SSL Client Authentication with TPM

TPM-embedded devices can be used as authentication tokens by issuing certificates to signing keys generated by TPM. TPM generates Attestation Identity Key (AIK) and Binding Key (BK) that are RSA keys. AIK is used to identify TPM. BK is used to encrypt data so that specific TPM can decrypt it. TPM ca...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEICE transactions on information and systems 2016, Vol.E99.D (4), p.1052-1061
Hauptverfasser:	Kakei, Shohei, Mohri, Masami, Shiraishi, Yoshiaki, Morii, Masakatu
Format:	Artikel
Sprache:	jpn
Schlagworte:	Authentication Binding Certificates Devices Joining Linking
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1061
container_issue	4
container_start_page	1052
container_title	IEICE transactions on information and systems
container_volume	E99.D
creator	Kakei, Shohei Mohri, Masami Shiraishi, Yoshiaki Morii, Masakatu
description	TPM-embedded devices can be used as authentication tokens by issuing certificates to signing keys generated by TPM. TPM generates Attestation Identity Key (AIK) and Binding Key (BK) that are RSA keys. AIK is used to identify TPM. BK is used to encrypt data so that specific TPM can decrypt it. TPM can use for device authentication by linking a SSL client certificate to TPM. This paper proposes a method of an AIK certificate issuance with OpenID and a method of the SSL client certificate issuance to specific TPM using AIK and BK. In addition, the paper shows how to implement device authentication system using the SSL client certificate related to TPM.
doi_str_mv	10.1587/transinf.2015CYP0012
format	Article
fullrecord	<record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_miscellaneous_1808114400</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1808114400</sourcerecordid><originalsourceid>FETCH-LOGICAL-j1340-45208b570eeb0fa8492256c3da5ced49918a89854bc1b0dbc26a9a6be9b8960f3</originalsourceid><addsrcrecordid>eNotzE1LwzAYAOAgCpa5f-ChePLS-b756pvjKOqEioPNg6eRpCmL1FaXFP--gp6e28PYNcIKFdV3-WTHFMd-xQFV87YFQH7GCqylqlBoPGcFGNQVKcEv2TKl6EAJEryWpmA3u11bNkMMYy7Xcz7-Gr3NcRrL75iP5X77fMUuejuksPx3wV4f7vfNpmpfHp-adVu9o5BQScWBnKohBAe9JWk4V9qLziofOmkMkiVDSjqPDjrnubbGaheMI6OhFwt2-_d-nqavOaR8-IjJh2GwY5jmdEACQpQSQPwARw1EyA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1808114400</pqid></control><display><type>article</type><title>SSL Client Authentication with TPM</title><source>J-STAGE Free</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Kakei, Shohei ; Mohri, Masami ; Shiraishi, Yoshiaki ; Morii, Masakatu</creator><creatorcontrib>Kakei, Shohei ; Mohri, Masami ; Shiraishi, Yoshiaki ; Morii, Masakatu</creatorcontrib><description>TPM-embedded devices can be used as authentication tokens by issuing certificates to signing keys generated by TPM. TPM generates Attestation Identity Key (AIK) and Binding Key (BK) that are RSA keys. AIK is used to identify TPM. BK is used to encrypt data so that specific TPM can decrypt it. TPM can use for device authentication by linking a SSL client certificate to TPM. This paper proposes a method of an AIK certificate issuance with OpenID and a method of the SSL client certificate issuance to specific TPM using AIK and BK. In addition, the paper shows how to implement device authentication system using the SSL client certificate related to TPM.</description><identifier>ISSN: 0916-8532</identifier><identifier>EISSN: 1745-1361</identifier><identifier>DOI: 10.1587/transinf.2015CYP0012</identifier><language>jpn</language><subject>Authentication ; Binding ; Certificates ; Devices ; Joining ; Linking</subject><ispartof>IEICE transactions on information and systems, 2016, Vol.E99.D (4), p.1052-1061</ispartof><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,4009,27902,27903,27904</link.rule.ids></links><search><creatorcontrib>Kakei, Shohei</creatorcontrib><creatorcontrib>Mohri, Masami</creatorcontrib><creatorcontrib>Shiraishi, Yoshiaki</creatorcontrib><creatorcontrib>Morii, Masakatu</creatorcontrib><title>SSL Client Authentication with TPM</title><title>IEICE transactions on information and systems</title><description>TPM-embedded devices can be used as authentication tokens by issuing certificates to signing keys generated by TPM. TPM generates Attestation Identity Key (AIK) and Binding Key (BK) that are RSA keys. AIK is used to identify TPM. BK is used to encrypt data so that specific TPM can decrypt it. TPM can use for device authentication by linking a SSL client certificate to TPM. This paper proposes a method of an AIK certificate issuance with OpenID and a method of the SSL client certificate issuance to specific TPM using AIK and BK. In addition, the paper shows how to implement device authentication system using the SSL client certificate related to TPM.