可信计算平台中若干关键技术研究
|
摘要
面临当前计算机网络和信息安全的严峻形势,大部分网络信息安全系统主要是由传统的防火墙、入侵检测和病毒防范等“老三样”被动的防御技术措施组成。防御的办法就是捕捉黑客攻击和病毒入侵的特征信息,但由于该特征信息往往是已发生过的滞后的信息,因而不能够准确科学地预测和判断未来的侵袭变化,更不能防止来自内部和操作层面上的“内患”发生,其结果往往是顾此失彼,防不胜防。
为了有效地解决这些问题的根源,变被动防御为主动防御,近十多年来,无论是国内还是国外,无论是学术界还是企业界,可信计算技术一直是信息安全界研究的热点课题之一。目前可信计算技术的研究虽然取得了一些重要的成果,并且这些成果对信息系统安全的发展发挥了重要的作用,但是,由于可信计算技术的研究与实践仍处于发展阶段,还存在研究仍停留在工程技术层面、缺乏成熟理论模型支撑、体系结构不完整、应用操作复杂等问题。本文紧跟可信计算技术研究趋势,针对可信计算平台发展中所存在的若干关键问题展开研究。
如何实现方便可靠的可信计算平台的安全存储,如何实现安全有效的可信计算平台远程完整性报告,如何实现高效低耗的可信计算平台直接匿名认证机制等一直是可信计算技术领域重要研究课题。本文从可信计算平台原理、密钥管理机制、远程完整性报告机制和直接匿名认证机制四个方面对可信计算平台进行了详细的研究并提出了新的解决方案。本论文的主要贡献如下:
(1)对可信计算平台原理的研究
为了对可信计算平台有一个全面的了解和认识以及对可信计算平台中的若干关键技术进行深入的研究,本文中,我们对可信计算平台的核心技术——可信平台模块的组件组成及其各个组件的功能进行综述和分析,对可信计算平台体系架构的层次结构及其各个层次的组成和功能进行了分析和研究,对可信计算平台三大功能原理(安全存储、证明机制及完整性度量、存储和报告)进行了研究和分析,同时列举和分析了可信计算平台封装功能的若干应用场景。
(2)对可信计算平台密钥管理机制的研究
安全存储可信计算平台重要功能之一,密钥管理技术是安全存储核心技术之一。传统的可信计算平台密钥管理方案是基于RSA的公钥密码体制而设计的,该方法在装载密钥过程中,装载操作的次数跟装载目标对象的父密钥个数成正比,当密钥层次结构比较复杂的情况下,该方法效率较低。本文提出一种基于身份的可信计算平台密钥装载方案,该方法在装载过程中,装载操作的次数与密钥层次的复杂度无关,任何目标对象装载到TPM内部,装载操作的次数不超过两次。如此以来,该方案提高了装载效率,极大的方便了用户的操作,为可信计算安全存储功能的广泛应用起着一定的推动作用。
(3)对可信计算平台远程完整性报告机制的研究
可信计算平台远程完整性报告是可信计算平台一个重要的功能之一。传统的方案中,远程实体验证终端发送来的完整性报告时,它仅仅判断接收的完整性报告值的安全性,而不能确定具体是哪一个平台发送过来的完整性报告。这样就可能会产生中间人攻击问题:远程实体不能判定与之通信的实体与完整性报告所对应的实体是否是同一个实体。本文提出一种安全加强的可信计算平台完整性报告协议,该协议把远程平台完整性认证协议的流程集成到了SSL/TLS握手协议之中,有效的保证了跟服务器通信的实体与完整性报告对应的实体是同一个实体,从而有效的解决了传统可信计算平台完整性报告的中间人攻击问题,进一步加强了远程认证的安全。
(4)对可信计算平台直接匿名认证机制的研究
直接匿名认证(Direct Anonymous Attention, DAA)机制通过知识证明的方式向远程实体证明自身的身份,能够在远程平台认证中保护用户隐私。传统的方案计算要求严格、设计复杂、计算量大,对于计算性能较低的设备无法接受,从而阻碍了DAA方案的实施,进而阻碍可信计算技术的进一步普及,限制了其更广泛的应用。本文提出一个改进的基于双线性映射的,以q-SDH假设和DDH假设为安全基础的直接匿名认证方案,该方案需要更低的计算开销,不仅仅适合计算能力强大的PC设备,也适合低计算能力的智能设备(如手机),能够进一步缓解可信平台的计算瓶颈问题。
综上所述,论文紧密围绕可信计算平台原理、可信计算平台的密钥管理机制、可信计算平台远程完整性报告机制和可信计算平台直接匿名认证机制等关键技术的研究展开工作,文中分析以及提出的方法和解决方案,对可信计算平台原理的研究和实践及信息安全的理论研究将有积极的意义。
Faced with the current grim situation in computer network and information security, most of the network information security systems adopt such passive defensive technologies as the traditional firewall, intrusion detection and virus prevention in order to detect and catch the feature information of hacker attacks and virus intrusion. However, such feature information is usually lagged information that has happened, so that these systems fail to predict and determine the future invasion changes accurately and scientifically, much less to prevent the "inner threat/danger " arising from the inside and the operational level. As a result, those systems always carry with them defects and are inevitably subject to attacks.
In order to strike at the root of this problem and defend actively instead of passively, trusted computing technology has always been one of the hot topics in the field of information security for more than one decade, whether at home or abroad, in academic circle or business world. Up to now, the research on trusted computing technology has acquired some fruitful results, which contribute a lot to the development of information system security, however, due to the immature theory and practice of trusted computing technology, there remain some problems like the insufficient research on the technological level, lack of developed theoretical support, incomplete systematic structure, complicated applied implementation, etc. Following the trend of trusted computing technology, this dissertation focuses on some key problems of trusted computing platform in trusted computing development.
How to achieve convenient and reliable secure storage for trusted computing platform, how to ensure secure and effective remote integrity reporting for trusted computing platform, how to attain direct anonymous attestation with high efficiency but low cost for trusted computing platform, etc, have invariably been the important research points in the field of trusted computing technology. This dissertation conducts in-depth research into the theory of trusted computing platform and proposes some novel solutions from three aspects:key management, remote integrity reporting, direct anonymous attestation. The main contributions of this dissertation are as follows:
(1) Research on the theory of trusted computing platform(TCP).
