New Field of Information Security-trusted Proof Technology

The Internet has become a part of people's life because of its information sharing and convenient use. The Internet has become the main carrier of information transmission and resource sharing. However, as the Internet and various interests are increasingly closely linked, the contradiction between security threats and security usage becomes increasingly acute. In the network environment, everyone wants to know whether their computer can continue to believe that it has not been used by hackers after a period of network activity; network service providers also want to confirm whether a terminal is trustworthy before it is allowed to access its service system; customers of online banking also want to know whether the system can be trusted by customers when they transfer money to a bank's service system through the network; cloud computing users are equally concerned about whether the cloud computing server is trustworthy. It can be seen that the host security requirements are getting higher and higher in the distributed computing environment. In this case, how to prove the security and credibility of communication terminals has become an important topic in the field of computer security, the Remote Attestation Technology is at the forefront of this topic.

In recent years, trusted computing technologies have developed rapidly. By using these technologies, you can build a trusted runtime environment on a local host to ensure application security. The International Trusted Computing Organization (TCG, Trusted Computing Group), launched by many IT companies such as Microsoft, HP, and IBM, has joined hundreds of companies around the world, A series of standards related to Trusted computing are jointly developed, including the Trusted computing Module (TPM, Trusted Platform Module), Trusted Software Stack (TSS, Trusted Software Stack) and trusted computing platforms. TPM is the foundation of trusted computing technology. It is a security chip embedded on the hardware platform. It has a preset storage root of the key tree supporting the security system. By making rational use of various trusted computing technologies, we can build a hardware-based trust chain starting from TPM Trusted Root and gradually extend it to the entire hardware platform, finally, the trusted transmission from the underlying hardware to the upper-layer system is completed. The above method can effectively build a trusted computing environment on the local host, but it cannot be determined that the external host that communicates with it has a trusted computing environment, it is even more difficult to determine whether the communication is secure, especially in the network environment (such as P2P and grid computing. In addition, the attestation mechanism is also an important part of TCB. It proves that the mechanism can work with the measurement mechanism and the control mechanism to provide basic security services for the computing platform. This mechanism uses the measurement mechanism to measure the key attributes of the computing platform. Based on the measured values and system implementation rules, it can infer whether the computing platform is credible. In addition, the challenge party outside the remote certification technology can determine whether the certifier is in a trusted state based on the metrics of the certifier's security attributes and other content, the Inquirer can provide services based on the status of the certifier. In addition, it can also isolate untrusted hosts. Therefore, the research proves that the mechanism can provide a basis for ensuring the security and reliability of the computing platform, and the use of the trusted remote proof technology can effectively solve the proof of the credibility of the Communication host in the network environment, to some extent, it is conducive to improving the security threats of the network environment.

Trusted Computing is currently a hot topic in the field of information security, proving that the problem is one of the most important issues of trusted computing. Because credibility is based on proof, only proof can establish a trusted relationship in an untrusted environment. The rapid development of trusted computing technologies at home and abroad has also led to the continuous deepening of research on evidentiary issues. These research work covers a wide range of fields, from computing platforms to applications, from the overall architecture to specific protocols, from the upper-layer system to the underlying hardware are included in the study of credibility. The Remote Attestation concept proposed by TCG makes the research on the proof problem a hot topic in the information security field. In the TCG specification, Attestation is one of the three basic features of a trusted computing platform. For the authentication of platform Identity and platform configuration status, TCG divides the authentication into two forms. One is the authentication of the platform ID (Attestation of Identity ). A platform can provide platform-related certificates to prove that the platform is a trusted entity. The endorsement certificate is a platform-related certificate. Its function is to provide evidence that the platform has a valid TPM embedded. The other is the proof of the Platform configuration information, known as the proof of the Platform (Attestation of Platform), is a report computing Platform configuration register (PCR) integrity measurement mechanism. In the verification process described in the TCG specification, TPM uses the Private Key signature PCR value stored in the RSA signature algorithm, and sends the measurement report together to the inquirer. The Inquirer obtains the PCR value using the public key, recalculates the PCR value using the measurement report, and then compares it with the obtained PCR value to verify whether the integrity of the computing platform is damaged. However, the proof solution under the TCG architecture cannot adapt to complex computing environments, and hinders the development of trusted computing in distributed environments. Subsequently, a large number of researchers conducted a lot of research work on the problems existing in the TCG certification solution, these efforts will prove the problem from a simple second-level proof method gradually developed into a more suitable dynamic feature-based proof problem in complex environments. The US National Security Agency (NSA) also attaches great importance to this issue. In view of the lack of flexibility in the current TCG solution, the NSA Technical Report Attestation: in Evidence and Trust, the framework and principles of the proof scheme are redefined, and a reference scheme for the design proof system is provided.

For the process of attestation, the evidentiary party shall provide credible evidence related to the attestation, including the actual behavior of the evidentiary party and the evidentiary party's integrity information, after obtaining the trusted evidence, the inquirer needs to verify the expected behavior or integrity information. Based on the verification results, the inquirer determines whether the party has the credibility. To put it simply, credibility is a goal and proof is a means. For example, if a user wants to know whether the remote or local computer is credible, prove the technology as a means to achieve this goal.