should protect sensitive objects even on a compromised hosts (PIN can be easily intercepted …) PKCS#11 Objects Objects are referenced via handles Every object has attributes Encrypt some data under the “orange key” sensitive: true encrypt: true decrypt: true PKCS#11 Key Management Create a new key inside the token Export a key encrypted under another key (WrapKey) Import a previously exported key (UnwrapKey) sensitive: true encrypt: true decrypt: true A well known attack sensitive: true wrap: true decrypt: true sensitive: true Wrap the green key with the red one This class of attacks can be prevented by imposing policies on the attributes (no need of new crypto mechanisms!) Decrypt i
Abstract: Recently, Au et al. [Au et al. 2007] pointed out a seemingly neglected se-curity concern f...
Recently, Au et al. [Au et al. 2007] pointed out a seemingly neglected security concern for certific...
The goal of this paper is to report on the development of a tool aimed at the automatic detection of...
PKCS#11 is a standard API to cryptographic devices such as smarcards, hardware security modules and ...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulnerable to attacks which c...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulner- able to attacks which...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulner-able to attacks which ...
We show how to extract sensitive cryptographic keys from a variety of commercially available tamper ...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulnerable to attacks which c...
Abstract. We extend Delaune, Kremer and Steel’s framework for anal-ysis of PKCS#11-based APIs from b...
Being the most widely used and comprehensive standard for hardware security modules, cryptographic t...
Abstract. PKCS#11 is a very popular cryptographic API: it is the standard used by many Hardware Secu...
In this paper we describe attacks on PKCS#11 devices that we successfully mounted by interacting wit...
Abstract: Recently, Au et al. [Au et al. 2007] pointed out a seemingly neglected se-curity concern f...
Recently, Au et al. [Au et al. 2007] pointed out a seemingly neglected security concern for certific...
The goal of this paper is to report on the development of a tool aimed at the automatic detection of...
PKCS#11 is a standard API to cryptographic devices such as smarcards, hardware security modules and ...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulnerable to attacks which c...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulner- able to attacks which...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulner-able to attacks which ...
We show how to extract sensitive cryptographic keys from a variety of commercially available tamper ...
PKCS#11, is a security API for cryptographic tokens. It is known to be vulnerable to attacks which c...
Abstract. We extend Delaune, Kremer and Steel’s framework for anal-ysis of PKCS#11-based APIs from b...
Being the most widely used and comprehensive standard for hardware security modules, cryptographic t...
Abstract. PKCS#11 is a very popular cryptographic API: it is the standard used by many Hardware Secu...
In this paper we describe attacks on PKCS#11 devices that we successfully mounted by interacting wit...
Abstract: Recently, Au et al. [Au et al. 2007] pointed out a seemingly neglected se-curity concern f...
Recently, Au et al. [Au et al. 2007] pointed out a seemingly neglected security concern for certific...
The goal of this paper is to report on the development of a tool aimed at the automatic detection of...