Paper 2016/433

Analysis of Key Wrapping APIs: Generic Policies, Computational Security

Guillaume Scerri and Ryan Stanley-Oakes

Abstract

We present an analysis of key wrapping APIs with generic policies. We prove that certain minimal conditions on policies are sufficient for keys to be indistinguishable from random in any execution of an API. Our result captures a large class of API policies, including both the hierarchies on keys that are common in the scientific literature and the non-linear dependencies on keys used in PKCS#11. Indeed, we use our result to propose a secure refinement of PKCS#11, assuming that the attributes of keys are transmitted as authenticated associated data when wrapping and that there is an enforced separation between keys used for wrapping and keys used for other cryptographic purposes. We use the Computationally Complete Symbolic Attacker developed by Bana and Comon. This model enables us to obtain computational guarantees using a simple proof with a high degree of modularity.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. CSF 2016
Keywords
key managementkey wrappingcryptographic APIssecret-key cryptographysmart cards
Contact author(s)
ryan stanley @ bristol ac uk
History
2016-05-12: last of 2 revisions
2016-05-02: received
See all versions
Short URL
https://ia.cr/2016/433
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/433,
      author = {Guillaume Scerri and Ryan Stanley-Oakes},
      title = {Analysis of Key Wrapping APIs: Generic Policies, Computational Security},
      howpublished = {Cryptology ePrint Archive, Paper 2016/433},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/433}},
      url = {https://eprint.iacr.org/2016/433}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.