Skip to Main content Skip to Navigation
New interface
Reports (Research report)

Revoke and Let Live: A Secure Key Revocation API for Cryptographic Devices

Véronique Cortier 1 Graham Steel 2 Cyrille Wiedling 1 
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : While extensive research addresses the problem of establishing session keys through cryptographic protocols, relatively little work has appeared addressing the problem of revocation and update of long term keys. We present an API for symmetric key management on embedded devices that supports revocation and prove security properties design in the symbolic model of cryptography. Our API supports two modes of revocation: a passive mode where keys have an expiration time, and an active mode where revocation messages are sent to devices. For the first we show that once enough time has elapsed after the compromise of a key, the system returns to a secure state, i.e. the API is robust against attempts by the attacker to use a compromised key to compromise other keys or keep the compromised key alive past its validity time. For the second we show that once revocation messages have been received the system is immediately in a secure state. Notable features of our designs are that all secret values on the device are revocable, and the device returns to a functionally equivalent state after revocation is complete.
Document type :
Reports (Research report)
Complete list of metadata

Cited literature [15 references]  Display  Hide  Download
Contributor : Cyrille Wiedling Connect in order to contact the contributor
Submitted on : Tuesday, July 31, 2012 - 10:35:27 AM
Last modification on : Wednesday, October 26, 2022 - 8:16:38 AM
Long-term archiving on: : Friday, December 16, 2016 - 4:07:11 AM


Files produced by the author(s)


  • HAL Id : hal-00721945, version 1


Véronique Cortier, Graham Steel, Cyrille Wiedling. Revoke and Let Live: A Secure Key Revocation API for Cryptographic Devices. [Research Report] RR-7949, INRIA. 2012, pp.41. ⟨hal-00721945⟩



Record views


Files downloads