A Formal Theory of Key Conjuring

Authors:
Veronique Cortier;Stephanie Delaune;Graham Steel
Affiliations:
LORIA, France;LORIA, France;University of Edinburgh, UK
Venue:
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Year:
2007

Citing 0
Cited 4

Reducing protocol analysis with XOR to the XOR-free case in the horn theory based approach

Proceedings of the 15th ACM conference on Computer and communications security
Formal security analysis of PKCS#11 and proprietary extensions

Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Finite models for formal security proofs

Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Reducing Protocol Analysis with XOR to the XOR-Free Case in the Horn Theory Based Approach

Journal of Automated Reasoning

Quantified Score

Hi-index	0.00

Visualization

Abstract

Key conjuring is the process by which an attacker obtains an unknown, encrypted key by repeatedly calling a cryptographic API function with random values in place of keys. We propose a formalism for detecting computationally feasible key conjuring operations, incorporated into a Dolev-Yao style model of the security API. We show that security in the presence of key conjuring operations is decidable for a particular class of APIs, which includes the key management API of IBM's Common Cryptographic Architecture (CCA).