Skip to main content
Conference ProceedingsOPEN ACCESS

Type-based analysis of PIN processing APIs

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2009) 5789 LNCS 53-68
DOI: 10.1007/978-3-642-04444-1_4
21Citations
Citations of this article
30Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We examine some known attacks on the PIN verification framework, based on weaknesses of the security API for the tamper-resistant Hardware Security Modules used in the network. We specify this API in an imperative language with cryptographic primitives, and show how its flaws are captured by a notion of robustness that extends the one of Myers, Sabelfeld and Zdancewic to our cryptographic setting. We propose an improved API, give an extended type system for assuring integrity and for preserving confidentiality via randomized and non-randomized encryptions, and show our new API to be type-checkable. © 2009 Springer Berlin Heidelberg.

Cite

CITATION STYLE

APA

Centenaro, M., Focardi, R., Luccio, F. L., & Steel, G. (2009). Type-based analysis of PIN processing APIs. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5789 LNCS, pp. 53–68). https://doi.org/10.1007/978-3-642-04444-1_4

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free