关键词: 直接匿名认证，可信计算，零知识证明，网络安全

Abstract: An improved scheme was proposed against the shortage of current mechanism of direct anonymous attesta- tion(DAA) in trusted computing platform. This scheme firstly adopted the CA to verify the EK certificate of prover to help prover and DAA issuer building the session key respectively. The DAA issuer can issue the secret certificate to the prover with the key. hhen the prover used a committed number lying in a specific interval to attest the validity to the verifier by integrating the protocol that two committed numbers arc equal with the protocol of the CI}T proof. The anal sis shows that this scheme not only has a higher security, but also is non-fraudulence, anonymity, can be withdrawed and more efficiency.

Key words: Direct anonymous attestation, Trusted computing, Zero-knowledge proof , Network security