is improved. Security analysis proves that the Tra-DAA scheme is secure under the assumption of DL, DDH, DBDH, and LRSW, and realizes anonymity, unforgeability of certificate and unforgeability of signatures. Theoretical analysis indicates that the Tra-DAA has a significant advantage in the computation overhead of TPM compared with other representative DAA schemes. Experiments results show that the new traceability function in the Tra-DAA scheme accounts for only 5% of the overall time-consuming, and the overall efficiency of the Tra-DAA scheme is significantly improved compared with the DAA scheme in TPM v2.0. Specifically, during the execution of the Join protocol, the Sign/Verifier protocol with an empty pseudonym, and the Sign/Verifier protocol with a non-empty pseudonym, operation times of TPM are shortened by 33%, 50%, and 70%, respectively. |
| Key words: mimic defense dynamic heterogeneous redundancy direct anonymous authentication trusted computing heterogeneous execution party |
