@COMMENT This file was generated by bib2html.pl <https://sourceforge.net/projects/bib2html/> version 0.94
@COMMENT written by Patrick Riley <http://sourceforge.net/users/patstg/>
@inproceedings{CDS-csf07,
  address =       {Venice, Italy},
  author =        {Cortier, V{\'e}ronique and Delaune, St{\'e}phanie and
                   Steel, Graham},
  booktitle =     {{P}roceedings of the 20th {IEEE} {C}omputer
                   {S}ecurity {F}oundations {S}ymposium ({CSF}'07)},
  month =         jul,
  pages =         {79-93},
  publisher =     {{IEEE} Computer Society Press},
  title =         {A Formal Theory of Key Conjuring},
  year =          {2007},
  abstract =      {We describe a formalism for \emph{key conjuring}, the
                   process by which an attacker obtains an unknown,
                   encrypted key by repeatedly calling a cryptographic
                   API function with random values in place of keys.
                   This technique has been used to attack the security
                   APIs of several Hardware Security Modules~(HSMs),
                   which are widely deployed in the ATM (cash machine)
                   network. We~propose a formalism for detecting
                   computationally feasible key conjuring operations,
                   incorporated into a Dolev-Yao style model of the
                   security~API. We~show that security in the presence
                   of key conjuring operations is decidable for a
                   particular class of~APIs, which includes the key
                   management~API of IBM's Common Cryptographic
                   Architecture~(CCA).},
  doi =           {10.1109/CSF.2007.5},
}