Reversing the operating system of a Java based smart card

  • Guillaume Bouffard
  • Jean-Louis Lanet
Original Paper


Attacks on smart cards can only be based on a black box approach where the code of cryptographic primitives and operating system are not accessible. To perform hardware or software attacks, a white box approach providing access to the binary code is more efficient. In this paper, we propose a methodology to discover the romized code whose access is protected by the virtual machine. It uses a hooked code in an indirection table. We gained access to the real processor, thus allowing us to run a shell code written in 8051 assembly language. As a result, this code has been able to dump completely the ROM of a Java Card operating system. One of the issues is the possibility to reverse the cryptographic algorithm and all the embedded countermeasures. Finally, our attack is evaluated on different cards from distinct manufacturers.


Smart Card Card Memory Native Code Side Channel Analysis Memory Dump 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The authors would thank to Julien Boutet for his contribution during this work.

Supplementary material


  1. 1.
    Agoyan, M., Dutertre, J.M., Naccache, D., Robisson, B., Tria, A.: When clocks fail: on critical paths and clock faults. In: Gollmann, D., Lanet, J.L., Iguchi-Cartigny, J. (eds.) Smart Card Research and Advanced Application, Lecture Notes in Computer Science, vol. 6035, pp. 182–193. Springer, Berlin Heidelberg (2010). doi: 10.1007/978-3-642-12510_213
  2. 2.
    Aranda, F.X., Lanet, J.L.: Smart card reverse-engineering binary code execution using side-channel analysis. Thorie des Nombres, Codes, Cryptographie et Systmes de Communication (NTCCCS) (2012)Google Scholar
  3. 3.
    Aumller, C., Bier, P., Fischer, W., Hofreiter, P., Seifert, J.P.: Fault attacks on RSA with CRT: concrete results and practical countermeasures. In: Kaliski, B., Ko, E., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2002, Lecture Notes in Computer Science, vol. 2523, pp. 81–95. Springer, Berlin Heidelberg (2003). doi: 10.1007/3-540-36400-5_20
  4. 4.
    Barbu, G.: On the security of Java Card™ platforms against hardware attacks. Ph.D. thesis, Grant-funded with Oberthur Technologies and Télécom ParisTech (2012)Google Scholar
  5. 5.
    Barbu, G., Duc, G.: Java Card operand stack: fault attacks, combined attacks and countermeasures. In: Prouff, E. (ed.) Smart Card Research and Advanced Applications, Lecture Notes in Computer Science, pp. 297–313. Springer, Berlin Heidelberg (2011). doi: 10.1007/978-3-642-27257-8_19
  6. 6.
    Barbu, G., Giraud, C., Guerin, V.: Embedded eavesdropping on Java Card. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) Information Security and Privacy Research, IFIP Advances in Information and Communication Technology, vol. 376. Springer, Berlin Heidelberg (2012). doi: 10.1007/978-3-642-30436-1_4
  7. 7.
    Barbu, G., Hoogvorst, P., Duc, G.: Application-replay attack on Java Cards: when the garbage collector gets confused. In: Barthe, G., Livshits, B., Scandariato, R. (eds.) Engineering Secure Software and Systems, Lecture Notes in Computer Science, vol. 7159, pp. 1–13. Springer, Berlin Heidelberg (2012). doi: 10.1007/978-3-642-28166-2_1
  8. 8.
    Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on Java Card 3.0 combining fault and logical attacks. In: Gollmann, D., Lanet, J.L., Iguchi-Cartigny, J. (eds.) Smart Card Research and Advanced Application, Lecture Notes in Computer Science, vol. 6035, pp. 148–163. Springer, Berlin Heidelberg (2010). doi: 10.1007/978-3-642-12510-2_11
  9. 9.
