Attacking and Fixing PKCS\11 Security Tokens (bibtex)
by Matteo Bortolozzo, Matteo Centenaro, Riccardo Focardi, Graham Steel
Abstract:
We show how to extract sensitive cryptographic keys from a variety of commercially available tamper resistant cryptographic security tokens, exploiting vulnerabilities in their RSA PKCS\11 based APIs. The attacks are performed by Tookan, an automated tool we have developed, which reverse-engineers the particular token in use to deduce its functionality, constructs a model of its API for a model checker, and then executes any attack trace found by the model checker directly on the token. We describe the operation of Tookan and give results of testing the tool on 17 commercially available tokens: 9 were vulnerable to attack, while the other 8 had severely restricted functionality. One of the attacks found by the model checker has not previously appeared in the literature. We show how Tookan may be used to verify patches to insecure devices, and give a secure configuration that we have implemented in a patch to a software token simulator. This is the first such configuration to appear in the literature that does not require any new cryptographic mechanisms to be added to the standard. We comment on lessons for future key management APIs.
Reference:
Attacking and Fixing PKCS\11 Security Tokens (Matteo Bortolozzo, Matteo Centenaro, Riccardo Focardi, Graham Steel), In Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS'10), ACM Press, 2010.
Bibtex Entry:
@inproceedings{BCFS-ccs10,
  abstract =      {We show how to extract sensitive cryptographic keys
                   from a variety of commercially available tamper
                   resistant cryptographic security tokens, exploiting
                   vulnerabilities in their RSA PKCS\#11 based APIs. The
                   attacks are performed by Tookan, an automated tool we
                   have developed, which reverse-engineers the
                   particular token in use to deduce its functionality,
                   constructs a model of its API for a model checker,
                   and then executes any attack trace found by the model
                   checker directly on the token. We describe the
                   operation of Tookan and give results of testing the
                   tool on 17 commercially available tokens: 9~were
                   vulnerable to attack, while the other 8 had severely
                   restricted functionality. One of the attacks found by
                   the model checker has not previously appeared in the
                   literature. We show how Tookan may be used to verify
                   patches to insecure devices, and give a secure
                   configuration that we have implemented in a patch to
                   a software token simulator. This is the first such
                   configuration to appear in the literature that does
                   not require any new cryptographic mechanisms to be
                   added to the standard. We comment on lessons for
                   future key management APIs.},
  address =       {Chicago, Illinois, USA},
  author =        {Bortolozzo, Matteo and Centenaro, Matteo and
                   Focardi, Riccardo and Steel, Graham},
  booktitle =     {{P}roceedings of the 17th {ACM} {C}onference on
                   {C}omputer and {C}ommunications {S}ecurity
                   ({CCS}'10)},
  DOI =           {10.1145/1866307.1866337},
  month =         oct,
  pages =         {260-269},
  publisher =     {ACM Press},
  title =         {Attacking and Fixing {PKCS}\#11 Security Tokens},
  year =          {2010},
  acronym =       {{CCS}'10},
  nmonth =        {10},
  url =           {http://www.lsv.ens-cachan.fr/Publis/PAPERS/PDF/BCFS-ccs10.pdf},
  PDF =           {http://www.lsv.ens-cachan.fr/Publis/PAPERS/PDF/BCFS-ccs10.pdf},
  lsv-category =  {intc},
  wwwpublic =     {public and ccsb},
}
Powered by bibtexbrowser