The Trusted Platform Module (TPM) version 2.0 provides a two-phase key exchange primitive which can be used to implement three widely-standardized authenticated key exchange protocols: the Full Unified Model, the Full MQV, and the SM2 key exchange protocols. However, vulnerabilities have been found in all of these protocols. Fortunately, it seems that the protections offered by TPM chips can mitigate these vulnerabilities. In this paper, we present a security model which captures TPM’s protections on keys and protocols’ computation environments and in which multiple protocols can be analyzed in a unified way. Based on the unified security model, we give the first formal security analysis of the key exchange primitive of TPM 2.0, and the analysis results show that, with the help of hardware protections of TPM chips, the key exchange primitive indeed satisfies the well-defined security property of our security model, but unfortunately under some impractical limiting conditions, which would prevent the application of the key exchange primitive in real-world networks. To make TPM 2.0 applicable to real-world networks, we present a revision of the key exchange primitive of TPM 2.0, which can be secure without the limiting conditions. We give a rigorous analysis of our revision, and the results show that our revision achieves not only the basic security property of modern AKE security models but also some further security properties.

可信平台模块（TPM）2.0版提供了一个两阶段的密钥交换原语，可用于实现三种广泛标准化的认证密钥交换协议：完全统一模型，完全MQV和SM2密钥交换协议。但是，在所有这些协议中都发现了漏洞。幸运的是，TPM芯片提供的保护似乎可以缓解这些漏洞。在本文中，我们提出了一个安全模型，该模型捕获了TPM在密钥和协议的计算环境上的保护，并且可以以统一的方式分析多个协议。基于统一的安全模型，我们对TPM 2.0的密钥交换原语进行了首次正式的安全性分析，分析结果表明，借助TPM芯片的硬件保护，密钥交换原语确实满足了我们安全模型定义良好的安全属性，但是不幸的是，在某些不切实际的限制条件下，这会阻止密钥交换原语在实际网络中的应用。为了使TPM 2.0适用于实际网络，我们提出了TPM 2.0密钥交换原语的修订版，该原版可以不受限制地保证安全。我们对修订进行了严格的分析，结果表明，修订不仅实现了现代AKE安全模型的基本安全属性，而且还实现了其他一些安全属性。0适用于现实网络，我们提出了TPM 2.0密钥交换原语的修订版，该原版可以不受限制地保证安全。我们对修订进行了严格的分析，结果表明，修订不仅实现了现代AKE安全模型的基本安全属性，而且还实现了其他一些安全属性。0适用于现实网络，我们提出了TPM 2.0密钥交换原语的修订版，该原版可以不受限制地保证安全。我们对修订进行了严格的分析，结果表明，修订不仅实现了现代AKE安全模型的基本安全属性，而且还实现了其他一些安全属性。