A New Hierarchical Key AuthData Management Scheme for Trusted Platform

• Published in: 2010 International Conference on Multimedia Information Networking and Security pp. 463 - 467
• Main Authors: Weiping Peng, Yajian Zhou, Cong Wang, Yixian Yang, Yuan Ping
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.11.2010
• Subjects: Access control; AuthData management; Computers; Cryptography; Gold; hierarchical key management; Knowledge engineering; Performance evaluation; trusted computing
• ISBN: 9781424486267; 1424486262
• ISSN: 2162-8998
• DOI: 10.1109/MINES.2010.104

The purpose of TPM authorization mechanism is to authenticate the owner of a TPM or to authorize the use of an instance of a TPM capability. The TPM treats knowledge of the AuthData as complete proof of ownership of the entity. The main specification defines an authorized user must provide the parent key AuthData before loading its child key and provide the child key AuthData before using it. All users had to manage more and more AuthData values with the rapid increasing of keys. We have designed and analyzed a new hierarchical key AuthData management Scheme for trusted platform. In our scheme, each authorized user just needs to keep one single AuthData, and the computational requirement for generating or deriving an AuthData is just at the level of modular exponentiation and hash operation. Moreover, the lower level AuthData values can be easily derived from higher level AuthData along the same chain, but it is infeasible reversely. Even if more lower level AuthData values can't be colluded to calculate the higher level AuthData. The result of performance evaluation and security analysis demonstrates that our proposed method is feasible and security.