    Bouffard, G., Iguchi-Cartigny, J., Lanet, J.L.: Combined software and hardware attacks on the Java Card control flow. In: Prouff, E. (ed.) Smart Card Research and Advanced Applications, Lecture Notes in Computer Science, vol. 7079, pp. 283–296. Springer, Berlin Heidelberg (2011). doi: 10.1007/978-3-642-27257-8_18
  10. 10.
    Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.J. (eds.) CHES, Lecture Notes in Computer Science, vol. 3156, pp. 16–29. Springer, Berlin Hidelberg (2004). doi: 10.1007/978-3-540-28632-5_2
  11. 11.
    Clavier, C., Isorez, Q., Wurcker, A.: Complete SCARE of AES-like block ciphers by chosen plaintext collision power analysis. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT, Lecture Notes in Computer Science, vol. 8250, pp. 116–135. Springer, berlin Hidelberg (2013). doi: 10.1007/978-3-319-03515-4_8
  12. 12.
    Clavier, C., Wurcker, A.: Reverse engineering of a secret AES-like cipher by ineffective fault analysis. In: Fischer and Schmidt [15], pp. 119–128. doi: 10.1109/FDTC.2013.16
  13. 13.
    Daudigny, R., Ledig, H., Muller, F., Valette, F.: SCARE of the DES. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, Lecture Notes in Computer Science, vol. 3531, pp. 19–33. Springer, Berlin Heidelberg (2005). doi: 10.1007/11496137_27
  14. 14.
    Faugeron, E.: Manipulating the frame information with an underflow attack. In: CARDIS 2013 (2013)Google Scholar
  15. 15.
    Fischer, W., Schmidt, J.M. (eds.): 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, Los Alamitos, CA, USA, August 20, 2013. IEEE (2013)Google Scholar
  16. 16.
    Friedman, W.F.: The index of coincidence and its applications in cryptography. Cryptographic Series. Aegean Park Press (1996)Google Scholar
  17. 17.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Ko, C.C., Naccache, D., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems ” CHES 2001, Lecture Notes in Computer Science, vol. 2162, pp. 251–261. Springer, Berlin Heidelberg (2001). doi: 10.1007/3-540-44709-1_21
  18. 18.
    GlobalPlatform: Card Specification. In: GlobalPlatform, 2.2.1 edn. GlobalPlatform Inc. (2011)Google Scholar
  19. 19.
    Hamadouche, S., Bouffard, G., Lanet, J.L., Dorsemaine, B., Nouhant, B., Magloire, A., Reygnaud, A.: Subverting Byte Code Linker service to characterize Java Card API. In: Seventh Conference on Network and Information Systems Security (SAR-SSI), pp. 75–81 (2012)Google Scholar
  20. 20.
    Hex Rays, S.: IDA Pro Disassembler and DebuggerGoogle Scholar
  21. 21.
    Huang, H., Quan, G., Fan, J.: Leakage temperature dependency modeling in system level analysis. In: ISQED, pp. 447–452. IEEE (2010). doi: 10.1109/ISQED.2010.5450539
  22. 22.
    Hubbers, E., Poll, E.: Transactions and non-atomic API calls in Java Card: specification ambiguity and strange implementation behaviours. University of Nijmegen (2004)Google Scholar
  23. 23.
    Iguchi-Cartigny, J., Lanet, J.L.: Developing a trojan applets in a Smart Card. J. Comput. Virol. 6, 343–351 (2010). doi: 10.1007/s11416-009-0135-3 CrossRefGoogle Scholar
  24. 24.
    Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) Advances in Cryptology - CRYPTO’96, Lecture Notes in Computer Science, vol. 1109, pp. 104–113. Springer, Berlin Heidelberg (1996). doi: 10.1007/3-540-68697-5_9
  25. 25.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) Advances in Cryptology - CRYPTO’99, Lecture Notes in Computer Science, vol. 1666, pp. 789–789. Springer, Berlin Heidelberg (1999). doi: 10.1007/3-540-48405-1_25
  26. 26.
    Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology. WOST’99, pp. 2–2. USENIX Association, Berkeley, CA, USA (1999)Google Scholar
  27. 27.
    Meterelliyoz, M., Kulkarni, J.P., Roy, K.: Analysis of SRAM and eDRAM cache memories under spatial temperature variations. Comput. Aided Design Integrated Circuits Syst., IEEE Trans. On 29(1), 2–13 (2009). doi: 10.1109/TCAD.2009.2035535 CrossRefGoogle Scholar
