Cryptology ePrint Archive: Report 2014/490

Universally Composable secure TNC protocol based on IF-T binding to TLS

Shijun Zhao and Qianying Zhang and Yu Qin and Dengguo Feng

Abstract: Trusted Network Connect (TNC) requires both user authentication and integrity validation of an endpoint before it connects to the internet or accesses some web service. However, as the user authentication and integrity validation are usually done via independent protocols, TNC is vulnerable to the Man-in-the-Middle (MitM) attack. This paper analyzes TNC which uses keys with Subject Key Attestation Evidence (SKAE) extension to perform user authentication and the IF-T protocol binding to TLS to carry integrity measurement messages in the Universally Composable (UC) framework. Our analysis result shows that TNC using keys with SKAE extension can resist the MitM attack. In this paper, we introduce two primitive ideal functionalities for TNC: an ideal dual-authentication certification functionality which binds messages and both the user and platform identities, and an ideal platform attestation functionality which formalizes the integrity verification of a platform. We prove that the SKAE extension protocol and the basic TCG platform attestation protocol, both of which are defined by TCG specifications, UC-realizes the two primitive functionalities respectively. In the end, we introduce a general ideal TNC functionality and prove that the complete TNC protocol, combining the IF-T binding to TLS which uses keys with SKAE extension for client authentication and the basic TCG platform attestation platform protocol, securely realizes the TNC functionality in the hybrid model.

Category / Keywords: cryptographic protocols / Universally Composable security, Trusted Network Connect, SKAE, TLS

Original Publication (with minor differences): NSS'14

Date: received 20 Jun 2014, last revised 10 Sep 2014

Contact author: zqyzsj at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20140910:070855 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]