Technical reports
Unwrapping the Chrysalis
Mike Bond, Daniel Cvrček, Steven J. Murdoch
June 2004, 15 pages
DOI: 10.48456/tr-592
Abstract
We describe our experiences reverse engineering the Chrysalis-ITS Luna CA³ – a PKCS#11 compliant cryptographic token. Emissions analysis and security API attacks are viewed by many to be simpler and more efficient than a direct attack on an HSM. But how difficult is it to actually “go in the front door”? We describe how we unpicked the CA³ internal architecture and abused its low-level API to impersonate a CA³ token in its cloning protocol – and extract PKCS#11 private keys in the clear. We quantify the effort involved in developing and applying the skills necessary for such a reverse-engineering attack. In the process, we discover that the Luna CA³ has far more undocumented code and functionality than is revealed to the end-user.
Full text
PDF (0.4 MB)
BibTeX record
@TechReport{UCAM-CL-TR-592, author = {Bond, Mike and Cvr{\v c}ek, Daniel and Murdoch, Steven J.}, title = {{Unwrapping the Chrysalis}}, year = 2004, month = jun, url = {https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-592.pdf}, institution = {University of Cambridge, Computer Laboratory}, doi = {10.48456/tr-592}, number = {UCAM-CL-TR-592} }