Name: Coupling Key-Ring and Linux Crypto-API Framework(LCF) via Crypto-Transformation(tfm) - Pankaj Gupta & Varun Sethi, NXP Semiconductor
Start: 2023-05-12T12:00:00-0700
End: 2023-05-12T12:45:00-0700

May 10-12 | Vancouver, British Columbia + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Linux Security Summit North America 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC-7. To see the schedule in your preferred timezone, select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.

Back To Schedule

Coupling Key-Ring and Linux Crypto-API Framework(LCF) via Crypto-Transformation(tfm) - Pankaj Gupta & Varun Sethi, NXP Semiconductor

Feedback form is now closed.

Apart from the traditional cryptographic key attributes i.e. key length & key buffer, there are additional key attributes that can be provided by the user, for dictating the proper usage of the keys. The cryptographic keys must not be used if the associated conditions are not met. In the case of Linux, the “keyctl” command provides an interface to supply these attributes. . Since currently there is no connection between Kernel’s Crypto-API and keyring, the information regarding the proper key usage is unavailable to the crypto API. As a result, the proper usage of the key can't be enforced, thus potentially compromising the system state. After coupling the Crypto-API with keyring, the driver will get the additional key attributes, which can be validated by the Crypto-API driver. Once validated, only the permitted crypto operation will be performed. In this presentation we present a mechanism for linking crypto api with the keyring, such that the additional key attributes can be made available to the api. We will be covering this method in great detail during the presentation.

Speakers

Pankaj Gupta

Software architect, NXP Semiconductor

Pankaj Gupta is a software security architect in the NXP security technology center (STEC), part of the Secure Connected Edge(SCE) business group. He has over 19 years of experience in the IT industry He is actively contributing to the Linux kernel crypto subsystem. He is also the... Read More →

Varun Sethi

Senior engineering manager for the MPU Linux infrastructure security team, NXP Semiconductor

Varun Sethi is a senior engineering manager, leading the MPU Linux security infrastructure team in the security technology center at NXP's secure connected edge business group. He has more than 21 years of experience in the IT industry. Currently, he's focusing on security enablement... Read More →

LF PPT on coupling KRing and LCF pdf

Friday May 12, 2023 12:00pm - 12:45pm PDT
Room 212-214

Refereed Presentations, Intermediate

Linux Security Summit North America 2023

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Pankaj Gupta

Varun Sethi