In order to comprehensively know about trusted computing platform and conduct a deep research on some key technologies in trusted computing platform, this dissertation first of all introduces and analyzes the core technology of TCP—components of TCP's modules(Trusted Platform Module, TPM) and each component's function, then analyzes and investigates TCP's hierarchical structure and the construction and function of each level, and finally researches and analyzes the theory of three functionalities of TCP (secure storage, attestation mechanism, integrity measurement, storage and reporting). In the meantime, some applications of TCP seal function are also enumerated and analyzed.
(2) Research on key management in trusted computing platform.
Secure storage is one of the important functionalities in trusted computing platform, and key management is one of the core technologies of secure storage. The traditional key management scheme for trusted computing platform is RSA-based public key cryptography system. In this scheme, the loading times are the same as the number of the loaded object's parent objects. When the TPM key storage hierarchy is very complex, the response speed of loading can be lowered. This dissertation proposes an identity-based TPM key loading scheme. In this scheme, key-loading times are is irrelative to the complexity of TPM key storage hierarchy, so the loading times are not more than twice when any target object is loaded into TPM. In this way, this scheme can improve loading efficiency and brings great convenience to users, which may give certain impetus to the wide application of secure storage in TCP.
(3) Research on remote integrity reporting in trusted computing platform.
Remote integrity reporting is one of the important functionalities in trusted computing platform. In the traditional scheme, when attesting the integrity reporting sent from the terminal, the remote entity can only discern the security of integrity reporting it receives, but it fails to distinguish which Trusted Platform the integrity reporting comes from. As a result, the scheme is easy to suffer a man-in-the-middle(MiTM) attack: the remote entity fails to identify whether the entity with which it communicates is the same as the one involved in the integrity reporting. This dissertation proposes a security-enhanced remote platform integrity reporting protocol. This protocol integrates the process of the remote platform integrity attestation protocol into the SSL/TLS handshake protocol, and ensures that the entity communicating with the server is identical to the one involved in the integrity reporting, which successfully solves the problem of MiTM in the traditional remote integrity reporting in trusted computing platform, and further enhances the security of remote attestation.
(4) Research on direct anonymous attestation in trusted computing platform.
Direct Anonymous Attestation(DAA) can attest its identity to remote entity by the proof of knowledge, thereby protecting user's privacy. The traditional DAA scheme is high in requirement, complicated in design and time-consuming that it is unavailable for those equipments with low computing ability, which serves as an obstacle in the application of DAA scheme, and further prevents TCP from widespread usage. This dissertation proposes a new DAA scheme based on bilinear maps under the assumption of q strong Diffie-Hellman and decisional Diffie-Hellman that adapts the limited computational resource of TPM. This scheme can reduce the computational expenses and can efficiently relieve the computation bottleneck of trusted platform, thus making it suitable to be used in equipment with high computing efficiency like PC or intelligent instrument with low computing efficiency like cell phone.
To sum up, this dissertation centers on TCP theory and such key technologies as key management system, remote integrity reporting and direct anonymous attestation in TCP. The methods and solutions that have been put forward will have the Positive meaning for the research and practice of TCP theory and information security theory.
为了有效地解决这些问题的根源,变被动防御为主动防御,近十多年来,无论是国内还是国外,无论是学术界还是企业界,可信计算技术一直是信息安全界研究的热点课题之一。目前可信计算技术的研究虽然取得了一些重要的成果,并且这些成果对信息系统安全的发展发挥了重要的作用,但是,由于可信计算技术的研究与实践仍处于发展阶段,还存在研究仍停留在工程技术层面、缺乏成熟理论模型支撑、体系结构不完整、应用操作复杂等问题。本文紧跟可信计算技术研究趋势,针对可信计算平台发展中所存在的若干关键问题展开研究。
如何实现方便可靠的可信计算平台的安全存储,如何实现安全有效的可信计算平台远程完整性报告,如何实现高效低耗的可信计算平台直接匿名认证机制等一直是可信计算技术领域重要研究课题。本文从可信计算平台原理、密钥管理机制、远程完整性报告机制和直接匿名认证机制四个方面对可信计算平台进行了详细的研究并提出了新的解决方案。本论文的主要贡献如下:
(1)对可信计算平台原理的研究
为了对可信计算平台有一个全面的了解和认识以及对可信计算平台中的若干关键技术进行深入的研究,本文中,我们对可信计算平台的核心技术——可信平台模块的组件组成及其各个组件的功能进行综述和分析,对可信计算平台体系架构的层次结构及其各个层次的组成和功能进行了分析和研究,对可信计算平台三大功能原理(安全存储、证明机制及完整性度量、存储和报告)进行了研究和分析,同时列举和分析了可信计算平台封装功能的若干应用场景。
(2)对可信计算平台密钥管理机制的研究
安全存储可信计算平台重要功能之一,密钥管理技术是安全存储核心技术之一。传统的可信计算平台密钥管理方案是基于RSA的公钥密码体制而设计的,该方法在装载密钥过程中,装载操作的次数跟装载目标对象的父密钥个数成正比,当密钥层次结构比较复杂的情况下,该方法效率较低。本文提出一种基于身份的可信计算平台密钥装载方案,该方法在装载过程中,装载操作的次数与密钥层次的复杂度无关,任何目标对象装载到TPM内部,装载操作的次数不超过两次。如此以来,该方案提高了装载效率,极大的方便了用户的操作,为可信计算安全存储功能的广泛应用起着一定的推动作用。
(3)对可信计算平台远程完整性报告机制的研究
可信计算平台远程完整性报告是可信计算平台一个重要的功能之一。传统的方案中,远程实体验证终端发送来的完整性报告时,它仅仅判断接收的完整性报告值的安全性,而不能确定具体是哪一个平台发送过来的完整性报告。这样就可能会产生中间人攻击问题:远程实体不能判定与之通信的实体与完整性报告所对应的实体是否是同一个实体。本文提出一种安全加强的可信计算平台完整性报告协议,该协议把远程平台完整性认证协议的流程集成到了SSL/TLS握手协议之中,有效的保证了跟服务器通信的实体与完整性报告对应的实体是同一个实体,从而有效的解决了传统可信计算平台完整性报告的中间人攻击问题,进一步加强了远程认证的安全。
(4)对可信计算平台直接匿名认证机制的研究
直接匿名认证(Direct Anonymous Attention, DAA)机制通过知识证明的方式向远程实体证明自身的身份,能够在远程平台认证中保护用户隐私。传统的方案计算要求严格、设计复杂、计算量大,对于计算性能较低的设备无法接受,从而阻碍了DAA方案的实施,进而阻碍可信计算技术的进一步普及,限制了其更广泛的应用。本文提出一个改进的基于双线性映射的,以q-SDH假设和DDH假设为安全基础的直接匿名认证方案,该方案需要更低的计算开销,不仅仅适合计算能力强大的PC设备,也适合低计算能力的智能设备(如手机),能够进一步缓解可信平台的计算瓶颈问题。
综上所述,论文紧密围绕可信计算平台原理、可信计算平台的密钥管理机制、可信计算平台远程完整性报告机制和可信计算平台直接匿名认证机制等关键技术的研究展开工作,文中分析以及提出的方法和解决方案,对可信计算平台原理的研究和实践及信息安全的理论研究将有积极的意义。
Faced with the current grim situation in computer network and information security, most of the network information security systems adopt such passive defensive technologies as the traditional firewall, intrusion detection and virus prevention in order to detect and catch the feature information of hacker attacks and virus intrusion. However, such feature information is usually lagged information that has happened, so that these systems fail to predict and determine the future invasion changes accurately and scientifically, much less to prevent the "inner threat/danger " arising from the inside and the operational level. As a result, those systems always carry with them defects and are inevitably subject to attacks.
