|![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Isaac Newton Institute Seminar Series > Analysis of Cryptographic Security APIs
Analysis of Cryptographic Security APIsAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Mustapha Amrani. This talk has been canceled/deleted In practice, many developers use cryptography via an application program interface (API) either to a software library or a hardware device where keys are stored and all cryptographic operations take place. Designing such interfaces so that they offer flexible functionality but cannot be abused to reveal keys or secrets has proved to be extremely difficult, with a number of published vulnerabilities in widely-used APIs appearing over the last decade. This talk will discuss recent research on the use of formal methods to specify and verify such interfaces in order to either detect flaws or prove security properties. We will focus on the example of RSA PKCS #11, the most widely used interface for cryptographic devices. We will demonstrate a tool, Tookan, which can reverse engineer the particular configuration of PKCS #11 in use on some device under test, construct a model of the device’s functionality, and call a model checker to search for attacks. If an attack is found, it can be executed automatically on the device. We will comment on design principles for the next generation of APIs. This talk is part of the Isaac Newton Institute Seminar Series series. This talk is included in these lists:This talk is not included in any other list Note that ex-directory lists are not shown. |
Other listsMEMS Annual Race Equality Lecture CRASSH lecturesOther talks'Cryptocurrency and BLOCKCHAIN – PAST, PRESENT AND FUTURE' Observation of photon antibunching from a potential SAW-driven single-photon source Succulents with Altitude Managing your research data effectively and working reproducibly for beginners Leveraging the imaging power of the Beacon platform Surrogate models in Bayesian Inverse Problems An SU(3) variant of instanton homology for webs Graph Legendrians and SL2 local systems A new proposal for the mechanism of protein translocation Protein Folding, Evolution and Interactions Symposium A polyfold lab report Disease Migration |
Tuesday 31 January 2012, 16:00-16:45