Title :
Security for Key Management Interfaces
Author :
Kremer, Steve ; Steel, Graham ; Warinschi, Bogdan
Author_Institution :
LSV, ENS Cachan, Cachan, France
Abstract :
We propose a much-needed formal definition of security for cryptographic key management APIs. The advantages of our definition are that it is general, intuitive, and applicable to security proofs in both symbolic and computational models of cryptography. Our definition relies on an idealized API which allows only the most essential functions for generating, exporting and importing keys, and takes into account dynamic corruption of keys. Based on this we can define the security of more expressive APIs which support richer functionality. We illustrate our approach by showing the security of APIs both in symbolic and computational models.
Keywords :
application program interfaces; cryptography; computational models; cryptographic key management API; formal definition; key management interface security; symbolic models; Algebra; Computational modeling; Encryption; Servers; Wrapping; Key management; cryptography; security APIs;
Conference_Titel :
Computer Security Foundations Symposium (CSF), 2011 IEEE 24th
Conference_Location :
Cernay-la-Ville
Print_ISBN :
978-1-61284-644-6
DOI :
10.1109/CSF.2011.25
