Traditional message exchange based on asymmetric cryptography protect message and authenticate terminal by keys. But improperly managed keys and improperly configured endpoints can result in many shortcomings. So based on the new PC ar-chitecture proposed by trusted computing group, a new trusted transfer program is proposed, which protect message by signing with a more secure key and authenticate endpoint by its security configuration. Then based on properties seal, a trusted transfer protocol is designed to this program by Pederson commitment and zero-knowledge proof scheme. The security of this protocol is proved by random oracle model at last And a mobile payment scenario applied of this protocol exemplifies its meaningful use.%基于非对称密码学的传统信息交换机制中,通过密钥实现信息保密及平台身份认证的方式存在较多安全不足.由此,基于可信计算研究的新PC体系结构提出一种实现传输终端配置安全性认证和保障数据传输及使用安全的信息传输方案,并且基于属性封印的思想,采用Pederson承诺和离散对数不等的零知识证明该方案,设计了具体密码协议以实现该方案.通过随机预言模型证明了该协议的安全性,并将该协议应用于一个真实的移动支付实例,展示了其使用方式.
展开▼
