Method for realizing dependable SSH based on dependable computing

A trusted computing and trusted technology, applied in key distribution, to achieve the effect of preventing replay attacks

Inactive Publication Date: 2010-06-16
BEIJING JIAOTONG UNIV
View PDF0 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Trusted computing can improve the security strength of secure channel technology by improving the security of the terminal, but there is no research report or software on the remote attestation of trusted computing applied to the SSH protocol

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing dependable SSH based on dependable computing
  • Method for realizing dependable SSH based on dependable computing
  • Method for realizing dependable SSH based on dependable computing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The method provided by the invention assumes that both the server and the client are equipped with trusted security chips in terms of hardware, and the BIOS of the server and the client supports TPM; and in terms of software, it assumes that the server and the client are installed with a measurement module and a trusted operating system. The measurement module determines the entity to be measured, the measurement time and the method of safely maintaining the measurement result. Its main functions include calculating the measurement value of those measured entities, recording the measurement event to the measurement storage log and recording the measurement value into the TPM specified PCR. The method of recording the measurement value into the PCR is: new PCR value=hash(original PCR value||measurement value). The metric storage log includes at least: the information of the entity being metric, the metric value and the metric time.

[0019] Combine below image 3 A det...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for realizing dependable SSH based on dependable computing. The method integrates remote authentication of the dependable computing with key exchange of an SSH protocol so as to closely combine platform status information verification with session key negotiation; and the method enhances the security of data at a communication end point on the premise that safe transmission of the data is ensured. The method requires that both a server and a client are provided with dependable security chips; and the platform status can be measured by a measurement module and a dependable operating system. The method can not only effectively prevent the security threat that the communication with an unknown end point by using a security channel may undergo various attacks in the SSH protocol, but also effectively protect against replay attack, impersonation attack and man-in-the-middle attack.

Description

technical field [0001] The invention relates to the field of computer information security, in particular to a method for realizing trusted SSH based on trusted computing. Background technique [0002] The SSH (Secure Shell) protocol is a security protocol developed by the network working group of the IETF to protect the data transmitted between the client and the server. The SSH protocol adopts a layered structure design, including four sub-protocols: SSH transport layer sub-protocol, user authentication sub-protocol, connection sub-protocol and file transfer sub-protocol. The first two sub-protocols are executed sequentially, among which the SSH transport layer sub-protocol is responsible for establishing a secure channel between the server and the client. series of algorithms), and key exchange. After the sub-protocol runs, a session key will be negotiated, which will be used to encrypt the authentication information in the user authentication phase, the communication da...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32H04L9/08
Inventor 常晓林左向晖韩臻刘吉强刘新明邢彬
Owner BEIJING JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap