+

CN105227319A - A kind of method of authentication server and device - Google Patents

A kind of method of authentication server and device Download PDF

Info

Publication number
CN105227319A
CN105227319A CN201510697751.8A CN201510697751A CN105227319A CN 105227319 A CN105227319 A CN 105227319A CN 201510697751 A CN201510697751 A CN 201510697751A CN 105227319 A CN105227319 A CN 105227319A
Authority
CN
China
Prior art keywords
verified
server
metric
identity key
trusted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510697751.8A
Other languages
Chinese (zh)
Inventor
刘海伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
IEIT Systems Co Ltd
Original Assignee
Inspur Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Electronic Information Industry Co Ltd filed Critical Inspur Electronic Information Industry Co Ltd
Priority to CN201510697751.8A priority Critical patent/CN105227319A/en
Publication of CN105227319A publication Critical patent/CN105227319A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention provides a kind of method and device of authentication server, the method comprises: in server to be verified, arrange safety chip in advance, by safety chip, integrity measurement is carried out to described server to be verified, obtain at least one metric, at least one metric is stored in the PCR of safety chip respectively, obtain the fiducial value of the metric that each PCR is corresponding in server to be verified in advance, send checking request to server to be verified, in checking request, carry the information of PCR to be verified; Receive the metric to be verified in PCR to be verified corresponding to the information of the PCR to be verified that server to be verified returns; Judge that whether the fiducial value that metric to be verified and PCR to be verified are corresponding is identical, if so, then server to be verified is by checking, otherwise server to be verified is not by checking.The invention provides a kind of method and device of authentication server, can verify the integrality of server.

Description

一种验证服务器的方法及装置A method and device for authenticating a server

技术领域technical field

本发明涉及计算机技术领域,特别涉及一种验证服务器的方法及装置。The invention relates to the field of computer technology, in particular to a method and device for verifying a server.

背景技术Background technique

尤其涉及服务器主机安全信任链的构建,以及证明该信任链传递过程中主机完整性的状态。In particular, it involves the construction of the server host security trust chain, and the state of proving the integrity of the host during the transfer process of the trust chain.

随着云计算的日益成熟,云数据中心的建设也越来越普遍,数据中心的云主机安全问题也越来越受到重视。常规的安全检测方式都是对系统启动后进行安全防御,对系统启动之前以及启动过程,缺乏有效的保护及度量。如果系统在启动之前或者启动过程中被攻击,使得可信计算平台的服务器的关键文件被篡改,无法保证服务器的完整性,这会严重威胁可信计算平台的安全。现有技术中,无法验证服务器的完整性。With the increasing maturity of cloud computing, the construction of cloud data centers is becoming more and more common, and the security of cloud hosts in data centers is also receiving more and more attention. The conventional security detection method is to carry out security defense after the system is started, and lacks effective protection and measurement for the system before and during the start-up process. If the system is attacked before or during startup, the key files of the server of the trusted computing platform are tampered with, and the integrity of the server cannot be guaranteed, which will seriously threaten the security of the trusted computing platform. In the prior art, the integrity of the server cannot be verified.

发明内容Contents of the invention

有鉴于此,本发明提供了一种验证服务器的方法及装置,能够对服务器的完整性进行验证。In view of this, the present invention provides a method and device for verifying a server, which can verify the integrity of the server.

一方面,本发明提供了一种验证服务器的方法,包括:预先在待验证服务器中设置安全芯片,通过所述安全芯片对所述待验证服务器进行完整性度量,得到至少一个度量值,将所述至少一个度量值分别存储在安全芯片的平台配置寄存器PCR中,预先获取所述待验证服务器中每个PCR对应的度量值的基准值,还包括:On the one hand, the present invention provides a method for verifying a server, comprising: setting a security chip in the server to be verified in advance, performing integrity measurement on the server to be verified through the security chip, obtaining at least one measurement value, and converting the The at least one metric value is respectively stored in the platform configuration register PCR of the security chip, and the reference value of the metric value corresponding to each PCR in the server to be verified is obtained in advance, further comprising:

S1:向待验证服务器发送验证请求,所述验证请求中携带有待验证PCR的信息;S1: Send a verification request to the server to be verified, where the verification request carries information about the PCR to be verified;

S2:接收所述待验证服务器返回的所述待验证PCR的信息对应的待验证PCR中的待验证度量值;S2: Receive the metric value to be verified in the PCR to be verified corresponding to the information of the PCR to be verified returned by the server to be verified;

S3:判断所述待验证度量值与待验证PCR对应的基准值是否相同,如果是,则所述待验证服务器通过验证,否则,所述待验证服务器不能通过验证。S3: Judging whether the metric value to be verified is the same as the reference value corresponding to the PCR to be verified, if yes, the server to be verified passes the verification, otherwise, the server to be verified cannot pass the verification.

进一步地,所述S2,包括:Further, said S2 includes:

接收携带所述待验证度量值的远程证明签名,所述远程证明签名包括:经过所述待验证服务器的身份密钥私钥加密的所述待验证度量值的哈希值、所述待验证度量值的明文;Receive the remote attestation signature carrying the metric value to be verified, the remote attestation signature including: the hash value of the metric value to be verified encrypted by the identity key private key of the server to be verified, the metric value to be verified the plaintext of the value;

在所述S1之前,还包括:获取所述待验证服务器的身份密钥公钥;Before the S1, it also includes: obtaining the identity key public key of the server to be verified;

在所述S2之后,在所述S3之前,还包括:After said S2, before said S3, it also includes:

计算所述待验证度量值的明文的哈希值;calculating a hash value of the plaintext of the metric value to be verified;

用所述身份密钥公钥解密所述远程证明签名中的经所述身份密钥私钥加密的所述待验证度量值的哈希值,获得所述待验证度量值的哈希值;Decrypting the hash value of the metric value to be verified encrypted by the private key of the identity key in the remote attestation signature with the public key of the identity key to obtain the hash value of the metric value to be verified;

判断所述待验证度量值的明文的哈希值与所述待验证度量值的哈希值是否相等,如果是,则执行步骤S3,否则,结束当前流程。Judging whether the hash value of the plaintext of the metric value to be verified is equal to the hash value of the metric value to be verified, if yes, execute step S3, otherwise, end the current process.

进一步地,在所述S1之前,还包括:预先通过所述可信第三方给所述待验证服务器颁发身份密钥证书;Further, before the S1, it also includes: issuing an identity key certificate to the server to be verified through the trusted third party in advance;

在所述S3之前,还包括:Before said S3, also include:

接收所述待验证服务器与所述待验证度量值一起发来的所述身份密钥证书;receiving the identity key certificate sent by the server to be verified together with the metric value to be verified;

将所述身份密钥证书发送给所述可信第三方,以使所述可信第三方对所述可信密钥证书进行验证;sending the identity key certificate to the trusted third party, so that the trusted third party can verify the trusted key certificate;

接收所述可信第三方返回的验证结果,当所述身份密钥证书通过验证时,执行步骤S3,当所述身份密钥证书没有通过验证时,结束当前流程。Receive the verification result returned by the trusted third party, when the identity key certificate passes the verification, perform step S3, and when the identity key certificate does not pass the verification, end the current process.

进一步地,所述预先通过所述可信第三方给所述待验证服务器办法身份密钥证书,包括:Further, the pre-providing an identity key certificate to the server to be verified through the trusted third party includes:

A1:通过所述可信第三方获取所述待验证服务器的背书密钥公钥;A1: Obtain the public key of the endorsement key of the server to be verified through the trusted third party;

A2:通过所述可信第三方接收所述待验证服务器发来的身份密钥证书请求;A2: Receive the identity key certificate request from the server to be verified through the trusted third party;

A3:通过所述可信第三方,根据所述身份密钥证书请求生成所述身份密钥证书;A3: Generate the identity key certificate according to the identity key certificate request through the trusted third party;

A4:通过所述可信第三方,用所述可信第三方的签名密钥对所述身份密钥证书进行签名,并使用所述背书密钥公钥加密签名后的所述身份密钥证书;A4: Use the trusted third party to sign the identity key certificate with the signature key of the trusted third party, and use the public key of the endorsement key to encrypt the signed identity key certificate ;

A5:通过所述可信第三方,将通过所述背书密钥公钥加密的身份密钥证书发送给所述待验证服务器,以使所述待验证服务器利用所述安全芯片,通过背书密钥私钥解密通过所述背书密钥公钥加密的身份密钥证书,获得所述身份密钥证书。A5: Through the trusted third party, send the identity key certificate encrypted by the public key of the endorsement key to the server to be verified, so that the server to be verified can use the security chip to pass the endorsement key The private key decrypts the identity key certificate encrypted by the public key of the endorsement key to obtain the identity key certificate.

进一步地,在所述S1之前,还包括:生成证明挑战随机数;Further, before the S1, it also includes: generating proof challenge random numbers;

还包括:在所述验证请求对应的所有会话中添加所述证明挑战随机数。It also includes: adding the proof challenge random number in all sessions corresponding to the verification request.

进一步地,所述通过所述安全芯片对所述待验证服务器进行完整性度量,包括:对所述待验证服务器的基本输入输出系统BIOS、BootLoader、操作系统OS和应用程序中的一个或者多个进行完整性度量。Further, the performing integrity measurement on the server to be verified through the security chip includes: one or more of the basic input and output system BIOS, BootLoader, operating system OS and application programs of the server to be verified Perform integrity measurements.

另一方面,本发明提供了一种验证服务器的装置,包括:In another aspect, the present invention provides a device for verifying a server, including:

度量单元,用于在待验证服务器中设置安全芯片,通过所述安全芯片对所述待验证服务器进行完整性度量,得到至少一个度量值,将所述至少一个度量值分别存储在安全芯片的平台配置寄存器PCR中;A measurement unit, configured to set a security chip in the server to be verified, perform integrity measurement on the server to be verified through the security chip, obtain at least one measurement value, and store the at least one measurement value on the platform of the security chip respectively In the configuration register PCR;

第一获取单元,用于获取所述待验证服务器中每个PCR对应的度量值的基准值;A first obtaining unit, configured to obtain a reference value of a metric value corresponding to each PCR in the server to be verified;

发送单元,用于向待验证服务器发送验证请求,所述验证请求中携带有待验证PCR的信息;A sending unit, configured to send a verification request to a server to be verified, wherein the verification request carries information about a PCR to be verified;

接收单元,用于接收所述待验证服务器返回的所述待验证PCR的信息对应的待验证PCR中的待验证度量值;A receiving unit, configured to receive the metric value to be verified in the PCR to be verified corresponding to the information of the PCR to be verified returned by the server to be verified;

验证单元,用于判断所述待验证度量值与待验证PCR对应的基准值是否相同,如果是,则所述待验证服务器通过验证,否则,所述待验证服务器不能通过验证。The verification unit is configured to judge whether the metric value to be verified is the same as the reference value corresponding to the PCR to be verified, if yes, the server to be verified passes the verification, otherwise, the server to be verified cannot pass the verification.

进一步地,所述接收单元,用于接收携带所述待验证度量值的远程证明签名,所述远程证明签名包括:经过所述待验证服务器的身份密钥私钥加密的所述待验证度量值的哈希值、所述待验证度量值的明文;Further, the receiving unit is configured to receive a remote attestation signature carrying the metric value to be verified, and the remote attestation signature includes: the metric value to be verified encrypted by the identity key private key of the server to be verified The hash value of , the plaintext of the metric value to be verified;

还包括:第二获取单元,用于获取所述待验证服务器的身份密钥公钥;It also includes: a second obtaining unit, configured to obtain the identity key public key of the server to be verified;

还包括:远程证明签名验证单元,用于计算所述待验证度量值的明文的哈希值,用所述身份密钥公钥解密所述远程证明签名中的经所述身份密钥私钥加密的所述待验证度量值的哈希值,获得所述待验证度量值的哈希值,判断所述待验证度量值的明文的哈希值与所述待验证度量值的哈希值是否相等,当判断结果为是时,则通知所述验证单元,当判断结果为否时,结束对所述待验证服务器的验证。It also includes: a remote certificate signature verification unit, which is used to calculate the hash value of the plaintext of the metric value to be verified, and use the identity key public key to decrypt the remote certificate signature encrypted by the identity key private key. the hash value of the metric value to be verified, obtain the hash value of the metric value to be verified, and determine whether the hash value of the plaintext of the metric value to be verified is equal to the hash value of the metric value to be verified , when the judgment result is yes, then notify the verification unit, and when the judgment result is no, end the verification of the server to be verified.

进一步地,还包括:颁发单元,用于通过所述可信第三方给所述待验证服务器颁发身份密钥证书;Further, it also includes: an issuing unit, configured to issue an identity key certificate to the server to be verified through the trusted third party;

还包括:身份密钥证书验证单元,用于接收所述待验证服务器发来的所述身份密钥证书,将所述身份密钥证书发送给所述可信第三方,以使所述可信第三方对所述可信密钥证书进行验证,接收所述可信第三方返回的验证结果,当所述身份密钥证书通过验证时,通知所述验证单元,当所述身份密钥证书没有通过验证时,结束对所述待验证服务器的验证。It also includes: an identity key certificate verification unit, configured to receive the identity key certificate sent by the server to be verified, and send the identity key certificate to the trusted third party, so that the trusted The third party verifies the trusted key certificate, receives the verification result returned by the trusted third party, and notifies the verification unit when the identity key certificate passes the verification, and when the identity key certificate does not When the verification is passed, the verification of the server to be verified is ended.

进一步地,所述颁发单元,具体用于:Further, the issuing unit is specifically used for:

A1:通过所述可信第三方获取所述待验证服务器的背书密钥公钥;A1: Obtain the public key of the endorsement key of the server to be verified through the trusted third party;

A2:通过所述可信第三方接收所述待验证服务器发来的身份密钥证书请求;A2: Receive the identity key certificate request from the server to be verified through the trusted third party;

A3:通过所述可信第三方,根据所述身份密钥证书请求生成所述身份密钥证书;A3: Generate the identity key certificate according to the identity key certificate request through the trusted third party;

A4:通过所述可信第三方,用所述可信第三方的签名密钥对所述身份密钥证书进行签名,并使用所述背书密钥公钥加密签名后的所述身份密钥证书;A4: Use the trusted third party to sign the identity key certificate with the signature key of the trusted third party, and use the public key of the endorsement key to encrypt the signed identity key certificate ;

A5:通过所述可信第三方,将通过所述背书密钥公钥加密的身份密钥证书发送给所述待验证服务器,以使所述待验证服务器利用所述安全芯片,通过背书密钥私钥解密通过所述背书密钥公钥加密的身份密钥证书,获得所述身份密钥证书。A5: Through the trusted third party, send the identity key certificate encrypted by the public key of the endorsement key to the server to be verified, so that the server to be verified can use the security chip to pass the endorsement key The private key decrypts the identity key certificate encrypted by the public key of the endorsement key to obtain the identity key certificate.

进一步地,还包括:生成单元,用于生成证明挑战随机数;Further, it also includes: a generating unit, used to generate proof challenge random numbers;

还包括:添加单元,用于在所述验证请求对应的所有会话中添加所述证明挑战随机数。It also includes: an adding unit, configured to add the proof challenge random number in all sessions corresponding to the verification request.

进一步地,所述度量单元,在执行所述通过所述安全芯片对所述待验证服务器进行完整性度量时,具体执行:对所述待验证服务器的基本输入输出系统BIOS、BootLoader、操作系统OS和应用程序中的一个或者多个进行完整性度量。Further, the measurement unit, when executing the integrity measurement of the server to be verified through the security chip, specifically executes: the basic input and output system BIOS, BootLoader, and operating system OS of the server to be verified Integrity measurement with one or more of the applications.

通过本发明提供的一种验证服务器的方法及装置,在待验证服务器中设置安全芯片,通过安全芯片对待验证服务器进行完整性度量,将度量值存储到安全芯片的PCR中,将待验证PCR对应的待验证度量值与对应的基准值进行比较,如果待验证服务器被篡改过,二者将会不同,如果相同则说明待验证服务器是安全的,通过该方法及装置能够对服务器的完整性进行验证。Through a method and device for verifying a server provided by the present invention, a security chip is set in the server to be verified, and the integrity measurement of the server to be verified is performed through the security chip, and the measured value is stored in the PCR of the security chip, and the PCR to be verified corresponds to The metric value to be verified is compared with the corresponding benchmark value. If the server to be verified has been tampered with, the two will be different. If they are the same, it means that the server to be verified is safe. The integrity of the server can be checked by this method and device. verify.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are For some embodiments of the present invention, those skilled in the art can also obtain other drawings based on these drawings without creative work.

图1是本发明一实施例提供的一种验证服务器的方法的流程图;Fig. 1 is a flow chart of a method for verifying a server provided by an embodiment of the present invention;

图2是本发明一实施例提供的另一种验证服务器的方法的流程图;Fig. 2 is a flow chart of another method for verifying a server provided by an embodiment of the present invention;

图3是本发明一实施例提供的一种验证服务器的装置的示意图;Fig. 3 is a schematic diagram of a verification server device provided by an embodiment of the present invention;

图4是本发明一实施例提供的另一种验证服务器的装置的示意图。Fig. 4 is a schematic diagram of another device for verifying a server provided by an embodiment of the present invention.

具体实施方式detailed description

为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例,基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动的前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work belong to the protection of the present invention. scope.

如图1所示,本发明实施例提供了一种验证服务器的方法,该方法可以包括以下步骤:As shown in Figure 1, an embodiment of the present invention provides a method for verifying a server, which may include the following steps:

S0:预先在待验证服务器中设置安全芯片,通过所述安全芯片对所述待验证服务器进行完整性度量,得到至少一个度量值,将所述至少一个度量值分别存储在安全芯片的PCR(PlatformConfigurationRegister,平台配置寄存器)中,预先获取所述待验证服务器中每个PCR对应的度量值的基准值;S0: Set up a security chip in the server to be verified in advance, measure the integrity of the server to be verified through the security chip, obtain at least one measurement value, and store the at least one measurement value in the PCR (PlatformConfigurationRegister) of the security chip respectively , platform configuration register), pre-acquire the reference value of the measurement value corresponding to each PCR in the server to be verified;

S1:向待验证服务器发送验证请求,所述验证请求中携带有待验证PCR的信息;S1: Send a verification request to the server to be verified, where the verification request carries information about the PCR to be verified;

S2:接收所述待验证服务器返回的所述待验证PCR的信息对应的待验证PCR中的待验证度量值;S2: Receive the metric value to be verified in the PCR to be verified corresponding to the information of the PCR to be verified returned by the server to be verified;

S3:判断所述待验证度量值与待验证PCR对应的基准值是否相同,如果是,则所述待验证服务器通过验证,否则,所述待验证服务器不能通过验证。S3: Judging whether the metric value to be verified is the same as the reference value corresponding to the PCR to be verified, if yes, the server to be verified passes the verification, otherwise, the server to be verified cannot pass the verification.

通过本发明实施例提供的一种验证服务器的方法,在待验证服务器中设置安全芯片,通过安全芯片对待验证服务器进行完整性度量,将度量值存储到安全芯片的PCR中,将待验证PCR对应的待验证度量值与对应的基准值进行比较,如果待验证服务器被篡改过,二者将会不同,如果相同则说明待验证服务器是安全的,通过该方法能够对服务器的完整性进行验证。Through a method for verifying a server provided by an embodiment of the present invention, a security chip is set in the server to be verified, and the integrity measurement of the server to be verified is performed through the security chip, the measured value is stored in the PCR of the security chip, and the PCR to be verified corresponds to The metric value to be verified is compared with the corresponding benchmark value. If the server to be verified has been tampered with, the two will be different. If they are the same, it means that the server to be verified is safe. This method can verify the integrity of the server.

本发明实施例中的基准值可以是待验证服务器在没有被篡改过,是安全的情况下安全芯片进行完整性度量得到的度量值。The reference value in the embodiment of the present invention may be the measurement value obtained by the integrity measurement performed by the security chip under the condition that the server to be verified has not been tampered with and is safe.

在待验证服务器发送待验证度量值的过程中,该待验证度量值可能会被篡改,使得验证端无法获得准确的待验证度量值,进而验证的结果也会不准确,为了解决该问题,保证传输过程中度量值的安全,可以将度量值携带在远程证明签名,通过对该远程证明签名来确定待验证度量值是否被篡改过。具体地,在一种可能的实现方式中,所述S2,包括:During the process of sending the metric value to be verified by the server to be verified, the metric value to be verified may be tampered with, so that the verifier cannot obtain the accurate metric value to be verified, and the verification result will be inaccurate. To solve this problem, ensure For the security of the metric value during transmission, the metric value can be carried in the remote proof signature, and the remote proof signature can be used to determine whether the metric value to be verified has been tampered with. Specifically, in a possible implementation manner, the S2 includes:

接收携带所述待验证度量值的远程证明签名,所述远程证明签名包括:经过所述待验证服务器的身份密钥私钥加密的所述待验证度量值的哈希值、所述待验证度量值的明文;Receive the remote attestation signature carrying the metric value to be verified, the remote attestation signature including: the hash value of the metric value to be verified encrypted by the identity key private key of the server to be verified, the metric value to be verified the plaintext of the value;

在所述S1之前,还包括:获取所述待验证服务器的身份密钥公钥;Before the S1, it also includes: obtaining the identity key public key of the server to be verified;

在所述S2之后,在所述S3之前,还包括:After said S2, before said S3, it also includes:

计算所述待验证度量值的明文的哈希值;calculating a hash value of the plaintext of the metric value to be verified;

用所述身份密钥公钥解密所述远程证明签名中的经所述身份密钥私钥加密的所述待验证度量值的哈希值,获得所述待验证度量值的哈希值;Decrypting the hash value of the metric value to be verified encrypted by the private key of the identity key in the remote attestation signature with the public key of the identity key to obtain the hash value of the metric value to be verified;

判断所述待验证度量值的明文的哈希值与所述待验证度量值的哈希值是否相等,如果是,则执行步骤S3,否则,结束当前流程。Judging whether the hash value of the plaintext of the metric value to be verified is equal to the hash value of the metric value to be verified, if yes, execute step S3, otherwise, end the current process.

在该实现方式中,待验证服务器计算出待验证度量值的哈希值,然后将该哈希值用身份密钥私钥加密,在加上待验证度量值的明文,构成了远程证明签名。当待验证度量值的明文被篡改后,该待验证度量值的明文的哈希值就会与被加密的待验证度量值的哈希值不相等,没有被篡改时,二者相等,通过该方法能够验证出接收到的待验证度量值是否准确。在确定二者相同后就可以对待验证度量值通过步骤S3进行处理了,该待验证度量值可以就是从待验证度量值的明文。In this implementation, the server to be verified calculates the hash value of the metric value to be verified, and then encrypts the hash value with the private key of the identity key, and adds the plaintext of the metric value to be verified to form a remote attestation signature. When the plaintext of the metric to be verified is tampered with, the hash value of the plaintext of the metric to be verified will not be equal to the hash value of the encrypted metric to be verified. The method can verify whether the received metric value to be verified is accurate. After it is determined that the two are the same, the metric value to be verified can be processed through step S3, and the metric value to be verified can be the plaintext of the metric value to be verified.

在接收到待验证度量值后,并不能确定该待验证度量值就是待验证服务器发来的,有可能在传输过程中被拦截,并被替换掉,为了验证接收到的待验证度量值是否是待验证服务器发来的,在一种可能的实现方式中,在所述S1之前,还包括:预先通过所述可信第三方给所述待验证服务器颁发身份密钥证书;After receiving the metric value to be verified, it is not sure that the metric value to be verified is sent by the server to be verified. It may be intercepted and replaced during the transmission process. In order to verify whether the received metric value to be verified is From the server to be verified, in a possible implementation manner, before the S1, it also includes: issuing an identity key certificate to the server to be verified through the trusted third party in advance;

在所述S3之前,还包括:Before said S3, also include:

接收所述待验证服务器发来的所述身份密钥证书;receiving the identity key certificate sent by the server to be verified;

将所述身份密钥证书发送给所述可信第三方,以使所述可信第三方对所述可信密钥证书进行验证;sending the identity key certificate to the trusted third party, so that the trusted third party can verify the trusted key certificate;

接收所述可信第三方返回的验证结果,当所述身份密钥证书通过验证时,执行步骤S3,当所述身份密钥证书没有通过验证时,结束当前流程。Receive the verification result returned by the trusted third party, when the identity key certificate passes the verification, perform step S3, and when the identity key certificate does not pass the verification, end the current process.

在该实现方式中,可以通过可信第三方颁发给待验证服务器的身份密钥证书来验证待验证服务器的身份。确认出是待验证服务器发来的待验证度量值后,可以将该度量值通过步骤S3处理。In this implementation manner, the identity of the server to be verified can be verified through an identity key certificate issued to the server to be verified by a trusted third party. After confirming that the metric value to be verified is sent by the server to be verified, the metric value can be processed in step S3.

在一种可能的实现方式中,所述预先通过所述可信第三方给所述待验证服务器办法身份密钥证书,包括:In a possible implementation manner, the pre-providing an identity key certificate to the server to be verified through the trusted third party includes:

A1:通过所述可信第三方获取所述待验证服务器的背书密钥公钥;A1: Obtain the public key of the endorsement key of the server to be verified through the trusted third party;

A2:通过所述可信第三方接收所述待验证服务器发来的身份密钥证书请求;A2: Receive the identity key certificate request from the server to be verified through the trusted third party;

A3:通过所述可信第三方,根据所述身份密钥证书请求生成所述身份密钥证书;A3: Generate the identity key certificate according to the identity key certificate request through the trusted third party;

A4:通过所述可信第三方,用所述可信第三方的签名密钥对所述身份密钥证书进行签名,并使用所述背书密钥公钥加密签名后的所述身份密钥证书;A4: Use the trusted third party to sign the identity key certificate with the signature key of the trusted third party, and use the public key of the endorsement key to encrypt the signed identity key certificate ;

A5:通过所述可信第三方,将通过所述背书密钥公钥加密的身份密钥证书发送给所述待验证服务器,以使所述待验证服务器利用所述安全芯片,通过背书密钥私钥解密通过所述背书密钥公钥加密的身份密钥证书,获得所述身份密钥证书。A5: Through the trusted third party, send the identity key certificate encrypted by the public key of the endorsement key to the server to be verified, so that the server to be verified can use the security chip to pass the endorsement key The private key decrypts the identity key certificate encrypted by the public key of the endorsement key to obtain the identity key certificate.

在对待验证服务器进行验证的过程中,可能会受到其他待验证服务器发来的消息,或者同一个待验证服务器发来的多条消息,这样可能会使得验证过程出现错误,为了解决该问题,可以给验证过程中的所有会话加上标识,用来标记该验证过程,可以通过证明挑战随机数来作为标识,具体地,在一种可能的实现方式中,在所述S1之前,还包括:生成证明挑战随机数;In the process of verifying the server to be verified, you may receive messages from other servers to be verified, or multiple messages from the same server to be verified, which may cause errors in the verification process. In order to solve this problem, you can Adding an identifier to all sessions in the verification process is used to mark the verification process, which can be used as an identifier by proving the challenge random number. Specifically, in a possible implementation, before the S1, it also includes: generating Prove that the challenge random number;

还包括:在所述验证请求对应的所有会话中添加所述证明挑战随机数。It also includes: adding the proof challenge random number in all sessions corresponding to the verification request.

在一种可能的实现方式中,所述通过所述安全芯片对所述待验证服务器进行完整性度量,包括:对所述待验证服务器的BIOS(BasicInputOutputSystem,基本输入输出系统)、BootLoader、OS(操作系统,OperatingSystem)和应用程序中的一个或者多个进行完整性度量。In a possible implementation manner, the performing integrity measurement on the server to be verified by using the security chip includes: BIOS (BasicInputOutputSystem, Basic Input Output System), BootLoader, OS ( One or more of the operating system, OperatingSystem) and application program for integrity measurement.

为使本发明的目的、技术方案和优点更加清楚,下面结合附图及具体实施例对本发明作进一步地详细描述。In order to make the purpose, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

在该实施例中,待验证服务器为服务器A,待验证PCR为第一PCR,待验证度量值为第一PCR中的度量值A,第一PCR对应的度量值的基准值为度量值B。In this embodiment, the server to be verified is server A, the PCR to be verified is the first PCR, the metric value to be verified is metric value A in the first PCR, and the reference value of the metric value corresponding to the first PCR is metric value B.

如图2所示,本发明实施例提供了一种验证服务器的方法,该方法可以包括以下步骤:As shown in Figure 2, an embodiment of the present invention provides a method for verifying a server, which may include the following steps:

步骤201:预先在服务器A中设置安全芯片,通过安全芯片对服务器A进行完整性度量,得到至少一个度量值,将至少一个度量值分别存储在安全芯片的PCR中,预先通过可信第三方给服务器A颁发身份密钥证书。Step 201: Set up a security chip in server A in advance, measure the integrity of server A through the security chip, obtain at least one measurement value, store at least one measurement value in the PCR of the security chip, and give Server A issues the identity key certificate.

步骤202:预先获取服务器A中每个PCR对应的度量值的基准值,获取服务器A的身份密钥公钥。Step 202: Obtain in advance the reference value of the metric value corresponding to each PCR in server A, and obtain the identity key public key of server A.

步骤203:向服务器A发送验证请求,该验证请求中携带有第一PCR的信息。Step 203: Send a verification request to server A, the verification request carrying the information of the first PCR.

步骤204:接收服务器A返回的携带度量值A的远程证明签名以及身份密钥证书,该远程证明签名包括:经过服务器A的身份密钥私钥加密的度量值A的哈希值、度量值A的明文。Step 204: Receive the remote attestation signature carrying the metric value A and the identity key certificate returned by the server A. The remote attestation signature includes: the hash value of the metric value A encrypted by the private key of the identity key of the server A, the metric value A plaintext.

步骤205:将身份密钥证书发送给可信第三方,以使可信第三方对所述可信密钥证书进行验证。Step 205: Send the identity key certificate to a trusted third party, so that the trusted third party can verify the trusted key certificate.

步骤206:接收可信第三方返回的验证结果,根据所述验证结果判断身份密钥证书是否通过验证,如果是,则执行步骤207,否则,结束当前流程。Step 206: Receive the verification result returned by the trusted third party, judge whether the identity key certificate has passed the verification according to the verification result, if yes, execute step 207, otherwise, end the current process.

步骤207:计算度量值A的明文的哈希值。Step 207: Calculate the hash value of the plaintext of the metric value A.

步骤208:用身份密钥公钥解密远程证明签名中的经身份密钥私钥加密的度量值A的哈希值,获得度量值A的哈希值。Step 208: Use the public key of the identity key to decrypt the hash value of the metric value A encrypted by the private key of the identity key in the remote attestation signature to obtain the hash value of the metric value A.

步骤209:判断度量值A的明文的哈希值与度量值A的哈希值是否相等,如果是,则执行步骤210,否则,结束当前流程。Step 209: Determine whether the hash value of the plaintext of the metric value A is equal to the hash value of the metric value A, if yes, execute step 210, otherwise, end the current process.

步骤210:判断度量值A与度量值B是否相同,如果是,则确定服务器A通过验证,否则,确定服务器A不能通过验证。Step 210: Determine whether the metric value A is the same as the metric value B, if yes, determine that the server A has passed the verification, otherwise, determine that the server A cannot pass the verification.

如图3、图4所示,本发明实施例提供了一种验证服务器的装置。装置实施例可以通过软件实现,也可以通过硬件或者软硬件结合的方式实现。从硬件层面而言,如图3所示,为本发明实施例提供的一种验证服务器的装置所在设备的一种硬件结构图,除了图3所示的处理器、内存、网络接口、以及非易失性存储器之外,实施例中装置所在的设备通常还可以包括其他硬件,如负责处理报文的转发芯片等等。以软件实现为例,如图4所示,作为一个逻辑意义上的装置,是通过其所在设备的CPU将非易失性存储器中对应的计算机程序指令读取到内存中运行形成的。本实施例提供的一种验证服务器的装置,包括:As shown in FIG. 3 and FIG. 4 , an embodiment of the present invention provides an apparatus for verifying a server. The device embodiments can be implemented by software, or by hardware or a combination of software and hardware. From the perspective of hardware, as shown in FIG. 3 , it is a hardware structure diagram of a device where a verification server device is located according to an embodiment of the present invention. In addition to the processor, memory, network interface, and non- In addition to the volatile memory, the device where the device in the embodiment is located may generally include other hardware, such as a forwarding chip responsible for processing packets, and the like. Taking software implementation as an example, as shown in Figure 4, as a device in a logical sense, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory for operation by the CPU of the device where it is located. An apparatus for verifying a server provided in this embodiment includes:

度量单元401,用于在待验证服务器中设置安全芯片,通过所述安全芯片对所述待验证服务器进行完整性度量,得到至少一个度量值,将所述至少一个度量值分别存储在安全芯片的平台配置寄存器PCR中;The measurement unit 401 is configured to set a security chip in the server to be verified, perform integrity measurement on the server to be verified through the security chip, obtain at least one measurement value, and store the at least one measurement value in the security chip respectively. In the platform configuration register PCR;

第一获取单元402,用于获取所述待验证服务器中每个PCR对应的度量值的基准值;A first obtaining unit 402, configured to obtain a reference value of a metric value corresponding to each PCR in the server to be verified;

发送单元403,用于向待验证服务器发送验证请求,所述验证请求中携带有待验证PCR的信息;A sending unit 403, configured to send a verification request to the server to be verified, the verification request carrying information about the PCR to be verified;

接收单元404,用于接收所述待验证服务器返回的所述待验证PCR的信息对应的待验证PCR中的待验证度量值;The receiving unit 404 is configured to receive the metric value to be verified in the PCR to be verified corresponding to the information of the PCR to be verified returned by the server to be verified;

验证单元405,用于判断所述待验证度量值与待验证PCR对应的基准值是否相同,如果是,则所述待验证服务器通过验证,否则,所述待验证服务器不能通过验证。The verification unit 405 is configured to judge whether the metric value to be verified is the same as the reference value corresponding to the PCR to be verified, if yes, the server to be verified passes the verification, otherwise, the server to be verified fails to pass the verification.

在一种可能的实现方式中,所述接收单元404,用于接收携带所述待验证度量值的远程证明签名,所述远程证明签名包括:经过所述待验证服务器的身份密钥私钥加密的所述待验证度量值的哈希值、所述待验证度量值的明文;In a possible implementation manner, the receiving unit 404 is configured to receive a remote certification signature carrying the metric value to be verified, where the remote certification signature includes: encrypted by the private key of the identity key of the server to be verified The hash value of the metric value to be verified, the plaintext of the metric value to be verified;

还包括:第二获取单元,用于获取所述待验证服务器的身份密钥公钥;It also includes: a second obtaining unit, configured to obtain the identity key public key of the server to be verified;

还包括:远程证明签名验证单元,用于计算所述待验证度量值的明文的哈希值,用所述身份密钥公钥解密所述远程证明签名中的经所述身份密钥私钥加密的所述待验证度量值的哈希值,获得所述待验证度量值的哈希值,判断所述待验证度量值的明文的哈希值与所述待验证度量值的哈希值是否相等,当判断结果为是时,则通知所述验证单元,当判断结果为否时,结束对所述待验证服务器的验证。It also includes: a remote certificate signature verification unit, which is used to calculate the hash value of the plaintext of the metric value to be verified, and use the identity key public key to decrypt the remote certificate signature encrypted by the identity key private key. the hash value of the metric value to be verified, obtain the hash value of the metric value to be verified, and determine whether the hash value of the plaintext of the metric value to be verified is equal to the hash value of the metric value to be verified , when the judgment result is yes, then notify the verification unit, and when the judgment result is no, end the verification of the server to be verified.

在一种可能的实现方式中,该装置还包括:颁发单元,用于通过所述可信第三方给所述待验证服务器颁发身份密钥证书;In a possible implementation manner, the device further includes: an issuing unit, configured to issue an identity key certificate to the server to be verified through the trusted third party;

还包括:身份密钥证书验证单元,用于接收所述待验证服务器发来的所述身份密钥证书,将所述身份密钥证书发送给所述可信第三方,以使所述可信第三方对所述可信密钥证书进行验证,接收所述可信第三方返回的验证结果,当所述身份密钥证书通过验证时,通知所述验证单元,当所述身份密钥证书没有通过验证时,结束对所述待验证服务器的验证。It also includes: an identity key certificate verification unit, configured to receive the identity key certificate sent by the server to be verified, and send the identity key certificate to the trusted third party, so that the trusted The third party verifies the trusted key certificate, receives the verification result returned by the trusted third party, and notifies the verification unit when the identity key certificate passes the verification, and when the identity key certificate does not When the verification is passed, the verification of the server to be verified is ended.

在一种可能的实现方式中,所述颁发单元,具体用于:In a possible implementation manner, the issuing unit is specifically configured to:

A1:通过所述可信第三方获取所述待验证服务器的背书密钥公钥;A1: Obtain the public key of the endorsement key of the server to be verified through the trusted third party;

A2:通过所述可信第三方接收所述待验证服务器发来的身份密钥证书请求;A2: Receive the identity key certificate request from the server to be verified through the trusted third party;

A3:通过所述可信第三方,根据所述身份密钥证书请求生成所述身份密钥证书;A3: Generate the identity key certificate according to the identity key certificate request through the trusted third party;

A4:通过所述可信第三方,用所述可信第三方的签名密钥对所述身份密钥证书进行签名,并使用所述背书密钥公钥加密签名后的所述身份密钥证书;A4: Use the trusted third party to sign the identity key certificate with the signature key of the trusted third party, and use the public key of the endorsement key to encrypt the signed identity key certificate ;

A5:通过所述可信第三方,将通过所述背书密钥公钥加密的身份密钥证书发送给所述待验证服务器,以使所述待验证服务器利用所述安全芯片,通过背书密钥私钥解密通过所述背书密钥公钥加密的身份密钥证书,获得所述身份密钥证书。A5: Through the trusted third party, send the identity key certificate encrypted by the public key of the endorsement key to the server to be verified, so that the server to be verified can use the security chip to pass the endorsement key The private key decrypts the identity key certificate encrypted by the public key of the endorsement key to obtain the identity key certificate.

在一种可能的实现方式中,还包括:生成单元,用于生成证明挑战随机数;In a possible implementation manner, it also includes: a generating unit, configured to generate proof challenge random numbers;

还包括:添加单元,用于在所述验证请求对应的所有会话中添加所述证明挑战随机数。It also includes: an adding unit, configured to add the proof challenge random number in all sessions corresponding to the verification request.

在一种可能的实现方式中,所述度量单元,在执行所述通过所述安全芯片对所述待验证服务器进行完整性度量时,具体执行:对所述待验证服务器的BIOS、BootLoader、OS和应用程序中的一个或者多个进行完整性度量。In a possible implementation manner, when performing the integrity measurement on the server to be verified through the security chip, the measurement unit specifically performs: Integrity measurement with one or more of the applications.

上述装置内的各单元之间的信息交互、执行过程等内容,由于与本发明方法实施例基于同一构思,具体内容可参见本发明方法实施例中的叙述,此处不再赘述。The information exchange and execution process among the units in the above-mentioned device are based on the same concept as the method embodiment of the present invention, and the specific content can refer to the description in the method embodiment of the present invention, and will not be repeated here.

需要说明的是:上述实施例中的待验证服务器可以是可信计算平台的服务器。上述的安全芯片可以是TPM、TCM。It should be noted that: the server to be verified in the above embodiment may be a server of a trusted computing platform. The aforementioned security chip may be TPM, TCM.

在对待验证服务器进行完整性度量时,将待验证服务器上模块(硬件、固件和软件)的执行完整性状态记录下来,从而构建起待验证服务器的信任链。完整性度量的起点被称为度量信任根,它位于安全芯片内部,是绝对可信的。当计算机启动时,开始执行完整性度量过程,从BIOS,BootLoader,OS到应用程序,每个实体都会被度量。其中,度量值可以以摘要方式扩展存储在PCR中。假如有任何模块被恶意感染,该PCR中的摘要值必然发生改变。When measuring the integrity of the server to be verified, the execution integrity status of the modules (hardware, firmware and software) on the server to be verified is recorded, so as to build a trust chain of the server to be verified. The starting point of integrity measurement is called the measurement root of trust, which is located inside the security chip and is absolutely trusted. When the computer starts up, the integrity measurement process starts, and every entity is measured from BIOS, BootLoader, OS to applications. Wherein, the metric value can be extended and stored in the PCR in a summary manner. If any module is maliciously infected, the digest value in the PCR must change.

为了保证安全性,避免暴露待验证服务器的背书密钥,本发明实施例通过身份密钥进行身份证明,而非直接使用背书密钥。身份密钥是在背书密钥的指导下由安全芯片产生,标识安全芯片身份的密钥对。In order to ensure security and avoid exposing the endorsement key of the server to be verified, the embodiment of the present invention uses the identity key for identity verification instead of directly using the endorsement key. The identity key is a key pair that is generated by the security chip under the guidance of the endorsement key and identifies the identity of the security chip.

在给待验证服务器颁发身份密钥证书的过程中,安全芯片所有者使用安全芯片生成密钥类型为身份密钥的RSA密钥(即身份密钥),将身份密钥公钥、签注密钥、平台证书打包在一起,和身份密钥证书请求一起发送给可信第三方。另外,为了验证身份密钥证书请求的有效性,待验证服务器将背书密钥证书和身份密钥证书请求一起发送给可信第三方,可信第三方通过验证背书密钥证书来确定身份密钥证书请求的有效性。另外,当待验证服务器获得身份密钥证书后,可以向验证方发送证明请求,告知验证方可以对待验证服务器进行验证,这里的验证方可以是实现上述验证服务器的方法的装置,可以是上述的验证服务器的装置。In the process of issuing the identity key certificate to the server to be verified, the security chip owner uses the security chip to generate an RSA key whose key type is the identity key (that is, the identity key), and uses the identity key public key, , platform certificates are packaged together, and sent to a trusted third party together with the identity key certificate request. In addition, in order to verify the validity of the identity key certificate request, the server to be verified sends the endorsement key certificate and the identity key certificate request to a trusted third party, and the trusted third party determines the identity key by verifying the endorsement key certificate The validity of the certificate request. In addition, after the server to be verified obtains the identity key certificate, it can send a certification request to the verifying party, informing the verifying party that it can verify the server to be verified. Authenticating the server's device.

本发明实施例提供一种验证服务器的方法及装置,具有如下有益效果:Embodiments of the present invention provide a method and device for verifying a server, which have the following beneficial effects:

1、本发明实施例提供的一种验证服务器的方法及装置,在待验证服务器中设置安全芯片,通过安全芯片对待验证服务器进行完整性度量,将度量值存储到安全芯片的PCR中,将待验证PCR对应的待验证度量值与对应的基准值进行比较,如果待验证服务器被篡改过,二者将会不同,如果相同则说明待验证服务器是安全的,通过该方法及装置,能够对服务器的完整性进行验证。1. A method and device for verifying a server provided by an embodiment of the present invention. A security chip is provided in the server to be verified, and the integrity measurement of the server to be verified is performed through the security chip, and the measured value is stored in the PCR of the security chip. Verify that the metric value to be verified corresponding to the PCR is compared with the corresponding benchmark value. If the server to be verified has been tampered with, the two will be different. If they are the same, it means that the server to be verified is safe. Through this method and device, the server can integrity is verified.

2、本发明实施例提供的一种验证服务器的方法及装置,待验证服务器计算出待验证度量值的哈希值,然后将该哈希值用身份密钥私钥加密,在加上待验证度量值的明文,构成了远程证明签名,当待验证度量值的明文被篡改后,该待验证度量值的明文的哈希值就会与被加密的待验证度量值的哈希值不相等,没有被篡改时,二者相等,通过该方法能够验证出接收到的待验证度量值是否准确,实现了对待验证度量值的准确性的验证,保证了待验证服务器的验证结果的准确性。2. A method and device for verifying a server provided by an embodiment of the present invention. The server to be verified calculates the hash value of the metric value to be verified, and then encrypts the hash value with the private key of the identity key, and adds the value to be verified The plaintext of the metric value constitutes a remote proof signature. When the plaintext of the metric value to be verified is tampered with, the hash value of the plaintext value of the metric value to be verified will not be equal to the encrypted hash value of the metric value to be verified. When they are not tampered with, the two are equal. Through this method, it can be verified whether the received metric value to be verified is accurate, which realizes the verification of the accuracy of the metric value to be verified, and ensures the accuracy of the verification result of the server to be verified.

3、本发明实施例提供的一种验证服务器的方法及装置,可以通过可信第三方颁发给待验证服务器的身份密钥证书来验证待验证服务器的身份,进而能够验证接收到的待验证度量值是否待验证服务器发来的,保证了对待验证服务器的验证结果的准确性。3. A method and device for verifying a server provided by an embodiment of the present invention can verify the identity of the server to be verified through an identity key certificate issued to the server to be verified by a trusted third party, and then can verify the received metric to be verified Whether the value is sent by the server to be verified ensures the accuracy of the verification result of the server to be verified.

需要说明的是,在本文中,诸如第一和第二之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个······”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同因素。It should be noted that in this article, relational terms such as first and second are only used to distinguish one entity or operation from another entity or operation, and do not necessarily require or imply that there is a relationship between these entities or operations. There is no such actual relationship or sequence. Furthermore, the term "comprises", "comprises" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article, or apparatus comprising a set of elements includes not only those elements, but also includes elements not expressly listed. other elements of or also include elements inherent in such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising a ..." does not exclude the presence of additional same elements in the process, method, article or apparatus comprising said element.

本领域普通技术人员可以理解:实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成,前述的程序可以存储在计算机可读取的存储介质中,该程序在执行时,执行包括上述方法实施例的步骤;而前述的存储介质包括:ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质中。Those of ordinary skill in the art can understand that all or part of the steps to realize the above method embodiments can be completed by program instructions related hardware, and the aforementioned programs can be stored in a computer-readable storage medium. When the program is executed, the It includes the steps of the above method embodiments; and the aforementioned storage medium includes: ROM, RAM, magnetic disk or optical disk and other various media that can store program codes.

