一种基于TPM的手机第三方安全移动支付协议  

作　　者：刘永磊 金志刚 郝琨 张伟龙 Liu Yonglei;Jin Zhigang;Hao Kun;Zhang Weilong(School of Electrical and Information Engineering,Tianjin University,Tianjin 300072;School of Computer and Information Engineering,Tianjin Chengjian University,Tianjin 300384;Quality Management Center,Hebei Jiaotong Vocational and Technical College,Shijiazhuang 050035)

机构地区：[1]天津大学电气自动化与信息工程学院,天津300072 [2]天津城建大学计算机与信息工程学院,天津300384 [3]河北交通职业技术学院质量管理中心,石家庄050035

出　　处：《高技术通讯》2021年第6期581-588,共8页Chinese High Technology Letters

基　　金：国家自然科学基金(61902273)资助项目。

摘　　要：为解决in-APP第三方支付中密钥泄漏、信息显示不全、商家APP缺乏预信任等问题,采用着色Petri网(CPN)模型对现有的订单篡改、通知假冒、订单替换、非授权查询4种攻击进行建模分析,并通过推导不安全状态的可达性验证in-APP第三方支付系统存在的安全漏洞。提出了基于可信平台模块(TPM)的新的支付协议模型,该模型利用TPM生成安全私钥用于改进数字签名和防止用户和商家APP串谋攻击等方面。安全性分析表明,相较于原协议,新的安全模型引入随机数抵御重放攻击,通过TPM安全芯片生成公私钥对,抵御因密钥泄漏引发的订单篡改与替换、通知假冒和非授权查询4种网络攻击,并通过协议中的额外安全性补偿机制解决了串谋攻击和订单信息显示不全等问题。To solve the problems of key leakage,incomplete display of order information and lack of pre-trust of merchant APP in in-APP third-party payment,a new secure payment model for in-APP third-party payment is proposed.In view of the existing attacks of order tampering,notification forging,order substituting and unauthorized querying,the mobile payment protocol is analyzed by color Petri net(CPN) model,and the accessibility of the unsafe state is proved.Therefore the security vulnerabilities of in-APP third-party payment are verified.A new payment protocol model and improvement strategy based on trusted platform module(TPM) are proposed.The model uses TPM to generate the secure private key for improving digital signature and preventing colluding attack between user and merchant APP.Security analysis shows that compared with the original protocol,the new security model introduces nonce to resist replay attack,generates public and private key pairs through the PPM security chip,and prevents four kinds of network attacks of order tampering and substituting,notification forging and unauthorized querying which are brought by key leakage.The new security model also solves the problems of colluding attack and incomplete display of order information through the additional security compensation mechanism in the protocol.

关 键 词：电子商务 移动支付 第三方 着色Petri网(CPN) 可信计算模块(TPM) 

分 类 号：TP309[自动化与计算机技术—计算机系统结构] F724.6[自动化与计算机技术—计算机科学与技术] F832.2[经济管理—产业经济]