Lecture Notes in Computer Science
 2012
DOI: 10.1007/978-3-642-28641-4_19
|View full text |Cite
|
Sign up to set email alerts
|

Type-Based Analysis of PKCS#11 Key Management

Matteo Centenaro
1
,
Riccardo Focardi
2
,
Flaminia L. Luccio
3

Abstract: Abstract. PKCS#11, is a security API for cryptographic tokens. It is known to be vulnerable to attacks which can directly extract, as cleartext, the value of sensitive keys. In particular, the API does not impose any limitation on the different roles a key can assume, and it permits to perform conflicting operations such as asking the token to wrap a key with another one and then to decrypt it. Fixes proposed in the literature, or implemented in real devices, impose policies restricting key roles and token fun… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2013
2013
2015
2015

Publication Types

Select...
2
1
1

Relationship

2
2

Authors

Journals

citations
Cited by 4 publications
(2 citation statements)
references
References 15 publications
0
2
0
Order By: Relevance
“…In [6] the authors propose a simple language, for the coding of PKCS#11 APIs, and they develop a type-based analysis to prove that the secrecy of sensitive keys is preserved under a certain policy. This solution, is however limited to PKCS#11 cryptographic APIs and to symmetric keys, whereas in this paper we propose a new language that is applicable to general cryptographic APIs, that is, any key storage that is managed through handles, and that manages also asymmetric and signing keys, in the style of [16].…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation

Type-Based Analysis of Generic Key Management APIs

Adão
1
,
Focardi
2
,
Luccio
3
2013
2013 IEEE 26th Computer Security Foundations Symposium
Self Cite
7
0
12
0
View full textAdd to dashboardCite
show abstract
“…In [6] the authors propose a simple language, for the coding of PKCS#11 APIs, and they develop a type-based analysis to prove that the secrecy of sensitive keys is preserved under a certain policy. This solution, is however limited to PKCS#11 cryptographic APIs and to symmetric keys, whereas in this paper we propose a new language that is applicable to general cryptographic APIs, that is, any key storage that is managed through handles, and that manages also asymmetric and signing keys, in the style of [16].…”
Section: Related Workmentioning
confidence: 99%
“…We then formalize the attacker model and define API security. The API language is inspired in [6] but here we allow more expressive types that dictate how keys should be used and what is their security level. Moreover we consider asymmetric encryption and digital signatures that are not accounted for in [6].…”
Section: A Language For Key Management Apismentioning
confidence: 99%

Type-Based Analysis of Generic Key Management APIs

Adão
1
,
Focardi
2
,
Luccio
3
2013
2013 IEEE 26th Computer Security Foundations Symposium
Self Cite
7
0
12
0
View full textAdd to dashboardCite
show abstract

Type-Based Analysis of Protected Storage in the TPM

Shao
1
,
Feng
2
,
Qin
3
2013
Information and Communications Security
7
0
2
0
View full textAdd to dashboardCite

Analysis of the PKCS#11 API Using the Maude-NPA Tool

González-Burgueño
1
,
Santiago
2
,
Escobar
3
et al. 2015
Security Standardisation Research
7
0
7
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.