最后需要说明的是:以上所述仅为本发明的较佳实施例,仅用于说明本发明的技术方案,并非用于限定本发明的保护范围。凡在本发明的精神和原则之内所做的任何修改、等同替换、改进等,均包含在本发明的保护范围内。Finally, it should be noted that the above descriptions are only preferred embodiments of the present invention, and are only used to illustrate the technical solution of the present invention, and are not used to limit the protection scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present invention are included in the protection scope of the present invention.

Claims (10)

1. the method for an authentication server, it is characterized in that, comprise: in advance safety chip is set in server to be verified, by described safety chip, integrity measurement is carried out to described server to be verified, obtain at least one metric, at least one metric described is stored in the platform configuration register PCR of safety chip respectively, obtains the fiducial value of the metric that each PCR is corresponding in described server to be verified in advance, also comprise:
S1: send checking request to server to be verified, carries the information of PCR to be verified in described checking request;
S2: receive the metric to be verified in PCR to be verified corresponding to the information of the PCR described to be verified that described server to be verified returns;
S3: judge that whether the fiducial value that described metric to be verified and PCR to be verified are corresponding is identical, if so, then described server to be verified is by checking, otherwise described server to be verified is not by checking.
2. method according to claim 1, is characterized in that, described S2, comprising:
Receive the remote proving signature carrying described metric to be verified, described remote proving signature comprises: through the cryptographic Hash of the metric described to be verified of the identity key encrypted private key of described server to be verified, the plaintext of described metric to be verified;
Before described S1, also comprise: the identity key PKI obtaining described server to be verified;
After described S2, before described S3, also comprise:
Calculate the cryptographic Hash of the plaintext of described metric to be verified;
By the cryptographic Hash of the metric described to be verified through described identity key encrypted private key in remote proving signature described in described identity key public key decryptions, obtain the cryptographic Hash of described metric to be verified;
Judge that whether the cryptographic Hash of the plaintext of described metric to be verified is equal with the cryptographic Hash of described metric to be verified, if so, then perform step S3, otherwise, terminate current process.
3. method according to claim 1, is characterized in that, before described S1, also comprises: issue identity key certificate to described server to be verified by described trusted third party in advance;
Before described S3, also comprise:
Receive the described identity key certificate that described server to be verified is sent together with described metric to be verified;
Described identity key certificate is sent to described trusted third party, to make described trusted third party, described trusted key certificate is verified;
Receive the result that described trusted third party returns, when described identity key certificate is by checking, perform step S3, when described identity key certificate is not by checking, terminate current process.
4. method according to claim 3, is characterized in that, described in advance by described trusted third party give described server way identity key certificate to be verified, comprising:
A1: the endorsement key PKI being obtained described server to be verified by described trusted third party;
A2: the identity key certificate request sent by the described server to be verified of described trusted third party's reception;
A3: by described trusted third party, generates described identity key certificate according to described identity key certificate request;
A4: by described trusted third party, signs to described identity key certificate with the signature key of described trusted third party, and the described identity key certificate after using described endorsement key public key encryption to sign;
A5: by described trusted third party, identity key certificate by described endorsement key public key encryption is sent to described server to be verified, to make safety chip described in described server by utilizing to be verified, by the deciphering of endorsement key private key by the identity key certificate of described endorsement key public key encryption, obtain described identity key certificate.
5. method according to claim 1, is characterized in that, before described S1, also comprises: generate and prove challenge random number;
Also comprise: in all sessions that described checking request is corresponding, add described proof challenge random number;
And/or, describedly by described safety chip, integrity measurement is carried out to described server to be verified, comprising: integrity measurement is carried out to one or more in the basic input-output system BIOS of described server to be verified, BootLoader, operating system OS and application program.
6. a device for authentication server, is characterized in that, comprising:
Metric element, for arranging safety chip in server to be verified, by described safety chip, integrity measurement is carried out to described server to be verified, obtain at least one metric, at least one metric described is stored in the platform configuration register PCR of safety chip respectively;
First acquiring unit, for obtaining the fiducial value of the metric that each PCR is corresponding in described server to be verified;
Transmitting element, for sending checking request to server to be verified, carries the information of PCR to be verified in described checking request;
Receiving element, the metric to be verified in the PCR to be verified that the information for receiving the PCR described to be verified that described server to be verified returns is corresponding;
Authentication unit, whether identical for judging the fiducial value that described metric to be verified and PCR to be verified are corresponding, if so, then described server to be verified is by checking, otherwise described server to be verified is not by checking.
7. device according to claim 6, it is characterized in that, described receiving element, for receiving the remote proving signature carrying described metric to be verified, described remote proving signature comprises: through the cryptographic Hash of the metric described to be verified of the identity key encrypted private key of described server to be verified, the plaintext of described metric to be verified;
Also comprise: second acquisition unit, for obtaining the identity key PKI of described server to be verified;
Also comprise: remote proving signature verification unit, for calculating the cryptographic Hash of the plaintext of described metric to be verified, by the cryptographic Hash of the metric described to be verified through described identity key encrypted private key in remote proving signature described in described identity key public key decryptions, obtain the cryptographic Hash of described metric to be verified, judge that whether the cryptographic Hash of the plaintext of described metric to be verified is equal with the cryptographic Hash of described metric to be verified, when judged result is for being, then notify described authentication unit, when judged result is no, terminate the checking to described server to be verified.
8. device according to claim 6, is characterized in that, also comprises: issue unit, for issuing identity key certificate to described server to be verified by described trusted third party;
Also comprise: identity key certificate verification unit, for receiving the described identity key certificate that described server to be verified is sent, described identity key certificate is sent to described trusted third party, to make described trusted third party, described trusted key certificate is verified, receive the result that described trusted third party returns, when described identity key certificate is by checking, notify described authentication unit, when described identity key certificate is not by checking, terminate the checking to described server to be verified.
9. device according to claim 8, is characterized in that, described in issue unit, specifically for:
A1: the endorsement key PKI being obtained described server to be verified by described trusted third party;
A2: the identity key certificate request sent by the described server to be verified of described trusted third party's reception;
A3: by described trusted third party, generates described identity key certificate according to described identity key certificate request;
A4: by described trusted third party, signs to described identity key certificate with the signature key of described trusted third party, and the described identity key certificate after using described endorsement key public key encryption to sign;
A5: by described trusted third party, identity key certificate by described endorsement key public key encryption is sent to described server to be verified, to make safety chip described in described server by utilizing to be verified, by the deciphering of endorsement key private key by the identity key certificate of described endorsement key public key encryption, obtain described identity key certificate.
10. device according to claim 6, is characterized in that, also comprises: generation unit, proves challenge random number for generating;
Also comprise: adding device, for adding described proof challenge random number in all sessions that described checking request is corresponding;
And/or,
Described metric element, perform described by described safety chip, integrity measurement is carried out to described server to be verified time, specifically execution: integrity measurement is carried out to one or more in the basic input-output system BIOS of described server to be verified, BootLoader, operating system OS and application program.
CN201510697751.8A 2015-10-23 2015-10-23 A kind of method of authentication server and device Pending CN105227319A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510697751.8A CN105227319A (en) 2015-10-23 2015-10-23 A kind of method of authentication server and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510697751.8A CN105227319A (en) 2015-10-23 2015-10-23 A kind of method of authentication server and device

Publications (1)

Publication Number Publication Date
CN105227319A true CN105227319A (en) 2016-01-06

Family

ID=54996038

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510697751.8A Pending CN105227319A (en) 2015-10-23 2015-10-23 A kind of method of authentication server and device

Country Status (1)

