Revoke and Let Live: A Secure Key Revocation API for Cryptographic Devices. Véronique Cortier, Graham Steel and Cyrille Wiedling. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS'12), pp. 918 - 928, Raleigh NC, USA, October 2012.
While extensive research addresses the problem of establishing session keys through cryptographic protocols, relatively little work has appeared addressing the problem of revocation and update of long term keys. We present an API for symmetric key management on embedded devices that supports key establishment and revocation, and prove security properties of our design in the symbolic model of cryptography. Our API supports two modes of revocation: a passive mode where keys have an expiration time, and an active mode where revocation messages are sent to devices. For the first we show that once enough time has elapsed after the compromise of a key, the system returns to a secure state, i.e. the API is robust against attempts by the attacker to use a compromised key to compromise other keys or to keep the compromised key alive past its validity time. For the second we show that once revocation messages have been received the system immediately returns to a secure state. Notable features of our designs are that all secret values on the device are revocable, and the device returns to a functionally equivalent state after revocation is complete.
@inproceedings{Cortier:2012:RLL:2382196.2382293,
author = {Cortier, V{\'e}ronique and Steel, Graham and Wiedling, Cyrille},
title = {Revoke and let live: a secure key revocation api for cryptographic devices},
booktitle = {Proceedings of the 2012 ACM conference on Computer and communications security},
series = {CCS '12},
year = {2012},
isbn = {978-1-4503-1651-4},
location = {Raleigh, North Carolina, USA},
pages = {918--928},
numpages = {11},
url = {http://doi.acm.org/10.1145/2382196.2382293},
doi = {10.1145/2382196.2382293},
acmid = {2382293},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {api, formal methods, revocation},
abstract = {While extensive research addresses the problem of establishing session keys through cryptographic protocols, relatively little work has appeared addressing the problem of revocation and update of long term keys. We present an API for symmetric key management on embedded devices that supports key establishment and revocation, and prove security properties of our design in the symbolic model of cryptography. Our API supports two modes of revocation: a passive mode where keys have an expiration time, and an active mode where revocation messages are sent to devices. For the first we show that once enough time has elapsed after the compromise of a key, the system returns to a secure state, i.e. the API is robust against attempts by the attacker to use a compromised key to compromise other keys or to keep the compromised key alive past its validity time. For the second we show that once revocation messages have been received the system immediately returns to a secure state. Notable features of our designs are that all secret values on the device are revocable, and the device returns to a functionally equivalent state after revocation is complete. },
}