2017
DOI: 10.1007/978-3-319-70972-7_8
|View full text |Cite
|
Sign up to set email alerts
|

A Provably Secure PKCS#11 Configuration Without Authenticated Attributes

Abstract: Abstract. Cryptographic APIs like PKCS#11 are interfaces to trusted hardware where keys are stored; the secret keys should never leave the trusted hardware in plaintext. In PKCS#11 it is possible to give keys conflicting roles, leading to a number of key-recovery attacks. To prevent these attacks, one can authenticate the attributes of keys when wrapping, but this is not standard in PKCS#11. Alternatively, one can configure PKCS#11 to place additional restrictions on the commands permitted by the API. Bortoloz… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
4
0

Year Published

2017
2017
2021
2021

Publication Types

Select...
2
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(4 citation statements)
references
References 16 publications
0
4
0
Order By: Relevance
“…In [8] and [29] the analysis was generalized to other key configurations and was proved correct via typing and automated verification, respectively. In [36] a PKCS#11 configuration proposed in [7] was proved secure on a computational model of PKCS#11, using wrap_with_trusted to prevent key cycles which, by the way, is not the primary purpose of this attribute. All of these works assume that the attributes of keys are immutable.…”
Section: Related Workmentioning
confidence: 99%
See 3 more Smart Citations
“…In [8] and [29] the analysis was generalized to other key configurations and was proved correct via typing and automated verification, respectively. In [36] a PKCS#11 configuration proposed in [7] was proved secure on a computational model of PKCS#11, using wrap_with_trusted to prevent key cycles which, by the way, is not the primary purpose of this attribute. All of these works assume that the attributes of keys are immutable.…”
Section: Related Workmentioning
confidence: 99%
“…Note that, while this attribute can potentially prevent previous attacks, in the standard it is not mandatory to set wrap_with_trusted on sensitive keys and there is no mention of how trusted keys should be generated and managed, vanishing all advantages of this mechanism. Some works proved that an accurate use of this attribute in a very controlled an limited way may work correctly, but they put limits to its application and assume that the attributes of keys are immutable, which is not realistic as it reduces the API functionality and breaks compliance with the PKCS#11 standard [1,8,23,29,36].…”
Section: The Pkcs#11 Standardmentioning
confidence: 99%
See 2 more Smart Citations