In order to strike at the root of this problem and defend actively instead of passively, trusted computing technology has always been one of the hot topics in the field of information security for more than one decade, whether at home or abroad, in academic circle or business world. Up to now, the research on trusted computing technology has acquired some fruitful results, which contribute a lot to the development of information system security, however, due to the immature theory and practice of trusted computing technology, there remain some problems like the insufficient research on the technological level, lack of developed theoretical support, incomplete systematic structure, complicated applied implementation, etc. Following the trend of trusted computing technology, this dissertation focuses on some key problems of trusted computing platform in trusted computing development.
How to achieve convenient and reliable secure storage for trusted computing platform, how to ensure secure and effective remote integrity reporting for trusted computing platform, how to attain direct anonymous attestation with high efficiency but low cost for trusted computing platform, etc, have invariably been the important research points in the field of trusted computing technology. This dissertation conducts in-depth research into the theory of trusted computing platform and proposes some novel solutions from three aspects:key management, remote integrity reporting, direct anonymous attestation. The main contributions of this dissertation are as follows:
(1) Research on the theory of trusted computing platform(TCP).
In order to comprehensively know about trusted computing platform and conduct a deep research on some key technologies in trusted computing platform, this dissertation first of all introduces and analyzes the core technology of TCP—components of TCP's modules(Trusted Platform Module, TPM) and each component's function, then analyzes and investigates TCP's hierarchical structure and the construction and function of each level, and finally researches and analyzes the theory of three functionalities of TCP (secure storage, attestation mechanism, integrity measurement, storage and reporting). In the meantime, some applications of TCP seal function are also enumerated and analyzed.
(2) Research on key management in trusted computing platform.
Secure storage is one of the important functionalities in trusted computing platform, and key management is one of the core technologies of secure storage. The traditional key management scheme for trusted computing platform is RSA-based public key cryptography system. In this scheme, the loading times are the same as the number of the loaded object's parent objects. When the TPM key storage hierarchy is very complex, the response speed of loading can be lowered. This dissertation proposes an identity-based TPM key loading scheme. In this scheme, key-loading times are is irrelative to the complexity of TPM key storage hierarchy, so the loading times are not more than twice when any target object is loaded into TPM. In this way, this scheme can improve loading efficiency and brings great convenience to users, which may give certain impetus to the wide application of secure storage in TCP.
(3) Research on remote integrity reporting in trusted computing platform.
Remote integrity reporting is one of the important functionalities in trusted computing platform. In the traditional scheme, when attesting the integrity reporting sent from the terminal, the remote entity can only discern the security of integrity reporting it receives, but it fails to distinguish which Trusted Platform the integrity reporting comes from. As a result, the scheme is easy to suffer a man-in-the-middle(MiTM) attack: the remote entity fails to identify whether the entity with which it communicates is the same as the one involved in the integrity reporting. This dissertation proposes a security-enhanced remote platform integrity reporting protocol. This protocol integrates the process of the remote platform integrity attestation protocol into the SSL/TLS handshake protocol, and ensures that the entity communicating with the server is identical to the one involved in the integrity reporting, which successfully solves the problem of MiTM in the traditional remote integrity reporting in trusted computing platform, and further enhances the security of remote attestation.
(4) Research on direct anonymous attestation in trusted computing platform.
Direct Anonymous Attestation(DAA) can attest its identity to remote entity by the proof of knowledge, thereby protecting user's privacy. The traditional DAA scheme is high in requirement, complicated in design and time-consuming that it is unavailable for those equipments with low computing ability, which serves as an obstacle in the application of DAA scheme, and further prevents TCP from widespread usage. This dissertation proposes a new DAA scheme based on bilinear maps under the assumption of q strong Diffie-Hellman and decisional Diffie-Hellman that adapts the limited computational resource of TPM. This scheme can reduce the computational expenses and can efficiently relieve the computation bottleneck of trusted platform, thus making it suitable to be used in equipment with high computing efficiency like PC or intelligent instrument with low computing efficiency like cell phone.
To sum up, this dissertation centers on TCP theory and such key technologies as key management system, remote integrity reporting and direct anonymous attestation in TCP. The methods and solutions that have been put forward will have the Positive meaning for the research and practice of TCP theory and information security theory.
引文
[1]S. Lipner. Twenty Years of Evaluation Criteria and Commercial Technology. Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, California,1999.
[2]TCG:TCG Specification Architecture Overview. TCG Specification Version 1.2, The Trusted Computing Group (TCG), Portland, Oregon, USA,2003.
[3]TCG:TPM Main, Part 1:Design Principles. TCG Specification Version 1.2 Revision94, the Trusted Computing Group (TCG), Portland, Oregon, USA, 2006.
[4]D. Challener, K. Yoder, R. Catherman, D. Safford, L. V. Doom. A practical guide to trusted computing, IBM Press,2007.
[5]安 天 实 验 室 信 息 安 全 威 胁 综 合 报 告http://www.antiy.com/cn/security/2010/2010fh_information_security_threats_r oundup.htm.
[6]刘燕岭.内部攻击已成为网络安全的最大隐患.信息安全与通信保密,2008,(12):30.
[7]闵应骅.可信系统与网络.计算机工程与科学,2001,23(5):21-23.
[8]J. C. Laprie. Dependable Computing. Concepts limits, Special Issue FTCS25, Pasadena,1995:42-45.
