Secure your PKCS#11 Deployments
Cryptosense Analyzer software ensures the ongoing security of your PKCS#11 deployments with comprehensive testing and monitoring tools.
Hardware-based cryptography is a core technology for controlling risk in potentially hostile environments such as mobile, cloud and Internet of things. However, choosing, configuring, deploying and securely using a cryptographic device like a Hardware Security Module (HSM) is far from simple. A small mistake in the details can lead to a complete loss of security.
Our adaptative mutation-based fuzzing engine explores the corner-cases of the PKCS#11 standard as implemented in the device under test. The results are passed through more than 140 compliance and vulnerability filters to detect anomalies and weaknesses, including a number of issues that can compromise private keys like CVE-2015-5464 and CVE-2015-6924. This facilitates security testing of vendor equipment before procurement, automated audits, and evaluation of firmware updates and configuration changes.
Our PKCs#11 fuzzer can either be run in full auto mode, or configured at the command-line to go deeper on certain configurations of commands. If a crash in the HSM driver is discovered, the fuzzer returns the call required to reproduce the issue. Fuzzing can also be resumed from existing traces to save analysis time.
Vulnerability Types found by Cryptosense Analyzer in PKCS#11 deployments
In HSM Firmware
Despite their FIPS and CC certifications, HSMs contain programming errors just like any other complex system. In 2015, two independent vulnerabilities were found that compromised private keys of certified HSMs (CVE-2015-5464 and CVE-2015-6924). Cryptosense’s smart fuzzing tools detect instances of known vulnerabilities including these and others from the academic literature, as well as performing a PKCS#11 compliance test that can indicate the presence of previously unknown weaknesses.
In PKCS#11 Configuration
If implemented “as is”, it is well-known that the PKCS#11 API does not adequately protect sensitive keys. Typically, real-world deployments involve restricting the operations available in the API to mitigate key-extraction attacks. Cryptosense Analyzer can test a given configuration and determine whether any combination of commands may leak a key, making secure configuration straightforward.
In PKCS#11 Applications
Even if the HSM is bug-free and correctly set up, applications that use the device still have to use cryptography securely. Mistakes like poor algorithm choice, IV mismanagement, absence of key role separation etc. can create vulnerabilities. Cryptosense App Tracer detects these flaws.
Good preparatory work can be undone if in practice HSMs are incorrectly configured after firmware updates, or if key-management operations leave keys incorrectly set up. Cryptosense Analyzer provides ongoing visibility on HSM security and alerts in the case of out-of-standard configuration. Fuzzing and analysis can be automatically scheduled to give alerts in case of out of standard results.