密码远离内存:使用TPM进行密码缓存和验证

22nd International Conference on Advanced Information Networking and Applications (aina 2008) Pub Date : 2008-03-25 DOI:10.1109/AINA.2008.109

Hua Wang, Yao Guo, Xia Zhao, Xiangqun Chen

{"title":"密码远离内存:使用TPM进行密码缓存和验证","authors":"Hua Wang, Yao Guo, Xia Zhao, Xiangqun Chen","doi":"10.1109/AINA.2008.109","DOIUrl":null,"url":null,"abstract":"TPM is able to provide strong secure storage for sensitive data such as passwords. Although several commercial password managers have used TPM to cache passwords, they are not capable of protecting passwords during verification. This paper proposes a new TPM-based password caching and verification method called PwdCaVe. In addition to using TPM in password caching, PwdCaVe also uses TPM during password verification. In PwdCaVe, all password-related computations are performed in the TPM. PwdCaVe guarantees that once a password is cached in the TPM, it will be protected by the TPM through the rest of its lifetime, thus eliminating the possibility that passwords might be attacked in memory. A prototype of PwdCaVe is implemented on Linux to demonstrate its feasibility.","PeriodicalId":328651,"journal":{"name":"22nd International Conference on Advanced Information Networking and Applications (aina 2008)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Keep Passwords Away from Memory: Password Caching and Verification Using TPM\",\"authors\":\"Hua Wang, Yao Guo, Xia Zhao, Xiangqun Chen\",\"doi\":\"10.1109/AINA.2008.109\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"TPM is able to provide strong secure storage for sensitive data such as passwords. Although several commercial password managers have used TPM to cache passwords, they are not capable of protecting passwords during verification. This paper proposes a new TPM-based password caching and verification method called PwdCaVe. In addition to using TPM in password caching, PwdCaVe also uses TPM during password verification. In PwdCaVe, all password-related computations are performed in the TPM. PwdCaVe guarantees that once a password is cached in the TPM, it will be protected by the TPM through the rest of its lifetime, thus eliminating the possibility that passwords might be attacked in memory. A prototype of PwdCaVe is implemented on Linux to demonstrate its feasibility.\",\"PeriodicalId\":328651,\"journal\":{\"name\":\"22nd International Conference on Advanced Information Networking and Applications (aina 2008)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"22nd International Conference on Advanced Information Networking and Applications (aina 2008)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AINA.2008.109\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"22nd International Conference on Advanced Information Networking and Applications (aina 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINA.2008.109","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

TPM能够为敏感数据(如密码)提供强大的安全存储。尽管一些商业密码管理器已经使用TPM来缓存密码，但它们无法在验证期间保护密码。本文提出了一种新的基于tpm的密码缓存和验证方法——PwdCaVe。除了在密码缓存中使用TPM外，PwdCaVe还在密码验证期间使用TPM。在PwdCaVe中，所有与密码相关的计算都在TPM中执行。PwdCaVe保证一旦密码缓存在TPM中，它将在TPM的剩余生命周期中受到保护，从而消除了密码在内存中受到攻击的可能性。在Linux上实现了PwdCaVe的原型，以验证其可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Keep Passwords Away from Memory: Password Caching and Verification Using TPM

TPM is able to provide strong secure storage for sensitive data such as passwords. Although several commercial password managers have used TPM to cache passwords, they are not capable of protecting passwords during verification. This paper proposes a new TPM-based password caching and verification method called PwdCaVe. In addition to using TPM in password caching, PwdCaVe also uses TPM during password verification. In PwdCaVe, all password-related computations are performed in the TPM. PwdCaVe guarantees that once a password is cached in the TPM, it will be protected by the TPM through the rest of its lifetime, thus eliminating the possibility that passwords might be attacked in memory. A prototype of PwdCaVe is implemented on Linux to demonstrate its feasibility.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

22nd International Conference on Advanced Information Networking and Applications (aina 2008)

自引率

0.00%

发文量