[9]沈昌祥,张焕国,冯登国,曹珍富,黄继武.信息安全综述.中国科学,2007,37(2):129-155.
[10]张焕国,罗捷,金刚,朱志强,余发江,严飞.可信计算研究进展.武汉大学学报(理学版),2006,52(5):513-518.
[11]C. Mundie, et al. Trustworthy Computing. Microsoft PressPass, White Paper.
[12]ISO/IEC 15408-1:1999(E). Commen Crileria.1999.
[13]Antivirus Software:Frequntly Asked Questions. http://www.microsoft.com/ athome/security/protect/antibirus.mspx.
[14]Intrusion Detection FAQ. http://www.sans.org/resources/idfaq.
[15]Firewall White Paper-What Can't a Firewall Do? http://www.firewall-software.com/firewall-faqs/what_cant_firewall_do.html.
[16]赵佳.可信认证关键技术研究.[博士学位论文].北京交通大学.2008.
[17]陈幼雷.可信计算模型及体系结构研究.[博士学位论文].武汉大学.2006.
[18]熊光泽,常政威,桑楠.可信计算发展综述.计算机应用,2009,29(4):915-919.
[19]J. V. Neumann. Probabilistic logics and the synthesis of reliable organisms from unreliable components. Automata studies. Princeton:Princeton University Press,1956:43-48.
[20]V. P. Nelson. Fault-tolerant computing:Fundamental concepts. Computer,1990, 23(7):19-25.
[21]G. H. Nibaldi. Specification of a trusted computing base. Technical Report, M79-228, the MITRE Corporation, Bedford, MA, USA, Nov.1979.
[22]CSC-STD-001-83. Department of Defense trusted computer system evaluation criteria.1983.
[23]Department of defense computer security center. Department of Defense trusted computer system evaluation criteria. DoD, USA, Dec.1985.
[24]National Computer Security Center. Trusted network interpretation of the trusted computer system evaluation criteria, NCSC-TG-005. DoD, USA, July 1987.
[25]National Computer Security Center. Trusted database management system interpretation, NCSC-TG-021. DoD, USA, April.1991.
[26]Trusted Computing Platform Alliance. TCPA Design Philosophies and Concepts Version1.0. Jan.2001. http://www.trustedcomputinggroup.com.
[27]Trusted Computing Platform Alliance(TCPA). TCPA Main Specification Version 1.1b 2002-02. http://www.intel.com/cd/ids/developer/asmo-na/eng/ 20252.htm.
[28]TCG:TPM Main, Part 2:TPM Data Structures. TCG Specification Version 1.2 Revision 94, the Trusted Computing Group (TCG), Portland, Oregon, USA 2006.
[29]TCG:TPM Main, Part 3:Commands. TCG Specification Version 1.2 Revision 94, the Trusted Computing Group (TCG), Portland, Oregon, USA 2006.
[30]Intel. Intel Otellini Cites Silicon As The Engine Of Convergence, May 2003. http://www.intel.com/pressroom/archive/releases/20020909corp.htm.
[31]Microsoft. Micosoft Next Generation Security Computing Base-Technical FAQ. May 2003. http://technet.microsoft.com/en-us/library/cc723472.aspx.
[32]Microsoft. Micorosoft Palladium:A Business Overview. August 2002. http://www.microsoft.com/australia/resources/palladium+white+paper+public. pdf.
[33]国家密码管理局.可信计算密码支撑平台功能与接口规范.2007.
[34]刘克,单志广,王戟等.“可信软件基础研究”重大研究计划综述.中国科学基金,2008(3):145-151.
[35]闵应骅,冯登国. 《可信计算专辑》前言.计算机学报,2007,30(7):1-2.
[36]章照止主编.现代密码学基础.北京:北京邮电大学,2004.
[37]D. Hankerson, A. Menezes, S. Vanstone. Guide to Elliptic Curve Cryptography. March 2003.
[38]张焕国等译,D. Hankerson et al著.椭圆曲线密码学导论.北京:电子工业出版社,2005.
[39]A. Shamir. Idetity-based cryptosystems and signature schemes. Proceedings of CRYPTO 84 on Advances in cryptology. Springer-Verlag,1985, LNCS,196: 47-53.
[40]B. Waters. Efficient identity-based encryption without random oracles. Proceedings of EUROCRYPT'05 on Advances in cryptology. Springer-Verlag, 2005, LNCS,3984:114-127.
[41]K. G. Paterson, J. C. N. Schuldt. Efficient identity-based signatures secure in the standard model. Springer-Verlag,2006, LNCS,4058:207-222.
[42]F. Hess. Efficient identity based signature schemes based on pairings. Proceedings of SAC 2002. Springer-Verlag,2002, LNCS,2595:310-324.
[43]D. Boneh, M. Franklin. Identity based encryption from the Weil pairing. Proceedings of CRYPTO'01. Springer-Verlag,2001, LNCS,2139:231-229.
[44]F. Zhang, K. Kim. Efficient ID-based blind signature and proxy signature from bilinear pairings. Advance in Cryptology-crypto'2003. Springer-Verlag,2003, LNCS,2727:312-323
[45]Trusted Computing Group:TNC IF-T:Protocol Bindings for Tunneled EAP Methods Specification Version 1.1. Technical report, TCG,2008.
[46]T. Dierks and C. Allen. The TLS protocol version 1.0. RFC2246, Internet Engineering Task Force, Jan.1999.
[47]T. Dierks, E. Rescorla, and W. Teerse. The transport layer security (tls) protocol, version 1.1 (rfc 4346), April 2006.
[48]E. Brickell, J. Camenisch, and L. Chen. Direct anonymous attestation. In Proceedings of the 11th ACM Conference on Computer and Communications Secuyity. ACM Press,2004:132-145.
[49]D. Boneh, X. Boyen, H. Shacham. Short group signatures. In:Franklin, M. (ed.) CRYPTO 2004. Springer-Verlag,2004, LNCS,3152:41-55.
[50]A. Miyaji, M. Nakabay, and S. Takano, "New explicit conditions of elliptic curve traces for FR-reduction", IEICE Transformations on fundamentals,2001, E84-A(5):1234-1242.
[51]D. Boneh, X. Boyen. Short signatures without random oracles. In:Cachin C., Camenisch J.L. (eds.) EUROCRYPT 2004. Springer-Verlag,2004, LNCS, 3027:56-73.
[52]H. Ge and S. R. Tate. A Direct anonymous attestation scheme for embedded devices. In Public Key Cryptography-PKC 2007, Springer-Verlag,2007, LNCS 4450:16-30.