</description><subject>Authentication</subject><subject>Binding</subject><subject>Certificates</subject><subject>Devices</subject><subject>Joining</subject><subject>Linking</subject><issn>0916-8532</issn><issn>1745-1361</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2016</creationdate><recordtype>article</recordtype><recordid>eNotzE1LwzAYAOAgCpa5f-ChePLS-b756pvjKOqEioPNg6eRpCmL1FaXFP--gp6e28PYNcIKFdV3-WTHFMd-xQFV87YFQH7GCqylqlBoPGcFGNQVKcEv2TKl6EAJEryWpmA3u11bNkMMYy7Xcz7-Gr3NcRrL75iP5X77fMUuejuksPx3wV4f7vfNpmpfHp-adVu9o5BQScWBnKohBAe9JWk4V9qLziofOmkMkiVDSjqPDjrnubbGaheMI6OhFwt2-_d-nqavOaR8-IjJh2GwY5jmdEACQpQSQPwARw1EyA</recordid><startdate>2016</startdate><enddate>2016</enddate><creator>Kakei, Shohei</creator><creator>Mohri, Masami</creator><creator>Shiraishi, Yoshiaki</creator><creator>Morii, Masakatu</creator><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>2016</creationdate><title>SSL Client Authentication with TPM</title><author>Kakei, Shohei ; Mohri, Masami ; Shiraishi, Yoshiaki ; Morii, Masakatu</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-j1340-45208b570eeb0fa8492256c3da5ced49918a89854bc1b0dbc26a9a6be9b8960f3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>jpn</language><creationdate>2016</creationdate><topic>Authentication</topic><topic>Binding</topic><topic>Certificates</topic><topic>Devices</topic><topic>Joining</topic><topic>Linking</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Kakei, Shohei</creatorcontrib><creatorcontrib>Mohri, Masami</creatorcontrib><creatorcontrib>Shiraishi, Yoshiaki</creatorcontrib><creatorcontrib>Morii, Masakatu</creatorcontrib><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEICE transactions on information and systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kakei, Shohei</au><au>Mohri, Masami</au><au>Shiraishi, Yoshiaki</au><au>Morii, Masakatu</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>SSL Client Authentication with TPM</atitle><jtitle>IEICE transactions on information and systems</jtitle><date>2016</date><risdate>2016</risdate><volume>E99.D</volume><issue>4</issue><spage>1052</spage><epage>1061</epage><pages>1052-1061</pages><issn>0916-8532</issn><eissn>1745-1361</eissn><abstract>TPM-embedded devices can be used as authentication tokens by issuing certificates to signing keys generated by TPM. TPM generates Attestation Identity Key (AIK) and Binding Key (BK) that are RSA keys. AIK is used to identify TPM. BK is used to encrypt data so that specific TPM can decrypt it. TPM can use for device authentication by linking a SSL client certificate to TPM. This paper proposes a method of an AIK certificate issuance with OpenID and a method of the SSL client certificate issuance to specific TPM using AIK and BK. In addition, the paper shows how to implement device authentication system using the SSL client certificate related to TPM.</abstract><doi>10.1587/transinf.2015CYP0012</doi><tpages>10</tpages></addata></record>
fulltext	fulltext
identifier	ISSN: 0916-8532
ispartof	IEICE transactions on information and systems, 2016, Vol.E99.D (4), p.1052-1061
issn	0916-8532 1745-1361
language	jpn
recordid	cdi_proquest_miscellaneous_1808114400
source	J-STAGE Free; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals
subjects	Authentication Binding Certificates Devices Joining Linking
title	SSL Client Authentication with TPM
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-23T18%3A30%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=SSL%20Client%20Authentication%20with%20TPM&rft.jtitle=IEICE%20transactions%20on%20information%20and%20systems&rft.au=Kakei,%20Shohei&rft.date=2016&rft.volume=E99.D&rft.issue=4&rft.spage=1052&rft.epage=1061&rft.pages=1052-1061&rft.issn=0916-8532&rft.eissn=1745-1361&rft_id=info:doi/10.1587/transinf.2015CYP0012&rft_dat=%3Cproquest%3E1808114400%3C/proquest%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1808114400&rft_id=info:pmid/&rfr_iscdi=true