PKCS#11 Security Solution

Secure your PKCS#11 HSM Deployment

Companies are turning more and more to hardware-based security for deployments in potentially hostile environments such as cloud, mobile and IoT. The PKCS#11 API is the ubiquitous open standard for the interface between cryptographic hardware and applications, with great benefits for interoperability and avoidance of vendor lock-in. However, being a complex, general-purpose interface, implementations can be vulnerable at all levels of the stack.

See the Cryptosense PKCS#11 Suite in Action

Vulnerabilities in HSM Firmware

Despite their FIPS and Common Criteria certifications, HSMs contain programming errors just like any other complex system. In 2015, two independent vulnerabilities were found in certified hardware that compromised private keys (CVE-2015-5464 and CVE-2015-6924). Cryptosense’s smart fuzzing tools detect instances of known vulnerabilities, including these and others from the academic literature, as well as performing a PKCS#11 compliance test that can indicate the presence of previously unknown weaknesses.

Vulnerabilities in PKCS#11 Configuration

If implemented “as is”, it is well-known that the PKCS#11 API does not adequately protect sensitive keys. Typically, real-world deployments involve restricting the operations available in the API to mitigate key-extraction attacks. Cryptosense Analyzer can test a given configuration and determine whether any combination of commands may leak a key, making secure configuration straightforward.

Deployment Errors

Good preparatory work can be undone if in practice HSMs are incorrectly configured after maintenance or key-management operations leave keys incorrectly set up. Cryptosense Monitor provides ongoing visibility on HSM security and alerts in the case of out of standard configuration.

Find out more

Download our PKCS#11 Security Whitepaper or get in touch for a quote or a trial.

Java crypto security whitepaper

Covers JCE and BouncyCastle, key-management vulnerabilities, flaws in encryption and signature modes, randomness problems, insecure interactions between crypto operations and more.