[53]E. Brickell, L. Chen, J. Li. A new direct anonymous attestation scheme from bilinear maps. Springer-Verlag,2008, LNCS,4968:166-178.
[54]E. Brickell, L. Chen, J. Li. Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. International Journal of Information Security,2009,8(5):315-330
[55]L. Chen, P. Morrissey, N. P. Smart. Pairings in trusted computing. Springer-Verlag,2008, LNCS,5209:1-17.
[56]L. Chen. A DAA scheme requiring less TPM resources. In:Proceedings of the 5th China International Conference on Information Security and Cryptology. Springer-Verlag,2011, LNCS,6151:350-365.
[57]L. Chen, P. Morrissey, N.P. Smart. DAA:Fixing the pairing based protocols. Cryptology ePrint Archive, Report,2009.
[58]X. Chen, D. Feng. Direct anonymous attestation for next generation TPM. Journal of Computers,2008,3(12):43-50.
[59]E. Brickell, J. Li. A Pairing-Based DAA Scheme Further Reducing TPM Resouses. Springer-Verlag,2010, LNCS,6101:181-195.
[60]Secure Hash Algorithm 1 (SHA 1). http://www.faqs.org/rfcs/rfc3174.html.
[61]R. Anderson. Cryptograph and Competition Policy-Issues with "Trusted Computing", in Proceedings of the 22nd annual symposium on principles of distributed computing,2003.
[62]Trusted Computing Group, TCG Software Stack (TSS) Specification, Version1.2, January 6,2006.
[63]R. Sailer, L. V. Doom, J. P. Ward. The role of TPM in Enterprise Security. Datenschutz und Datensicherheit (DuD),2004.
[64]R. Sailer, X. Zhang, T. Jaeger and L. V. Doom. Design and Implementation of a TCG-Based Integrity Measurement Architecture. In Thirteenth Usenix Security Symposium,2004(13):223-238.
[65]A. R. Sadeghi, C. Stueble. Property-based attestation for computing platforms: caring about properties, not mechanisms. In:NSPW'04:Proceedings of the 2004 workshop on New security paradigms, New York, NY, USA, ACM Press, 2004.
[66]J. Poritz, M. Schunter, E. V. Herreweghen, and M. Waidner. Property attestation-scalable and privacy-friendly security assessment of peer computers. Technical Report RZ 3548, IBM Research, May 2004.
[67]L Chen, H Lohr, M Manulis, A. R. Sadeghi. Property-Based Attestation without a Trusted Third Party. Springer-Verlag,2008, LNCS,5222:31-46.
[68]L. Chen, R. Landfermann, H. Lohr, M. Rohe, AR Sadeghi, C. Stuble, A protocol for property-based attestation, Proceedings of the first ACM workshop on Scalable trusted computing, Alexandria, Virginia, USA,2006.
[69]V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation:A virtual machine directed approach to trusted computing. In USENIX Virtual Machine Research and Technology Symposium, May 2004.
[70]N. Koblitz. Elliptic curve cryptosystems. Math Comp,1987,48:203-209.
[71]V. Miller. Uses of elliptic curves in cryptography. Advances in Cryptology-Proc'85. Springer-Verlag,1986, LNCS,218:417-426.
[72]A. J. Menezes. Elliptic Curve Public Key Cryptosystems. Boston:Kluwer Academic Publishers,1993.
[73]S. A. Miura. Overview of Elliptic Curve cryptography. Springer-Verlag,1998, LNCS,1431:29-49.
[74]B. Waters. Efficient Identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT'05, Springer-Verlag,2005, LNCS, 3494:114-127.
[75]C. Gentry. Practical Identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT'06, Springer-Verlag,2006, LNCS, 4404:445-464.
[76]V. S. Miller. The Weil Pairing, and Its Efficient Calculation. Journal of Cryptology.2004,17(4):235-261.
[77]S. D. Galbraith, K. Harrison, D. Soldera. Implementing the tate pairing. Springer-Verlag,2002, LNCS,2369:69-86.
[78]A. Joux. The weil and tate pairings as building blocks for public key cryptosystems. Springer-Verlag,2002, LNCS,2369:20-32.
[79]张险峰,秦志光,刘锦德.椭圆曲线加密系统的性能分析.电子科技大学学报,2001,30(2):144-147.
[80]A. K. Lenstra, E. R. Verheul. Selecting Cryptographic Key Size. Journal of Cryptology.2001,14(4):255-293.
[81]Vanstone, A. Scott. Elliptic Curve Cryptosystem-The Answer to Strong, Fast Public-key Cryptography for Securing Constrained Environments. Information Security Technical Report,1997,2(2):78-87.
[82]Stephen Thomas. SSL and TLS Essentials. Wiley, New York,2000.
[83]王杰.计算机网络安全的理论与实践.北京:高等教育出版社,2006:117-118.
[84]谭翔宇.一种基于TLS的安全多播系统的分析与实现.[硕士学位论文].北京邮电大学.2008.
[85]史俊明.基于TLS的安全邮件传输系统的研究与实现.[硕士学位论文].武汉理工大学.2009.
[86]D. Chaum and E. van Heyst. Group signatures. In D. W. Davies, editor, Advances in Cryptology-EUROCRYPT'91. Springer-Verlag,1991, LNCS, 547:257-265.
[87]G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A practical and provably secure coalition-resistant group signature scheme. In M. Bellare, editor, Advances in Cryptology-CRYPTO 2000. Springer-Verlag,2000, LNCS,1880: 255-270.
[88]Trusted Computing Group:TNC IF-T:Protocol Bindings for Tunneled EAP Methods Specification Version 1.1. Technical report, TCG,2008.
[89]F. Stumpf, O. Tafreschi, P. Roder, and C. Eckert. A Robust Integrity Reporting Protocol for Remote Attestation. In Second Workshop on Advances in Trusted Computing (WATC'06 Fall), Tokyo, Japan, November 2006.
[90]Y Gasmi, A. R. Sadeghi, P. Stewin, M. Unger and N. Asokan. Beyond secure channels. In STC'07:Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages:30-40,2007.
[91]Trusted Computing Group:Infrastructure Subject Key Attestation Evidence Extension Version 1.0, Revision 5. Technical report, TCG,2005.
[92]J. M. Alfred, A. V. Scott, C. Paul and V. Oorschot. Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton, FL,1996.
[93]S. Goldwasser, S. Micali and C. Racko. The knowledge complexity of interactive proof-systems. In STOC'85:Proceedings of the seventeenth annual ACM symposium on Theory of computing, pages:291-304,1985.
