ABSTRACT
We show how to extract sensitive cryptographic keys from a variety of commercially available tamper resistant cryptographic security tokens, exploiting vulnerabilities in their RSA PKCS#11 based APIs. The attacks are performed by Tookan, an automated tool we have developed, which reverse-engineers the particular token in use to deduce its functionality, constructs a model of its API for a model checker, and then executes any attack trace found by the model checker directly on the token. We describe the operation of Tookan and give results of testing the tool on 17 commercially available tokens: 9 were vulnerable to attack, while the other 8 had severely restricted functionality. One of the attacks found by the model checker has not previously appeared in the literature. We show how Tookan may be used to verify patches to insecure devices, and give a secure configuration that we have implemented in a patch to a software token simulator. This is the first such configuration to appear in the literature that does not require any new cryptographic mechanisms to be added to the standard. We comment on lessons for future key management APIs.
- }}A. Armando and L. Compagna. SAT-based model-checking for security protocols analysis. Int. J. Inf. Sec., 7(1):3--32, 2008. Software available at http://www.ai-lab.it/satmc. Currently developed under the AVANTSSAR project, http://www.avantssar.eu. Google ScholarDigital Library
- }}L. Baloci and A. Vianello. Un sistema per lo studio della sicurezza. Baccalaureate Thesis, University of Venice, Italy, April 2010.Google Scholar
- }}M. Bond. Attacks on cryptoprocessor transaction sets. In Proceedings of the 3rd International Workshop on Cryptographic Hardware and Embedded Systems (CHES'01), volume 2162 of LNCS, pages 220--234, Paris, France, 2001. Springer. Google ScholarDigital Library
- }}C. Cachin and N. Chandran. A secure cryptographic token interface. In Computer Security Foundations (CSF-22), pages 141--153, Long Island, New York, 2009. IEEE Computer Society Press. Google ScholarDigital Library
- }}R. Clayton and M. Bond. Experience using a low-cost FPGA design to crack DES keys. In Cryptographic Hardware and Embedded System - CHES 2002, pages 579--592, 2002. Google ScholarDigital Library
- }}J. Clulow. On the security of PKCS#11. In 5th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2003), pages 411--425, 2003.Google ScholarCross Ref
- }}V. Cortier and G. Steel. A generic security API for symmetric key management on cryptographic devices. In M. Backes and P. Ning, editors, Proceedings of the 14th European Symposium on Research in Computer Security (ESORICS'09), volume 5789 of Lecture Notes in Computer Science, pages 605--620, Saint Malo, France, Sept. 2009. Springer. Google ScholarDigital Library
- }}S. Delaune, S. Kremer, and G. Steel. Formal analysis of PKCS#11. In Proceedings of the 21st IEEE Computer Security Foundations Symposium (CSF'08), pages 331--344, Pittsburgh, PA, USA, June 2008. IEEE Computer Society Press. Google ScholarDigital Library
- }}S. Delaune, S. Kremer, and G. Steel. Formal analysis of PKCS#11 and proprietary extensions. Journal of Computer Security, 2009. To appear. Google ScholarDigital Library
- }}D. Dolev and A. Yao. On the security of public key protocols. IEEE Transactions in Information Theory, 2(29):198--208, March 1983.Google ScholarDigital Library
- }}S. Fr ¨oschle and G. Steel. Analysing PKCS#11 key management APIs with unbounded fresh data. In P. Degano and L. Vigan'o, editors, Revised Selected Papaers of the Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security (ARSPA-WITS'09), volume 5511 of Lecture Notes in Computer Science, pages 92--106, York, UK, Aug. 2009. Springer. Google ScholarDigital Library
- }}D. Longley and S. Rigby. An automatic search for security flaws in key management schemes. Computers and Security, 11(1):75--89, March 1992. Google ScholarDigital Library
- }}openCryptoki. http://sourceforge.net/projects/opencryptoki/.Google Scholar
- }}RSA Security Inc., v2.20. PKCS #11: Cryptographic Token Interface Standard., June 2004.Google Scholar
Index Terms
- Attacking and fixing PKCS#11 security tokens
Recommendations
Type-based analysis of key management in PKCS#11 cryptographic devices
Security and Trust PrinciplesPKCS#11, is a security API for cryptographic tokens. It is known to be vulnerable to attacks which can directly extract, as cleartext, the value of sensitive keys. In particular, the API does not impose any limitation on the different roles a key can ...
Formal security analysis of PKCS#11 and proprietary extensions
7th International Workshop on Issues in the Theory of Security (WITS'07)PKCS#11 defines an API for cryptographic devices that has been widely adopted in industry. However, it has been shown to be vulnerable to a variety of attacks that could, for example, compromise the sensitive keys stored on the device. In this paper, we ...
A generic security API for symmetric key management on cryptographic devices
We present a new symmetric key management API for cryptographic devices intended to implement security protocols in distributed systems. Our API has a formal security policy and proofs of security in the symbolic model, under various threat scenarios. ...
Comments