An automatic search for security flaws in key management schemes
Computers and Security
Optimal privacy and authentication on a portable communications system
ACM SIGOPS Operating Systems Review
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Protocol Insecurity with Finite Number of Sessions is NP-Complete
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Securing vehicular ad hoc networks
Journal of Computer Security - Special Issue on Security of Ad-hoc and Sensor Networks
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Analysing PKCS#11 Key Management APIs with Unbounded Fresh Data
Foundations and Applications of Security Analysis
Automatic analysis of the security of XOR-based key management schemes
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Attacking and fixing PKCS#11 security tokens
Proceedings of the 17th ACM conference on Computer and communications security
An introduction to security API analysis
Foundations of security analysis and design VI
Revoke and let live: a secure key revocation api for cryptographic devices
Proceedings of the 2012 ACM conference on Computer and communications security
Hi-index | 0.00 |
Security APIs are used to define the boundary between trusted and untrusted code. The security properties of existing APIs are not always clear. In this paper, we give a new generic API for managing symmetric keys on a trusted cryptographic device. We state and prove security properties for our API. In particular, our API offers a high level of security even when the host machine is controlled by an attacker. Our API is generic in the sense that it can implement a wide variety of (symmetric key) protocols. As a proof of concept, we give an algorithm for automatically instantiating the API commands for a given key management protocol. We demonstrate the algorithm on a set of key establishment protocols from the Clark-Jacob suite.