[94]Shanir A. and Fiat A, Method apparatus article for identification and signature, U. S. Patent, pages:678-698,1998.
[95]C. P. Schnorr. Method for identifying subscribers and for generating and Verifying electronic signatures in a data exchange system U. S. Patent 19, Feb. pages:995-999,1991.
[96]J. Camenisch and A. Lysyanskaya. Efficient non-Transferable anonymous nulti-show credential system with optional anonymity revocation. In B. Pfitzamann, editor, Advances in Cryptology-EUROCRYPT 2001. Springer-Verlag,2001, LNCS,2045:93-118.
[97]J. Camenisch and A. Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. In M. Yung, editor, Advances in Cryptology-CRYPTO 2002. Springer-Verlag,2002, LNCS,2442:61-76.
[98]J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In S. Cimato, C. Galdi, and G, Persiano, editors, Security in Communication Networks, Third International Conference, SCN 2002. Springer-Verlag,2003, LNCS,2576:268-289.
[99]Lysyanskaya. Signature schemes and applications to cryptographic protocol design. PhD thesis, Massachusetts Institute of Technology, Cambridge, Massachusetts, Sep.2002.
[100]G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A practical and provably secure coalition resistant group signature scheme. In M. Bellare, editor, Advances in Cryptology-CRYPTO 2000. Springer-Verlag,2000, LNCS,1880: 255-270.
[101]J. Camenisch and M. Michels. Separability and efficiency for generic group signature schemes. In M. Wiener, editor, Advances in Cryptology-CRYPTO 1999. Springer-Verlag,1999, LNCS,1666:413-430.
[102]刘明理.直接匿名证言方案的改进与实现.[硕士学位论文].河南大学.2008.
[103]甄鸿鹄.可信匿名认证的研究与应用.[硕士学位论文].解放军信息工程大学.2009.
[104]路静.基于直接匿名验证协议的多级安全访问控制技术研究.[硕士学位论文].上海交通大学.2009.
[105]曹陆林.直接匿名认证方案的研究与设计.[硕士学位论文].西安电子科技大学.2010.
[106]老巍婷.可信计算中的远程匿名认证.[硕士学位论文].中山大学.2007.
[107]J. Camenisch and A. Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In:Franklin, M. (ed.) CRYPTO 2004. Springer-Verlag,2004, LNCS,3152:56-72.
[108]A. Lysyanskaya, R. L. Rives, A. Sahai, S.Wolf. Pseudonym Systems. In:Heys H.M., Adams C.M. (eds.) SAC 1999. Springer-Verlag,2000, LNCS,1758: 184-199.
[2]TCG:TCG Specification Architecture Overview. TCG Specification Version 1.2, The Trusted Computing Group (TCG), Portland, Oregon, USA,2003.
[3]TCG:TPM Main, Part 1:Design Principles. TCG Specification Version 1.2 Revision94, the Trusted Computing Group (TCG), Portland, Oregon, USA, 2006.
[4]D. Challener, K. Yoder, R. Catherman, D. Safford, L. V. Doom. A practical guide to trusted computing, IBM Press,2007.
[5]安 天 实 验 室 信 息 安 全 威 胁 综 合 报 告http://www.antiy.com/cn/security/2010/2010fh_information_security_threats_r oundup.htm.
[6]刘燕岭.内部攻击已成为网络安全的最大隐患.信息安全与通信保密,2008,(12):30.
[7]闵应骅.可信系统与网络.计算机工程与科学,2001,23(5):21-23.
[8]J. C. Laprie. Dependable Computing. Concepts limits, Special Issue FTCS25, Pasadena,1995:42-45.
[9]沈昌祥,张焕国,冯登国,曹珍富,黄继武.信息安全综述.中国科学,2007,37(2):129-155.
[10]张焕国,罗捷,金刚,朱志强,余发江,严飞.可信计算研究进展.武汉大学学报(理学版),2006,52(5):513-518.
[11]C. Mundie, et al. Trustworthy Computing. Microsoft PressPass, White Paper.
[12]ISO/IEC 15408-1:1999(E). Commen Crileria.1999.
[13]Antivirus Software:Frequntly Asked Questions. http://www.microsoft.com/ athome/security/protect/antibirus.mspx.
[14]Intrusion Detection FAQ. http://www.sans.org/resources/idfaq.
[15]Firewall White Paper-What Can't a Firewall Do? http://www.firewall-software.com/firewall-faqs/what_cant_firewall_do.html.
[16]赵佳.可信认证关键技术研究.[博士学位论文].北京交通大学.2008.
[17]陈幼雷.可信计算模型及体系结构研究.[博士学位论文].武汉大学.2006.
[18]熊光泽,常政威,桑楠.可信计算发展综述.计算机应用,2009,29(4):915-919.
[19]J. V. Neumann. Probabilistic logics and the synthesis of reliable organisms from unreliable components. Automata studies. Princeton:Princeton University Press,1956:43-48.
[20]V. P. Nelson. Fault-tolerant computing:Fundamental concepts. Computer,1990, 23(7):19-25.
[21]G. H. Nibaldi. Specification of a trusted computing base. Technical Report, M79-228, the MITRE Corporation, Bedford, MA, USA, Nov.1979.
[22]CSC-STD-001-83. Department of Defense trusted computer system evaluation criteria.1983.
[23]Department of defense computer security center. Department of Defense trusted computer system evaluation criteria. DoD, USA, Dec.1985.
[24]National Computer Security Center. Trusted network interpretation of the trusted computer system evaluation criteria, NCSC-TG-005. DoD, USA, July 1987.
[25]National Computer Security Center. Trusted database management system interpretation, NCSC-TG-021. DoD, USA, April.1991.
[26]Trusted Computing Platform Alliance. TCPA Design Philosophies and Concepts Version1.0. Jan.2001. http://www.trustedcomputinggroup.com.
[27]Trusted Computing Platform Alliance(TCPA). TCPA Main Specification Version 1.1b 2002-02. http://www.intel.com/cd/ids/developer/asmo-na/eng/ 20252.htm.
[28]TCG:TPM Main, Part 2:TPM Data Structures. TCG Specification Version 1.2 Revision 94, the Trusted Computing Group (TCG), Portland, Oregon, USA 2006.
[29]TCG:TPM Main, Part 3:Commands. TCG Specification Version 1.2 Revision 94, the Trusted Computing Group (TCG), Portland, Oregon, USA 2006.