Country Link
CN (1) CN105227319A (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105743918A (en) * 2016-04-05 2016-07-06 浪潮电子信息产业股份有限公司 Information encrypted transmission method, device and system
CN106096420A (en) * 2016-06-15 2016-11-09 京信通信技术(广州)有限公司 The method and apparatus of embedded device clean boot
CN106778286A (en) * 2016-12-21 2017-05-31 郑州云海信息技术有限公司 A kind of system and method whether attacked for detection service device hardware
CN109213572A (en) * 2018-09-10 2019-01-15 郑州云海信息技术有限公司 A kind of confidence level based on virtual machine determines method and server
CN109714168A (en) * 2017-10-25 2019-05-03 阿里巴巴集团控股有限公司 Trusted remote method of proof, device and system
CN110245495A (en) * 2018-03-09 2019-09-17 阿里巴巴集团控股有限公司 BIOS method of calibration, configuration method, equipment and system
CN110324355A (en) * 2019-07-15 2019-10-11 山西百信信息技术有限公司 A kind of internet-of-things terminal method for security protection based on trust computing
CN110601843A (en) * 2019-07-15 2019-12-20 山西百信信息技术有限公司 Internet of things terminal security protection system based on trusted computing
CN110781509A (en) * 2019-10-28 2020-02-11 腾讯科技(深圳)有限公司 Data verification method and device, storage medium and computer equipment
CN111143887A (en) * 2019-12-26 2020-05-12 海光信息技术有限公司 Safety control method, processor, integrated device and computer equipment
WO2020192287A1 (en) * 2019-03-22 2020-10-01 阿里巴巴集团控股有限公司 Trusted computing method, and server
CN112000935A (en) * 2019-05-27 2020-11-27 阿里巴巴集团控股有限公司 Remote authentication method, device, system, storage medium and computer equipment
CN112688782A (en) * 2019-10-17 2021-04-20 华为技术有限公司 Remote certification method and equipment for combined equipment
WO2021093485A1 (en) * 2019-11-11 2021-05-20 华为技术有限公司 Remote attestation method, apparatus and system, and computer storage medium
CN113132330A (en) * 2019-12-31 2021-07-16 华为技术有限公司 Method for trusted state attestation and related device
CN113940031A (en) * 2019-05-31 2022-01-14 西门子股份公司 Establishing secure communications without local time information
CN114281068A (en) * 2021-12-20 2022-04-05 北京三快在线科技有限公司 Unmanned equipment remote take-over system, method, device, equipment and storage medium

Cited By (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105743918A (en) * 2016-04-05 2016-07-06 浪潮电子信息产业股份有限公司 Information encrypted transmission method, device and system
CN106096420A (en) * 2016-06-15 2016-11-09 京信通信技术(广州)有限公司 The method and apparatus of embedded device clean boot
CN106778286A (en) * 2016-12-21 2017-05-31 郑州云海信息技术有限公司 A kind of system and method whether attacked for detection service device hardware
US11621843B2 (en) 2017-10-25 2023-04-04 Alibaba Group Holding Limited Trusted remote proving method, apparatus and system
CN109714168A (en) * 2017-10-25 2019-05-03 阿里巴巴集团控股有限公司 Trusted remote method of proof, device and system
CN109714168B (en) * 2017-10-25 2022-05-27 阿里巴巴集团控股有限公司 Trusted remote attestation method, device and system
CN110245495A (en) * 2018-03-09 2019-09-17 阿里巴巴集团控股有限公司 BIOS method of calibration, configuration method, equipment and system
CN109213572A (en) * 2018-09-10 2019-01-15 郑州云海信息技术有限公司 A kind of confidence level based on virtual machine determines method and server
CN109213572B (en) * 2018-09-10 2021-10-22 郑州云海信息技术有限公司 A virtual machine-based reliability determination method and server
WO2020192287A1 (en) * 2019-03-22 2020-10-01 阿里巴巴集团控股有限公司 Trusted computing method, and server
US11163865B2 (en) 2019-03-22 2021-11-02 Advanced New Technologies Co., Ltd. Trusted computing method, and server
CN112000935A (en) * 2019-05-27 2020-11-27 阿里巴巴集团控股有限公司 Remote authentication method, device, system, storage medium and computer equipment
CN113940031A (en) * 2019-05-31 2022-01-14 西门子股份公司 Establishing secure communications without local time information
CN110601843A (en) * 2019-07-15 2019-12-20 山西百信信息技术有限公司 Internet of things terminal security protection system based on trusted computing
CN110324355A (en) * 2019-07-15 2019-10-11 山西百信信息技术有限公司 A kind of internet-of-things terminal method for security protection based on trust computing
CN112688782A (en) * 2019-10-17 2021-04-20 华为技术有限公司 Remote certification method and equipment for combined equipment
CN112688782B (en) * 2019-10-17 2023-09-08 华为技术有限公司 Remote proving method and equipment for combined equipment
US12113823B2 (en) 2019-10-17 2024-10-08 Huawei Technologies Co., Ltd. Remote attestation method and device for composite device
US12231452B2 (en) 2019-10-17 2025-02-18 Huawei Technologies Co., Ltd. Remote attestation mode negotiation method for combined device and related device
CN110781509A (en) * 2019-10-28 2020-02-11 腾讯科技(深圳)有限公司 Data verification method and device, storage medium and computer equipment
WO2021093485A1 (en) * 2019-11-11 2021-05-20 华为技术有限公司 Remote attestation method, apparatus and system, and computer storage medium
US12271479B2 (en) 2019-11-11 2025-04-08 Huawei Technologies Co., Ltd. Remote attestation method, apparatus, system, and computer storage medium
CN111143887B (en) * 2019-12-26 2022-05-24 海光信息技术股份有限公司 A security control method, processor, integrated device and computer equipment
CN111143887A (en) * 2019-12-26 2020-05-12 海光信息技术有限公司 Safety control method, processor, integrated device and computer equipment
CN113132330A (en) * 2019-12-31 2021-07-16 华为技术有限公司 Method for trusted state attestation and related device
CN113132330B (en) * 2019-12-31 2022-06-28 华为技术有限公司 Method, device, attestation server and readable storage medium for trusted state attestation
CN114281068A (en) * 2021-12-20 2022-04-05 北京三快在线科技有限公司 Unmanned equipment remote take-over system, method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN105227319A (en) A kind of method of authentication server and device
US10530753B2 (en) System and method for secure cloud computing
JP6463269B2 (en) Method, system, and computer program product for determining the geographical location of a virtual disk image running on a data center server in a data center
US10437985B2 (en) Using a second device to enroll a secure application enclave
TWI507006B (en) Key certification in one round trip
Anati et al. Innovative technology for CPU based attestation and sealing
US9998438B2 (en) Verifying the security of a remote server
TW202207664A (en) Secure computing device, secure computing method, verifier and device attestation method
CN109818730B (en) Blind signature acquisition method and device and server
TW201918049A (en) Trusted remote attestation method, device and system capable of ensuring information security without causing an influence on the operation of the server terminal during the policy deployment process
CN107493271A (en) Credible and secure network system
CN107133520B (en) Trust measurement method and device for cloud computing platform
CN112311718B (en) Method, device, equipment and storage medium for detecting hardware
CN110401615A (en) An identity authentication method, device, equipment, system and readable storage medium
WO2018112482A1 (en) Method and system for distributing attestation key and certificate in trusted computing
CN101488851B (en) Method and apparatus for signing identity verification certificate in trusted computing
CN111414640A (en) Key access control method and device
US20240232332A9 (en) Methods and Means for Attestation of a Platform
CN115549984A (en) Cross-chain transaction method, device, equipment and storage medium
Ott et al. Universal remote attestation for cloud and edge platforms
CN115664655B (en) A TEE trusted authentication method, device, equipment and medium
WO2017124887A1 (en) Device, server, system and method for data attestation
CN119768815A (en) Carbon data management method, device, system and related equipment
CN116886268B (en) Data transmission verification method, device, equipment and computer readable storage medium
CN115004624A (en) Apparatus and method for key strengthening

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160106

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载