Participants : Graham Steel [correspondant] , Romain Bardou.
See also the web page http://secgroup.ext.dsi.unive.it/projects/security-apis/pkcs11-security/tookan/ .
Tookan is a security analysis tool for cryptographic devices such as smartcards, security tokens and Hardware Security Modules that support the most widely-used industry standard interface, RSA PKCS#11. Each device implements PKCS#11 in a slightly different way since the standard is quite open, but finding a subset of the standard that results in a secure device, i.e. one where cryptographic keys cannot be revealed in clear, is actually rather tricky. Tookan analyses a device by first reverse engineering the exact implementation of PKCS#11 in use, then building a logical model of this implementation for a model checker, calling a model checker to search for attacks, and in the case where an attack is found, executing it directly on the device. Tookan has been used to find at least a dozen previously unknown flaws in commercially available devices.
The first results using Tookan were published in 2010  and a six-month licence was granted to Boeing to use the tool. In 2011, this transfer activity has continued, principally in combination with a major UK bank. In June, Tookan was used by Steel and Focardi two days of testing on devices belonging to the bank. Following these results, in September, a more significant contract was signed granting the bank 18 months of use of Tookan to test all their in-house equipment. Initial feedback has been very positive.
Tookan is the subject of a CSATT transfer action resulting in the hiring of an engineer, Romain Bardou, who started on September 1st. Early progress in re-implementing key parts of Tookan to improve modularity and overall code quality has been excellent. The next steps for Tookan are still being investigated: the Tookan project is the subject of a `qualification' procedure by IT2 who will evaluate its suitability as the basis for a start-up company. At the same time other options are being considered, such as partnership with an existing SME. A decision is expected in mid-2012.