[30]Intel. Intel Otellini Cites Silicon As The Engine Of Convergence, May 2003. http://www.intel.com/pressroom/archive/releases/20020909corp.htm.
[31]Microsoft. Micosoft Next Generation Security Computing Base-Technical FAQ. May 2003. http://technet.microsoft.com/en-us/library/cc723472.aspx.
[32]Microsoft. Micorosoft Palladium:A Business Overview. August 2002. http://www.microsoft.com/australia/resources/palladium+white+paper+public. pdf.
[33]国家密码管理局.可信计算密码支撑平台功能与接口规范.2007.
[34]刘克,单志广,王戟等.“可信软件基础研究”重大研究计划综述.中国科学基金,2008(3):145-151.
[35]闵应骅,冯登国. 《可信计算专辑》前言.计算机学报,2007,30(7):1-2.
[36]章照止主编.现代密码学基础.北京:北京邮电大学,2004.
[37]D. Hankerson, A. Menezes, S. Vanstone. Guide to Elliptic Curve Cryptography. March 2003.
[38]张焕国等译,D. Hankerson et al著.椭圆曲线密码学导论.北京:电子工业出版社,2005.
[39]A. Shamir. Idetity-based cryptosystems and signature schemes. Proceedings of CRYPTO 84 on Advances in cryptology. Springer-Verlag,1985, LNCS,196: 47-53.
[40]B. Waters. Efficient identity-based encryption without random oracles. Proceedings of EUROCRYPT'05 on Advances in cryptology. Springer-Verlag, 2005, LNCS,3984:114-127.
[41]K. G. Paterson, J. C. N. Schuldt. Efficient identity-based signatures secure in the standard model. Springer-Verlag,2006, LNCS,4058:207-222.
[42]F. Hess. Efficient identity based signature schemes based on pairings. Proceedings of SAC 2002. Springer-Verlag,2002, LNCS,2595:310-324.
[43]D. Boneh, M. Franklin. Identity based encryption from the Weil pairing. Proceedings of CRYPTO'01. Springer-Verlag,2001, LNCS,2139:231-229.
[44]F. Zhang, K. Kim. Efficient ID-based blind signature and proxy signature from bilinear pairings. Advance in Cryptology-crypto'2003. Springer-Verlag,2003, LNCS,2727:312-323
[45]Trusted Computing Group:TNC IF-T:Protocol Bindings for Tunneled EAP Methods Specification Version 1.1. Technical report, TCG,2008.
[46]T. Dierks and C. Allen. The TLS protocol version 1.0. RFC2246, Internet Engineering Task Force, Jan.1999.
[47]T. Dierks, E. Rescorla, and W. Teerse. The transport layer security (tls) protocol, version 1.1 (rfc 4346), April 2006.
[48]E. Brickell, J. Camenisch, and L. Chen. Direct anonymous attestation. In Proceedings of the 11th ACM Conference on Computer and Communications Secuyity. ACM Press,2004:132-145.
[49]D. Boneh, X. Boyen, H. Shacham. Short group signatures. In:Franklin, M. (ed.) CRYPTO 2004. Springer-Verlag,2004, LNCS,3152:41-55.
[50]A. Miyaji, M. Nakabay, and S. Takano, "New explicit conditions of elliptic curve traces for FR-reduction", IEICE Transformations on fundamentals,2001, E84-A(5):1234-1242.
[51]D. Boneh, X. Boyen. Short signatures without random oracles. In:Cachin C., Camenisch J.L. (eds.) EUROCRYPT 2004. Springer-Verlag,2004, LNCS, 3027:56-73.
[52]H. Ge and S. R. Tate. A Direct anonymous attestation scheme for embedded devices. In Public Key Cryptography-PKC 2007, Springer-Verlag,2007, LNCS 4450:16-30.
[53]E. Brickell, L. Chen, J. Li. A new direct anonymous attestation scheme from bilinear maps. Springer-Verlag,2008, LNCS,4968:166-178.
[54]E. Brickell, L. Chen, J. Li. Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. International Journal of Information Security,2009,8(5):315-330
[55]L. Chen, P. Morrissey, N. P. Smart. Pairings in trusted computing. Springer-Verlag,2008, LNCS,5209:1-17.
[56]L. Chen. A DAA scheme requiring less TPM resources. In:Proceedings of the 5th China International Conference on Information Security and Cryptology. Springer-Verlag,2011, LNCS,6151:350-365.
[57]L. Chen, P. Morrissey, N.P. Smart. DAA:Fixing the pairing based protocols. Cryptology ePrint Archive, Report,2009.
[58]X. Chen, D. Feng. Direct anonymous attestation for next generation TPM. Journal of Computers,2008,3(12):43-50.
[59]E. Brickell, J. Li. A Pairing-Based DAA Scheme Further Reducing TPM Resouses. Springer-Verlag,2010, LNCS,6101:181-195.
[60]Secure Hash Algorithm 1 (SHA 1). http://www.faqs.org/rfcs/rfc3174.html.
[61]R. Anderson. Cryptograph and Competition Policy-Issues with "Trusted Computing", in Proceedings of the 22nd annual symposium on principles of distributed computing,2003.
[62]Trusted Computing Group, TCG Software Stack (TSS) Specification, Version1.2, January 6,2006.
[63]R. Sailer, L. V. Doom, J. P. Ward. The role of TPM in Enterprise Security. Datenschutz und Datensicherheit (DuD),2004.
[64]R. Sailer, X. Zhang, T. Jaeger and L. V. Doom. Design and Implementation of a TCG-Based Integrity Measurement Architecture. In Thirteenth Usenix Security Symposium,2004(13):223-238.
[65]A. R. Sadeghi, C. Stueble. Property-based attestation for computing platforms: caring about properties, not mechanisms. In:NSPW'04:Proceedings of the 2004 workshop on New security paradigms, New York, NY, USA, ACM Press, 2004.
[66]J. Poritz, M. Schunter, E. V. Herreweghen, and M. Waidner. Property attestation-scalable and privacy-friendly security assessment of peer computers. Technical Report RZ 3548, IBM Research, May 2004.
[67]L Chen, H Lohr, M Manulis, A. R. Sadeghi. Property-Based Attestation without a Trusted Third Party. Springer-Verlag,2008, LNCS,5222:31-46.
[68]L. Chen, R. Landfermann, H. Lohr, M. Rohe, AR Sadeghi, C. Stuble, A protocol for property-based attestation, Proceedings of the first ACM workshop on Scalable trusted computing, Alexandria, Virginia, USA,2006.
