A Generic Security API for Symmetric Key Management on Cryptographic Devices

Véronique Cortier 1 Graham Steel 2
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies, INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Security APIs are used to define the boundary between trusted and untrusted code. The security properties of existing APIs are not always clear. In this paper, we give a new generic API for managing symmetric keys on a trusted cryptographic device. We state and prove security properties for our API. In particular, our API offers a high level of security even when the host machine is controlled by an attacker. Our API is generic in the sense that it can implement a wide variety of (symmetric key) protocols. As a proof of concept, we give an algorithm for automatically instantiating the API commands for a given key management protocol. We demonstrate the algorithm on a set of key establishment protocols from the Clark-Jacob suite.
Type de document :
Communication dans un congrès
Michael Backes and Peng Ning. 14th European Symposium On Research In Computer Security - ESORICS'09, Sep 2009, St Malo, France. Springer, 5789, pp.605-620, 2009, Lecture Notes in Coputer Science. 〈10.1007/978-3-642-04444-1_37〉
Liste complète des métadonnées

https://hal.inria.fr/inria-00426621
Contributeur : Véronique Cortier <>
Soumis le : mardi 27 octobre 2009 - 09:38:23
Dernière modification le : jeudi 15 février 2018 - 08:48:09

Lien texte intégral

Identifiants

Citation

Véronique Cortier, Graham Steel. A Generic Security API for Symmetric Key Management on Cryptographic Devices. Michael Backes and Peng Ning. 14th European Symposium On Research In Computer Security - ESORICS'09, Sep 2009, St Malo, France. Springer, 5789, pp.605-620, 2009, Lecture Notes in Coputer Science. 〈10.1007/978-3-642-04444-1_37〉. 〈inria-00426621〉

Partager

Métriques

Consultations de la notice

190