Comparing State Spaces in Automatic Security Protocol Analysis
Formal to Practical Security
Type-based analysis of PIN processing APIs
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
A generic security API for symmetric key management on cryptographic devices
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Attacking and fixing PKCS#11 security tokens
Proceedings of the 17th ACM conference on Computer and communications security
Formal analysis of key integrity in PKCS#11
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Reasoning with past to prove PKCS#11 keys secure
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
An introduction to security API analysis
Foundations of security analysis and design VI
Design and implementation of a key-lifecycle management system
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
A linux kernel cryptographic framework: decoupling cryptographic keys from applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Type-Based analysis of PKCS#11 key management
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Type-based analysis of key management in PKCS#11 cryptographic devices
Journal of Computer Security - Security and Trust Principles
Efficient construction of machine-checked symbolic protocol security proofs
Journal of Computer Security
Hi-index | 0.00 |
PKCS#11 defines an API for cryptographic devices that has been widely adopted in industry. However, it has been shown to be vulnerable to a variety of attacks that could, for example, compromise the sensitive keys stored on the device. In this paper, we set out a formal model of the operation of the API, which differs from previous security API models notably in that it accounts for non-monotonic mutable global state. We give decidability results for our formalism, and describe an implementation of the resulting decision procedure using a model checker. We report some new attacks and prove the safety of some configurations of the API in our model.