Practical session: Writing Exploits for PKCS#11 Key Management APIs
(Videos run from 01:23:00 to 02:14:58 and 00:19:20 to 00:22:17, respectively)
In this practical students will write exploits to extract keys from a number of HSM simulators. VirtualBox (which is free to download) will be required.
Graham Steel Graham Steel holds a masters in mathematics from the University of Cambridge and a Ph.D. in informatics from the University of Edinburgh. He is currently a researcher at INRIA, the French national agency for computer science research, where he is part of the Prosecco project team based in central Paris.
Steel's main research interests are in formal analysis of information security and applied cryptography. His current work on cryptographic API verification involves using formal techniques to construct and analyse abstract models of cryptographic device interfaces. In addition to international conference and journal publications, his recent results have featured in Wired magazine and the New York Times.