Universally Composable Key-Management

  • Steve Kremer
  • Robert Künnemann
  • Graham Steel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8134)


We present the first universally composable key-management functionality, formalized in the GNUC framework by Hofheinz and Shoup. It allows the enforcement of a wide range of security policies and can be extended by diverse key usage operations with no need to repeat the security proof. We illustrate its use by proving an implementation of a security token secure with respect to arbitrary key-usage operations and explore a proof technique that allows the storage of cryptographic keys externally, a novel development in simulation-based security frameworks.


Secure Channel Trust Platform Module Cryptographic Operation Security Notion Asymmetric Encryption 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    RSA Security Inc.: PKCS #11: Cryptographic Token Interface Standard v2.20 (June 2004)Google Scholar
  2. 2.
    IBM: CCA Basic Services Reference and Guide (October 2006),
  3. 3.
    Trusted Computing Group: TPM Specification version 1.2. Parts 1–3, revision 103 (2007),
  4. 4.
    Cachin, C., Chandran, N.: A secure cryptographic token interface. In: Proc. 22th IEEE Computer Security Foundation Symposium, CSF 2009, pp. 141–153. IEEE Comp. Soc. Press (2009)Google Scholar
  5. 5.
    Kremer, S., Steel, G., Warinschi, B.: Security for key management interfaces. In: Proc. 24th IEEE Computer Security Foundations Symposium, CSF 2011, pp. 66–82. IEEE Comp. Soc. Press (2011)Google Scholar
  6. 6.
    Hofheinz, D., Shoup, V.: GNUC: A new universal composability framework. Cryptology ePrint Archive, Report 2011/303 (2011),
  7. 7.
    Canetti, R.: Universally composable signature, certification, and authentication. In: Proc. 17th IEEE workshop on Computer Security Foundations, CSFW 2004, pp. 219–233. IEEE Computer Society (2004)Google Scholar
  8. 8.
    Hofheinz, D.: Possibility and impossibility results for selective decommitments. J. Cryptology 24(3), 470–516 (2011)MathSciNetzbMATHCrossRefGoogle Scholar
  9. 9.
    Longley, D., Rigby, S.: An automatic search for security flaws in key management schemes. Computers and Security 11(1), 75–89 (1992)CrossRefGoogle Scholar
  10. 10.
    Bond, M., Anderson, R.: API level attacks on embedded systems. IEEE Computer Magazine, 67–75 (October 2001)Google Scholar
  11. 11.
    Bortolozzo, M., Centenaro, M., Focardi, R., Steel, G.: Attacking and fixing PKCS#11 security tokens. In: Proc. 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, pp. 260–269. ACM Press (October 2010)Google Scholar
  12. 12.
    Cortier, V., Keighren, G., Steel, G.: Automatic analysis of the security of XOR-based key management schemes. In: Grumberg, O., Huth, M. (eds.) TACAS 2007. LNCS, vol. 4424, pp. 538–552. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Delaune, S., Kremer, S., Steel, G.: Formal analysis of PKCS#11 and proprietary extensions. Journal of Computer Security 18(6), 1211–1245 (2010)Google Scholar
  14. 14.
    Küsters, R., Tuengerthal, M.: Ideal Key Derivation and Encryption in Simulation-Based Security. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 161–179. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Kremer, S., Künnemann, R., Steel, G.: Universally composable key-management (2012),
  16. 16.
    Küsters, R.: Simulation-Based Security with Inexhaustible Interactive Turing Machines. In: Proc. 19th IEEE Computer Security Foundations Workshop, CSFW 2006, pp. 309–320. IEEE Comp. Soc. Press (2006)Google Scholar
  17. 17.
    Maurer, U., Renner, R.: Abstract cryptography. In: Proc. 2nd Symposium in Innovations in Computer Science, ICS 2011, pp. 1–21. Tsinghua University Press (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Steve Kremer
    • 1
  • Robert Künnemann
    • 2
  • Graham Steel
    • 2
  1. 1.LORIA & INRIA Nancy – Grand-EstFrance
  2. 2.INRIA Paris – RocquencourtFrance

Personalised recommendations