Skip to Main content Skip to Navigation
Conference papers

Revoke and Let Live: A Secure Key Revocation API for Cryptographic Devices

Véronique Cortier 1 Graham Steel 2 Cyrille Wiedling 1
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : While extensive research addresses the problem of establishing session keys through cryptographic protocols, relatively little work has appeared addressing the problem of revocation and update of long term keys. We present an API for symmetric key management on embedded devices that supports revocation and prove security properties design in the symbolic model of cryptography. Our API supports two modes of revocation: a passive mode where keys have an expiration time, and an active mode where revocation messages are sent to devices. For the first we show that once enough time has elapsed after the compromise of a key, the system returns to a secure state, i.e. the API is robust against attempts by the attacker to use a compromised key to compromise other keys or keep the compromised key alive past its validity time. For the second we show that once revocation messages have been received the system is immediately in a secure state. Notable features of our designs are that all secret values on the device are revocable, and the device returns to a functionally equivalent state after revocation is complete.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/hal-00732902
Contributor : Véronique Cortier <>
Submitted on : Monday, September 17, 2012 - 1:23:07 PM
Last modification on : Tuesday, December 18, 2018 - 4:38:25 PM

Identifiers

  • HAL Id : hal-00732902, version 1

Citation

Véronique Cortier, Graham Steel, Cyrille Wiedling. Revoke and Let Live: A Secure Key Revocation API for Cryptographic Devices. 19th ACM Conference on Computer and Communications Security (CCS'12), Oct 2012, Raleigh, United States. ⟨hal-00732902⟩

Share

Metrics

Record views

367