Methods for increasing security in Tamper Resistant PKCS11 Tokens
Original Publication Date: 2000-Jun-01
Included in the Prior Art Database: 2003-Jun-19
There are many different type of objects that are defines as tokens by the PKCS #11 standard. These range from smart cards to cryptographic accelerators. However, not all tokens are chosen for performance gains. These tokens may operate even slower than the system CPU, but offer other advantages such as secure storage of cryptographic information. In the case where PKCS #11 has been implemented on a secure device which does not offer performance advantages, a denial of service attack has serious repercussions. Many PKCS #11 requests must be validated before they can be performed by the device. If this validation is performed on a device which is slower than the system’s CPU, it is clear to visualize how a denial of service attack can be rendered by flooding the device with invalid requests. This attack causes legitimate requests to remain unfulfilled. For these nonperformance devices, this validation should therefore be done by the CPU before a request is transferred. This ensures that only valid requests reach the device and thus not only defending against a security attack, but providing more of the devices time to be freed to perform the operations it was chosen for. The Figure below shows how a PKCS #11 application makes a request, then the CPU determines if it is valid before sending it to the device.