Skip to Main content Skip to Navigation

A Secure Key Management Interface with Asymmetric Cryptography

Abstract : Cryptographic devices such as Hardware Security Modules are only as secure as their application programme interfaces (APIs) that offer cryptographic functionality to the outside world. Design flaws and implementation errors in security APIs have been shown to cause vulnerabilities that may leak secrets such as keys and PINs. Ideally, we would like to design such interfaces in such a way that we can formally prove security properties, even in the presence of some corrupted keys. In this work, we take such a design for a provably secure interface for symmetric key management, due to Cortier and Steel, and extend it to asymmetric cryptography, giving new security definitions and associated proofs. Asymmetric cryptography forces us to consider confidentiality and integrity properties separately and provide support for classical operations of public key infrastructure (e.g. certification of public keys). As far as we are aware this is the first such provably secure interface to support asymmetric key operations for key management: Cachin and Chandran's secure token interface supports asymmetric key operations only for encrypting and signing data, not for managing keys.
Document type :
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Graham Steel Connect in order to contact the contributor
Submitted on : Thursday, April 25, 2013 - 2:55:56 PM
Last modification on : Saturday, August 6, 2022 - 3:33:03 AM
Long-term archiving on: : Monday, April 3, 2017 - 11:40:15 PM


Files produced by the author(s)


  • HAL Id : hal-00805987, version 2


Marion Daubignard, David Lubicz, Graham Steel. A Secure Key Management Interface with Asymmetric Cryptography. [Research Report] RR-8274, INRIA. 2013. ⟨hal-00805987v2⟩



Record views


Files downloads