[69]V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation:A virtual machine directed approach to trusted computing. In USENIX Virtual Machine Research and Technology Symposium, May 2004.
[70]N. Koblitz. Elliptic curve cryptosystems. Math Comp,1987,48:203-209.
[71]V. Miller. Uses of elliptic curves in cryptography. Advances in Cryptology-Proc'85. Springer-Verlag,1986, LNCS,218:417-426.
[72]A. J. Menezes. Elliptic Curve Public Key Cryptosystems. Boston:Kluwer Academic Publishers,1993.
[73]S. A. Miura. Overview of Elliptic Curve cryptography. Springer-Verlag,1998, LNCS,1431:29-49.
[74]B. Waters. Efficient Identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT'05, Springer-Verlag,2005, LNCS, 3494:114-127.
[75]C. Gentry. Practical Identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT'06, Springer-Verlag,2006, LNCS, 4404:445-464.
[76]V. S. Miller. The Weil Pairing, and Its Efficient Calculation. Journal of Cryptology.2004,17(4):235-261.
[77]S. D. Galbraith, K. Harrison, D. Soldera. Implementing the tate pairing. Springer-Verlag,2002, LNCS,2369:69-86.
[78]A. Joux. The weil and tate pairings as building blocks for public key cryptosystems. Springer-Verlag,2002, LNCS,2369:20-32.
[79]张险峰,秦志光,刘锦德.椭圆曲线加密系统的性能分析.电子科技大学学报,2001,30(2):144-147.
[80]A. K. Lenstra, E. R. Verheul. Selecting Cryptographic Key Size. Journal of Cryptology.2001,14(4):255-293.
[81]Vanstone, A. Scott. Elliptic Curve Cryptosystem-The Answer to Strong, Fast Public-key Cryptography for Securing Constrained Environments. Information Security Technical Report,1997,2(2):78-87.
[82]Stephen Thomas. SSL and TLS Essentials. Wiley, New York,2000.
[83]王杰.计算机网络安全的理论与实践.北京:高等教育出版社,2006:117-118.
[84]谭翔宇.一种基于TLS的安全多播系统的分析与实现.[硕士学位论文].北京邮电大学.2008.
[85]史俊明.基于TLS的安全邮件传输系统的研究与实现.[硕士学位论文].武汉理工大学.2009.
[86]D. Chaum and E. van Heyst. Group signatures. In D. W. Davies, editor, Advances in Cryptology-EUROCRYPT'91. Springer-Verlag,1991, LNCS, 547:257-265.
[87]G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A practical and provably secure coalition-resistant group signature scheme. In M. Bellare, editor, Advances in Cryptology-CRYPTO 2000. Springer-Verlag,2000, LNCS,1880: 255-270.
[88]Trusted Computing Group:TNC IF-T:Protocol Bindings for Tunneled EAP Methods Specification Version 1.1. Technical report, TCG,2008.
[89]F. Stumpf, O. Tafreschi, P. Roder, and C. Eckert. A Robust Integrity Reporting Protocol for Remote Attestation. In Second Workshop on Advances in Trusted Computing (WATC'06 Fall), Tokyo, Japan, November 2006.
[90]Y Gasmi, A. R. Sadeghi, P. Stewin, M. Unger and N. Asokan. Beyond secure channels. In STC'07:Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages:30-40,2007.
[91]Trusted Computing Group:Infrastructure Subject Key Attestation Evidence Extension Version 1.0, Revision 5. Technical report, TCG,2005.
[92]J. M. Alfred, A. V. Scott, C. Paul and V. Oorschot. Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton, FL,1996.
[93]S. Goldwasser, S. Micali and C. Racko. The knowledge complexity of interactive proof-systems. In STOC'85:Proceedings of the seventeenth annual ACM symposium on Theory of computing, pages:291-304,1985.
[94]Shanir A. and Fiat A, Method apparatus article for identification and signature, U. S. Patent, pages:678-698,1998.
[95]C. P. Schnorr. Method for identifying subscribers and for generating and Verifying electronic signatures in a data exchange system U. S. Patent 19, Feb. pages:995-999,1991.
[96]J. Camenisch and A. Lysyanskaya. Efficient non-Transferable anonymous nulti-show credential system with optional anonymity revocation. In B. Pfitzamann, editor, Advances in Cryptology-EUROCRYPT 2001. Springer-Verlag,2001, LNCS,2045:93-118.
[97]J. Camenisch and A. Lysyanskaya. Dynamic accumulators and application to efficient revocation of anonymous credentials. In M. Yung, editor, Advances in Cryptology-CRYPTO 2002. Springer-Verlag,2002, LNCS,2442:61-76.
[98]J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In S. Cimato, C. Galdi, and G, Persiano, editors, Security in Communication Networks, Third International Conference, SCN 2002. Springer-Verlag,2003, LNCS,2576:268-289.
[99]Lysyanskaya. Signature schemes and applications to cryptographic protocol design. PhD thesis, Massachusetts Institute of Technology, Cambridge, Massachusetts, Sep.2002.
[100]G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik. A practical and provably secure coalition resistant group signature scheme. In M. Bellare, editor, Advances in Cryptology-CRYPTO 2000. Springer-Verlag,2000, LNCS,1880: 255-270.
[101]J. Camenisch and M. Michels. Separability and efficiency for generic group signature schemes. In M. Wiener, editor, Advances in Cryptology-CRYPTO 1999. Springer-Verlag,1999, LNCS,1666:413-430.
[102]刘明理.直接匿名证言方案的改进与实现.[硕士学位论文].河南大学.2008.
[103]甄鸿鹄.可信匿名认证的研究与应用.[硕士学位论文].解放军信息工程大学.2009.
[104]路静.基于直接匿名验证协议的多级安全访问控制技术研究.[硕士学位论文].上海交通大学.2009.
[105]曹陆林.直接匿名认证方案的研究与设计.[硕士学位论文].西安电子科技大学.2010.
[106]老巍婷.可信计算中的远程匿名认证.[硕士学位论文].中山大学.2007.
[107]J. Camenisch and A. Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In:Franklin, M. (ed.) CRYPTO 2004. Springer-Verlag,2004, LNCS,3152:56-72.
[108]A. Lysyanskaya, R. L. Rives, A. Sahai, S.Wolf. Pseudonym Systems. In:Heys H.M., Adams C.M. (eds.) SAC 1999. Springer-Verlag,2000, LNCS,1758: 184-199.