A Generic Security API for Symmetric Key Management on Cryptographic Devices
Security APIs are used to define the boundary between trusted and untrusted code. The security properties of existing APIs are not always clear. In this paper, we give a new generic API for managing symmetric keys on a trusted cryptographic device. We state and prove security properties for our API. In particular, our API offers a high level of security even when the host machine is controlled by an attacker.
Our API is generic in the sense that it can implement a wide variety of (symmetric key) protocols. As a proof of concept, we give an algorithm for automatically instantiating the API commands for a given key management protocol. We demonstrate the algorithm on a set of key establishment protocols from the Clark-Jacob suite.
KeywordsSecurity Level Secret Data Replay Attack Host Machine Brute Force Attack
Unable to display preview. Download preview PDF.
- 1.Council regulation (ec) no 2252/2004: on standards for security features and biometrics in passports and travel documents issued by member states (December 2004), http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2004:385:0001:0006:EN:PDF
- 4.CCA Basic Services Reference and Guide (October 2006), www.ibm.com/security/cryptocards/pdfs/bs327.pdf
- 5.Clark, J., Jacob, J.: A survey of authentication protocol literature: Version 1.0 (1997), http://www.cs.york.ac.uk/jac/papers/drareview.ps.gz
- 8.Cortier, V., Steel, G.: Synthesising secure APIs. Research Report RR-6882, INRIA (March 2009)Google Scholar
- 9.Courant, J., Monin, J.-F.: Defending the bank with a proof assistant. In: Proceedings of the 6th International Workshop on Issues in the Theory of Security (WITS 2006), Vienna, Austria, March 2006, pp. 87–98 (2006)Google Scholar
- 11.Fröschle, S., Steel, G.: Analysing PKCS#11 key management APIs with unbounded fresh data. In: Degano, P. (ed.) ARSPA-WITS 2009. LNCS, vol. 5511, pp. 92–106. Springer, Heidelberg (2009)Google Scholar
- 12.IBM Comment on A Chosen Key Difference Attack on Control Vectors (January 2001), http://www.cl.cam.ac.uk/~mkb23/research.html
- 16.RSA Security Inc., v2.20. PKCS #11: Cryptographic Token Interface Standard (June 2004)Google Scholar