Abstract
This paper analyzes trusted network connect (TNC) protocols within the universally composable (UC) framework. We propose the first TNC model in the UC framework by first designing the TNC ideal functionality ℱTNC, the EAP ideal functionality ℱEAP and the EAP-TNC ideal functionality ℱE-PA. Then, we construct a trusted network connect protocol named TK-TNC that UC-realizes ℱTNC in the (ℱEAP, ℱE-PA)-hybrid model. Subsequently, we perform a security analysis on protocol D-H PN given in the TCG specification and show that this protocol cannot securely realize the EAP-TNC ideal functionality and be resistant to an attack. Finally, we propose an alternative protocol using the twin Diffie-Hellman key-exchange technique, named protocol TD-H PN, which can securely realize the EAP-TNC ideal functionality in the (ℱREG, ℱCERT)-hybrid model.
Similar content being viewed by others
References
Trusted Computing Group. TCG Specification Architecture Overview, Revision 1.4. August 2007
Trusted Computing Group. TNC Architecture for Interoperability, Specification Version 1.4, Revision 4. May 2009
Datta A, Derek A, Mitchell J C, et al. A derivation system and compositional logic for security protocols. J Comput Security, 2005, 13: 423–482
Datta A, Franklin J, Garg D, et al. A logic of secure systems and its application to trusted computing. In: IEEE Symposium on Security and Privacy (S&P). Washington DC: IEEE Computer Society, 2009
Canetti R. Universally composable security: A new paradigm for cryptographic protocols. A revised version (2005) is available at IACR Eprint Archive, http://eprint.iacr.org/2000/067 and at the ECCC archive, http://eccc.uni-trier.de/eccc-reports/2001/TR01-016
Trusted Computing Group. Subject Key Attestation Evidence Extension, Specification version 1, revision 7. June 16, 2005
Trusted Computing Group. TNC IF-T: Protocol Bindings for Tunneled EAP Methods Specification Version 1.1, Revision 10.21 May 2007
Trusted Computing Group. TNC IF-T: Binding to TLS Specification Version 1.0, Revision 16. 18 May 2009
Cash D, Kiltz E, Shoup V. The Twin Diffie-Hellman problem and applications. In: Advances in Cryptology—EUROCRYPT’ 08, Lecture Notes in Computer Science, Vol. 4965. Berlin: Springer-Verlag, 2008. 127–145
Trusted Computing Group. TPM Specification Vol. 2. March 2006
Institute for Electrical and Electronics Engineers (IEEE). IEEE802, Port-Based Network Access Control, IEEE Std 802.1X-2004. December 2004
Zhang F, Ma J F, Moon S J. Universally composable anonymous Hash certification model. Sci China Ser F-Inf Sci, 2007, 50: 440–455
Feng T, Li F H, Ma J F, et al. A new approach for UC security concurrent deniable authentication. Sci China Ser F-Inf Sci, 2008, 51: 352–367
Goldreich O. The Foundations of Cryptography. Cambridge: Cambridge University Press, 2001
Canetti R, Krawczyk H. Universally composable notions of key exchange and secure channels. In: Advances in Cryptology—EUROCRYPT’02, Lecture Notes in Computer Science, Vol. 2332. Berline: Springer-Verlag, 2002. 337–351
Canetti R. Universally composable signatures, certification,and authenticated communication. In: Proceedings of 17th Computer Security Foundations Workshop. Washington DC: IEEE Computer Society, 2004
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, J., Ma, J. & Moon, S. Universally composable secure TNC model and EAP-TNC protocol in IF-T. Sci. China Inf. Sci. 53, 465–482 (2010). https://doi.org/10.1007/s11432-010-0059-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-010-0059-z