METHOD AND ATTESTATION SYSTEM FOR PREVENTING ATTESTATION REPLAY ATTACK
First Claim
1. A method for preventing an attestation replay attack by an attestation target system in an attestation system including the attestation target system and an attestation request system, the method comprising:
- measuring associated components when an event that affects the integrity of the attestation target system occurs;
perceiving identity information in the attestation target system and verifying the perceived identity information;
extending the measured components and the identity information to the size of the register and recording the components and the identity information in a log;
generating an attestation response message including the log and a value of the register when an attestation request message is received from the attestation request system; and
transmitting the generated attestation request message to the attestation request system.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided are a method and an attestation system for preventing an attestation replay attack. The method for preventing an attestation replay attack in an attestation system including an attestation target system and an attestation request system, the method including: measuring associated components when an event that affects the integrity of the attestation target system occurs; perceiving own identity information and verifying the perceived identity information; extending the measured component and the identity information into a register and logging the measured component and the identity information; generating an attestation response message including values of the log and the register when an attestation request message is received from the attestation request system; and transmitting the generated attestation response message to the attestation request system. Therefore, the method and an attestation system may be useful to provide an additional simple mathematical operation in verifying an attestation message by preventing an attestation replay attack, and thus to minimize performance degradation in the attestation system, compared to the conventional attestation processing mechanisms.
38 Citations
13 Claims
-
1. A method for preventing an attestation replay attack by an attestation target system in an attestation system including the attestation target system and an attestation request system, the method comprising:
-
measuring associated components when an event that affects the integrity of the attestation target system occurs; perceiving identity information in the attestation target system and verifying the perceived identity information; extending the measured components and the identity information to the size of the register and recording the components and the identity information in a log; generating an attestation response message including the log and a value of the register when an attestation request message is received from the attestation request system; and transmitting the generated attestation request message to the attestation request system. - View Dependent Claims (2, 3, 4)
-
-
5. A method for preventing an attestation replay attack by an attestation request system in an attestation system including an attestation target system and the attestation request system, the method comprising:
-
transmitting an attestation request message including a random number to the attestation target system; receiving the transmitted attestation request message including a log recording identity information of the attestation target system, and a value of a register extending the identity information; and verifying the attestation request message to confirm reliability of the attestation target system. - View Dependent Claims (6)
-
-
7. An attestation system for preventing an attestation replay attack including an attestation target system and an attestation request system for making an attestation request to the attestation target system, wherein the attestation target system comprises:
-
an integrity measurement block for measuring associated components when an event that affects the integrity of the attestation target system occurs; an identity information verification block for perceiving identity information of the attestation target system and verifying the perceived identity information; an information recording block for recording the measured component and the identity information in a log; a security block including a register for extending and storing the measured components and the identity information; and an attestation service block for generating an attestation response message including the register value and the log in which the identity information is recorded, and wherein the attestation request system receives an attestation response message from the attestation target system on the attestation request and confirms that the attestation response message is generated in the attestation target system. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
Specification