Formal security analysis of PKCS#11 and proprietary extensions

Authors:
Sté/phanie Delaune;Steve Kremer;Graham Steel
Affiliations:
-;-;(Correspd. Tel.: +33 1 47 40 77 80/ Fax: +33 1 47 40 75 21/ E-mail: graham.Steel@lsv.ens-cachan.fr) LSV, ENS Cachan & CNRS & INRIA, France
Venue:
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Year:
2010

Citing 11
Cited 5

An automatic search for security flaws in key management schemes

Computers and Security
Guarded commands, nondeterminacy and formal derivation of programs

Communications of the ACM
API-Level Attacks on Embedded Systems

Computer
Multiset Rewriting and Security Protocol Analysis

RTA '02 Proceedings of the 13th International Conference on Rewriting Techniques and Applications
NuSMV 2: An OpenSource Tool for Symbolic Model Checking

CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Multiset rewriting and the complexity of bounded security protocols

Journal of Computer Security
Applying Protocol Analysis to Security Device Interfaces

IEEE Security and Privacy
A Formal Theory of Key Conjuring

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Automatic analysis of the security of XOR-based key management schemes

TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Deduction with XOR constraints in security API modelling

CADE' 20 Proceedings of the 20th international conference on Automated Deduction
Hierarchical combination of intruder theories

RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications

Attacking and fixing PKCS#11 security tokens

Proceedings of the 17th ACM conference on Computer and communications security
An introduction to security API analysis

Foundations of security analysis and design VI
Type-Based analysis of PKCS#11 key management

POST'12 Proceedings of the First international conference on Principles of Security and Trust
Concepts and proofs for configuring PKCS#11

FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Type-based analysis of key management in PKCS#11 cryptographic devices

Journal of Computer Security - Security and Trust Principles

Quantified Score

Hi-index	0.00

Visualization

Abstract

PKCS#11 defines an API for cryptographic devices that has been widely adopted in industry. However, it has been shown to be vulnerable to a variety of attacks that could, for example, compromise the sensitive keys stored on the device. In this paper, we set out a formal model of the operation of the API, which differs from previous security API models notably in that it accounts for non-monotonic mutable global state. We give decidability results for our formalism, and describe an implementation of the resulting decision procedure using the model checker NuSMV. We report some new attacks and prove the safety of some configurations of the API in our model. We also analyse proprietary extensions proposed by nCipher (Thales) and Eracom (Safenet), designed to address the shortcomings of PKCS#11.