[1157] in cryptography@c2.net mail archive
Re: Is PKCS#11 broken, or is it just me?
daemon@ATHENA.MIT.EDU (Tom Weinstein)
Wed Jul 2 23:30:26 1997
Date: Wed, 02 Jul 1997 14:58:20 -0700
From: Tom Weinstein <tomw@netscape.com>
To: Marcus Leech <mleech@nortel.ca>
CC: cryptography@c2.net
Marcus Leech wrote:
>
> I've been looking over the PKCS#11 V2.0 document, and I've come to the
> conclusion that it's broken.
>
> My understanding of the way it works is that the user "logs in" to the
> card, using a PIN, and acquires a "session". The card, therefore,
> is stateful, and presumably any process that can then get to the card
> can cause it to do useful things (sign documents, decrypt files, etc).
That's correct, although it's the PKCS#11 interface that's stateful.
It can be implemented on top of cards that are stateless if the driver
remembers any necessary state.
> If I were designing the interface, I'd insist that all transactions
> that would need access to private-key storage in the "cryptographic
> module" require a passphrase, that is used to generate the key that
> was used to encrypt the private key. In this model, the "attacker"
> who is able to gain access to the card (too-liberal permission on
> /dev/smartcard, for example) would still be unable to do anything
> useful with it; they'd need to be able to snarf the passphrase as
> well.
There's really little difference between what you propose and what
PKCS#11 does. Either the application has to keep a copy of the PIN
around, or it keeps the session handle around. In either case, someone
with access to you address space can use the card. If you're operating
in an environment with protection between address spaces, then there
shouldn't be any problem. The PKCS#11 spec says that session spaces of
different applications should be orthogonal, which is readily enforcable
in any real OS.
--
What is appropriate for the master is not appropriate| Tom Weinstein
for the novice. You must understand Tao before | tomw@netscape.com
transcending structure. -- The Tao of Programming |
