19/07/2017 – Talks by Mauro Tempesta, Francesco Palmarini, Heider Wahsheh, Marco Squarcina

The program of the day will be:

11.00 Mauro Tempesta
11.20 Francesco Palmarini
11.40 Heider Wahsheh
14.00 Marco Squarcina

Titles and abstracts follow:

Title: Run-time Attack Detection in Cryptographic APIs
Speaker: Marco Squarcina
Abstract:
Cryptographic APIs are often vulnerable to attacks that compromise
sensitive cryptographic keys. In the literature we find many proposals
for preventing or mitigating such attacks but they typically require to
modify the API or to configure it in a way that might break existing
applications. This makes it hard to adopt such proposals, especially
because security APIs are often used in highly sensitive settings, such
as financial and critical infrastructures, where systems are rarely
modified and legacy applications are very common. In this talk we
propose a different approach. We introduce an effective method to
monitor existing cryptographic systems in order to detect, and possibly
prevent, the leakage of sensitive cryptographic keys. The method
collects logs for various devices and cryptographic services and is able
to detect, offline, any leakage of sensitive keys, under the assumption
that a key fingerprint is provided for each sensitive key. We define key
security formally and we prove that the method is sound, complete and
efficient. We also show that without key fingerprinting completeness is
lost, i.e., some attacks cannot be detected. We discuss possible
practical implementations and we develop a proof-of-concept log analysis
tool for PKCS#11 that is able to detect, on a significant fragment of
the API, all key-management attacks from the literature.