基于Merkle树的TPM单一密钥撤销  被引量：1

作　　者：余发江[1] 申淦 张焕国[1] YU Fa-jiang;SHEN Gan;ZHANG Huan-guo(Key Laboratory of Aerospace Information Security and Trusted Computing(Ministry of Education),School of Cyber Science and Engineering,Wuhan University,Wuhan,Hubei 430040,China)

机构地区：[1]武汉大学国家网络安全学院空天信息安全与可信计算教育部重点实验室,湖北武汉430040

出　　处：《电子学报》2023年第4期792-800,共9页Acta Electronica Sinica

基　　金：国家自然科学基金(No.61772384)。

摘　　要：可信平台模块(Trusted Platform Module,TPM)内部存储空间有限,TPM生成的密钥绝大部分并不会存储于较为安全的TPM内部,而是经过父密钥加密之后再存储于外部存储空间,不完全受TPM控制.在单一密钥无效的情况下,TPM1.2和TPM2.0规范中未提供相关命令来撤销该密钥,只提供了撤销所有密钥的命令,这在多数情况下不方便且降低了TPM的可用性.但是如果不撤销该无效的密钥,攻击者可能会将其加载到TPM中使用,会带来安全隐患.因此,本文基于Merkle树提出了一种能进行单一密钥撤销的密钥管理方案.通过构建动态或者静态Merkle树的方式,将TPM生成的密钥链接到树的叶结点进行密钥管理,在需要的时候可撤销单一无效密钥而不会影响其他有效密钥的正常使用.与基于黑白名单撤销TPM密钥的方案相比,在本文方案中,TPM内部仅需额外保存树的根结点,其余结点存储于TPM的外部,该方案的开销与树能管理的密钥数成对数关系,而黑白名单方案的开销则与被撤销密钥或者未被撤销密钥数量成线性关系;与基于变色龙散列函数构建树来撤销TPM密钥的方案相比,本文的方案更加简便,降低了计算的复杂性.本文基于TPM2.0模拟器构建了一个原型系统,经测试达到了预期目标,具备较好的实用性.As the internal storage space of trusted platform module(TPM)is limited,most of the keys generated by TPM will not be stored inside TPM.Instead,these keys are encrypted by their parent keys and then stored in external stor⁃age space,which is not completely controlled by TPM.In case that one single key is invalid,TPM1.2 and TPM2.0 specifica⁃tions do not provide any commands to revoke this single key except the command to revoke all keys,which is inconvenient in most cases and reduces the availability of TPM.But if the invalid key is not revoked,an attacker may load it into the TPM for use and this will result in some security issues.Thus,this paper proposes a scheme based on Merkle tree to revoke single key.By constructing dynamic or static Merkle tree,the keys generated by TPM are linked to leaves of the tree for key management,which can revoke single invalid key if needed without affecting the normal use of other keys.Compared with the scheme based on blacklist and whitelist to revoke single key for TPM,our scheme shows only the root of the tree is stored inside the TPM and the remaining nodes are stored outside the TPM.The cost of the scheme has a logarithmic rela⁃tionship with the number of keys managed by the tree,while the cost of the scheme based on blacklist and whitelist is linear to the number of revoked or unrevoked keys.Compared with the scheme that constructs a tree based on chameleon hash function to revoke single key for TPM,our scheme is simpler and reduces the calculation complexity.This paper builds a prototype system based on TPM2.0 simulator.Through testing,the system achieves the expected goal and has good practica⁃bility.

关 键 词：可信平台模块 密钥撤销 MERKLE树 TPM模拟器 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]