Abstract:

Design of security APIs is becoming as notoriously hard to get right as design of security protocols. This talk describes the first steps towards developing a formal tool to assist experts in the analysis of security APIs.

The speaker first describes the roots of this work in crypto protocol analysis, and explains the new challenges presented by API analysis. He describes basic approach to formalising APIs, and presents a new tool which can check a formal model of an API against specific properties, for instance: checking a financial API to see if any combination of up to 5 commands can reveal a customer's PIN.

The tool uses birthday attacks and a large helping of brute force to analyse a large subset of an APIs state space. Though the tool can never hope to explore more than a large subset of the API, the speaker believes that interesting attacks do lie within state spaces between 2⁴⁰ and 2⁸⁰ – an area as yet unexplored by existing tools.