Storyboard – Cryptosense PKCS#11 Compliance Tester

If your corporate firewall won’t allow you to view embedded videos, you can read the video storyboard below.

 
 
Hi and welcome to Cryptosense.

Our vulnerability management software helps you protect your most valuable assets by searching for flaws in the cryptography that secures them.

Title

 
 
This is a demo of our PKCS#11 Compliance Tester tool, we use this tool to check whether cryptographic hardware has been implemented securely, for example, in Public Key Infrastructure and electronic commerce applications.

2

 
 
PKCS#11 is the ubiquitous interface for these devices, but it’s defined in a large, complex standard with over 400 pages and more than a hundred footnotes.

4

 
 
Even with expert knowledge of the standard, it is difficult to be sure that a PKCS#11 implementation is correct.

5

 
Our compliance tester tool is designed to test the robustness of a PKCS#11 device against attack. It calls commands from the interface with thousands of different parameters in order to explore all the corner cases.

Here we’re running the compliance tester on a device. We’ve set a 30 second time limit for this demo.

6

 
 
In order to check the compliance of an implementation we have extracted more than 100 compliance criteria from the 400 page standard.

7

 
 
After the test is finished, we run the results past the Cryptosense criteria. These results are then presented in an HTML report where you can click on each criterion to get more detail.

8

 
 
Our tool runs on Linux and Windows. To find out if your device is compliant, request a free demo version of the software by sending an email to pkcs11@cryptosense.com

We look forward to hearing from you.

end

Java crypto security whitepaper

Covers JCE and BouncyCastle, key-management vulnerabilities, flaws in encryption and signature modes, randomness problems, insecure interactions between crypto operations and more.