一种基于TPM的群签名方案

23220084()JOURNALOFZHENGZHOUUNIVERSITYOFLIGHTINDUSTRY(NaturalScience)Vol.23No.2Apr.2008:2007-11-27:(0511014300):(1982),,,,:.:1004-1478(2008)02-0080-03TPM1,2,1(1.,475004;2.,475004):TPM,,,,,.:;;;:TP393.08:AAgroupsignatureschemebasedonTPMLIUMing2li1,XIEYuan2,YUSu2ping1(1.CollegeofComp.andInfor.Eng.,HenanUniv.,Kaifeng475004,China;2.Comp.Center,HenanUniv.,Kaifeng475004,China)Abstract:AgroupsignatureschemewhichallowseachgroupmembertohaveaTPMisdesigned.TakingadvantageofthecharacteristicsofTPMinthescheme,differentgroupmembersaregivendifferentprivi2ledges,andthecorrectnessofgroupmemberscanbecontrolled.Atthesametime,theanonymityofthegroupmembersisalsoguaranteed.Keywords:trustedcomputing;trustedplatformmodule(TPM);knowledgeproof;groupsignature0D.ChaumE.VanHeyst1991[1].,:(),.,,,..,.,,.,.,,,.,,,,,:TPM..,,,,,,.,,,.,,.(trustedplatformmodule,TPM).TPM,TPM(trustedcomputinggroup,TCG).TCG[2].TCG,,,,TPM[3].TPM,.,TPM,TPM().,TPM,TPM,TPM.TPM,TPM,,,.11.11)Hash4p,q,p,q,p=2p+1,q=2q+1,n=pq.2)g,gQRn.3)xgxh,g=gxgmodnh=gxhmodn4)(g,h,n),(p,q,g,xg,xh).1.2TPM,TPMf,.TPMf,gfmodn,Li,.TPMf,TPM.,TPMf,TPM,TPM,[4-5].:1)TPMN=gfmodn,N.2)Li,N,.3)TPMf.:TPMrft=grfmodn,t;cTPM;TPMs(s=rf-cf);tNcgsmodn,.4)xv,v(v=Nxvmodn)TPM,TPMkv(v=vkmodn).1.3m,r0r1,N=gfmodn,y=gfhvmodn.c=h(ghgr0hr1m)S0=r0-cfS1=r1-cv(N,y,c,S0,S1).1.4N,.,c=h(ghycgs0hs1m),,.182()2DSARSA[5-6],TPM.1):TPM,.f,N,g,nf.2):TPM,.,,.3):,Ui,N,r0,r1,c=h(ghgr0hr1m)S0=r0-cfS1=r1-cvv,v.,.4):N,,.N,N.3TPM,,,.,.TPM,,.:[1]ChaumD,HeystEVan.GroupSignatures[A]//Proceed2ingsofEUROCRYPT91,LectureNotesinComputerScience[C].Berlin:Springer2Verlag,1991:257-265.[2]Trustedcomputinggroup.Trustedcomputinggroupde2sign,implementation,andusageprinciplesforTPM-basedplatformsversion1.0[EB/OL].(2005-01-22)[2007-11-28].[3]TrustedComputingGroup.Specification,ArchitectureO2verview,Specification(1.2Edition)[EB/OL].(2004-04-28)[2007-11-28].[4]BrickellE,CamenischJ,ChenL.DirectAnonymousAt2testation[A]//Proceedingsofthe11thACMConferenceonComputerandCommunicationsSecurity[C].NewYork:ACMPress,2004:132-145.[5]BrickellE,CamenischJ,ChenL.DirectAnonymousAt2testation[A]//EnsuringPrivacywithCorruptAdministra2tors[C].Berlin:Springer,2007:218-231.[6]NISTFIPSPUB186,DigitalSignatureStandard[S].[7]RivestR,ShmirA,LadlemanL.Amethodforobtainingdigitalsignatureandpublic2keycryptosystems[J].Com2municationoftheACM,1978,21(2):120.282008