Anonymous digital certificate system and verification method of trustable computing environment

Abstract

The invention relates to an anonymous digital certificate system and a verification method of a trustable computing environment, and the system and the method belong to the technical field of communication security. The invention provides the anonymous digital certificate system for the trustable computing environment; a public key infrastructure (PKI) system architecture is adopted in the system; an entity comprises a private certificate authority (CA) server, a remote verification server and a trustable platform client terminal; in the anonymous digital certificate system, the format of a certificate attestation identity key (AIK) meets an X509.V3 standard and is anonymous, so that the expandability of the system is enhanced on the one hand, and the privacy of the trustable platform client terminal is ensured on the other hand; and simultaneously, the system also has a good cross-platform characteristic.

Description

technical field [0001] The invention belongs to the technical field of communication security, and in particular relates to an anonymous digital certificate system and a verification method in a trusted computing environment. Background technique [0002] With the continuous development of electronic technology and network technology, people are more and more dependent on the network, especially communication technology has become an indispensable part of people's life, and network and information security are also increasingly affected by the development of technology. Widely concerned, in order to ensure the security of computing terminals, the Trusted Computing Group (Trusted Computing Group, TCG) proposed the concept of trusted computing, and formulated related standards to ensure the security of computing platforms. In a trusted computing environment, in order to verify whether a platform is credible, the platform needs to show its identity certificate. If the tradition...

AI Technical Summary

Problems solved by technology

In a trusted computing environment, in order to verify whether a platform is credible, the platform needs to show its identity certificate. If the traditional authentication method is used, the platform must submit its real identity information of the platform, which will destroy the privacy of platform users, and further It leads to statistical attacks on user identity information, and at the same time, it is no longer feasible for some applications with fairness and commercial confidentiality, such as electronic cash, electronic voting, electronic elections, anonymous communication, etc.

To this end, TCG proposed two methods to solve the privacy problem. One is the direct anonymous authentication method, but this method is based on a variety of cryptographic prototypes and is relatively complex and difficult to implement; the other is the authentication based on privacy CA (Privacy Certification Authority). Although the privacy problem can be well solved, there is still no commercial model available and the overall architecture has performance problems

Images