Technical reports
Unwrapping the Chrysalis
Mike Bond, Daniel Cvrček, Steven J. Murdoch
June 2004, 15 pages
| DOI | https://doi.org/10.48456/tr-592 |
Abstract
We describe our experiences reverse engineering the Chrysalis-ITS Luna CA³ – a PKCS#11 compliant cryptographic token. Emissions analysis and security API attacks are viewed by many to be simpler and more efficient than a direct attack on an HSM. But how difficult is it to actually “go in the front door”? We describe how we unpicked the CA³ internal architecture and abused its low-level API to impersonate a CA³ token in its cloning protocol – and extract PKCS#11 private keys in the clear. We quantify the effort involved in developing and applying the skills necessary for such a reverse-engineering attack. In the process, we discover that the Luna CA³ has far more undocumented code and functionality than is revealed to the end-user.
Full text
PDF (0.4 MB)
BibTeX record
@TechReport{UCAM-CL-TR-592,
author = {Bond, Mike and Cvr{\v c}ek, Daniel and Murdoch, Steven J.},
title = {{Unwrapping the Chrysalis}},
year = 2004,
month = jun,
url = {https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-592.pdf},
institution = {University of Cambridge, Computer Laboratory},
doi = {10.48456/tr-592},
number = {UCAM-CL-TR-592}
}