Computationally Sound Proofs of Security for a Key Management API extended abstract

Security solutions for information systems are increasingly making use of tamper-resistant cryptographic devices, whether they are smartcards carried by commuters on a mass transit system, or high-throughput Hardware Security Modules in a bank ATM transaction processing processing facility. Over the last few years we have been analysing the key management APIs of such tamper-resistant devices. The design of the API is critical for the security of the system, since it is the API which controls information flow between the data on the tamper resistant device and the hostile outside world. We have shown a number of standard APIs to be susceptible to attacks whereby sensitive keys are revealed in clear [1, 3, 4]. More recently, we have proposed our own generic API and proved security properties for it [2]. We have also proven security properties for a variant of the popular PKCS#11 standard API, albeit with weaker properties than our own design [4]. However, all these proofs are in the symbolic model. Naturally we would like to extend our results to a suitable ‘computational’ model. We discuss this ongoing work in this extended abstract.