  28. 28.
    Circuits, O., Ral, D., Guilley, S., Flament, F., Danger, J.L., Valette, F.: Characterization of the Electromagnetic Side Channel in Frequency Domain. In: Lai, X., Yung, M., D, D. (eds.) Information Security and Cryptology, Lecture Notes in Computer Science, vol. 6584, pp. 471–486. Springer, Berlin Heidelberg (2011). doi: 10.1007/978-3-642-21518-6_33
  29. 29.
    Moro, N., Dehbaoui, A., Heydemann, K., Robisson, B., Encrenaz, E.: Electromagnetic fault injection: towards a fault model on a 32-bit Microcontroller. In: Fischer, W., Schmidt, J.M. (eds.) FDTC. Workshop on Fault Diagnosis and Tolerance in Cryptography, Los Alamitos, CA, USA, August 20, 2013, pp. 77–88. IEEE (2013). doi: 10.1109/FDTC.2013.9
  30. 30.
    Oracle: Java Card 3 Platform, Virtual Machine Specification, Classic Edition. Version 3.0.4. Oracle, Oracle America Inc, 500 Oracle Parkway, Redwood City, CA 94065 (2011)Google Scholar
  31. 31.
    Quisquater, J., Samyde, D.: Eddy current for magnetic analysis with active sensor. In: Proceedings of E-Smart (2002)Google Scholar
  32. 32.
    Quisquater, J.J., Samyde, D.: Electromagnetic analysis (EMA): measures and counter-measures for Smart Cards. In: Attali, I., Jensen, T. (eds.) Smart Card Programming and Security, Lecture Notes in Computer Science, vol. 2140, pp. 200–210. Springer, Berlin Heidelberg (2001). doi: 10.1007/3-540-45418-7_17
  33. 33.
    Razafindralambo, T., Bouffard, G., Lanet, J.: A friendly framework for hidding fault enabled virus for Java based smartcard. In: Nora Cuppens-Boulahia Frédéic Cuppens, J.G.A. (ed.) Data and Applications Security and Privacy XXVI, Lecture Notes in Computer Science, vol. 7371, pp. 122–128. Springer, Berlin Heidelberg (2012). doi: 10.1007/978-3-642-31540-4 CrossRefGoogle Scholar
  34. 34.
    Razafindralambo, T., Bouffard, G., Thampi, B.N., Lanet, J.L.: A Dynamic Syntax Interpretation for Java Based Smart Card to Mitigate Logical Attacks. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Calero, J.M.A., Thomas, T. (eds.) SNDS, Communications in Computer and Information Science, vol. 335, pp. 185–194. Springer, Trivandrum (2012). doi: 10.1007/978-3-642-34135-9_19
  35. 35.
    Savary, A., Frappier, M., Lanet, J.: Automatic Generation of Vulnerability Tests for the Java Card Byte Code Verifier. In: Network and Information Systems Security (SAR-SSI), 2011 Conference on, pp. 1–7 (2011). doi: 10.1109/SAR-SSI.2011.5931379
  36. 36.
    Savary, A., Frappier, M., Lanet, J.L.: Detecting Vulnerabilities in Java-Card Bytecode Verifiers Using Model-Based Testing. In: Johnsen, E., Petre, L. (eds.) Integrated Formal Methods, Lecture Notes in Computer Science, vol. 7940, pp. 223–237. Springer, Berlin Heidelberg (2013). doi: 10.1007/978-3-642-38613-8_16
  37. 37.
    Schmidt, J., Hutter, M.: Optical and EM fault-attacks on crt-based RSA: Concrete results. In: Proceedings of the Austrochip, pp. 61–67. Citeseer (2007). Google Scholar
  38. 38.
    Skorobogatov, S.P., Anderson, R.: Optical Fault Induction Attacks. In: Kaliski, B., Ko, E., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2002, vol. 2523, pp. 31–48. Springer, Berlin Heidelberg (2003). doi: 10.1007/3-540-36400-5_2
  39. 39.
    Standard, S.H.: Federal information processing standard publication# 180. US Department of Commerce, National Institute of Standards and Technology 56, 57–71 (1993)Google Scholar
  40. 40.
    Vermoen, D.: Reverse engineering of Java Card applets using power analysis. Master’s thesis, Faculty of Electrical Engineering, Mathematics and Computer Science, Delft University of Technology, Computer Engineering, Mekelweg 4, 2628 CD Delft, The Netherlands (2006).Google Scholar
  41. 41.
    Viraraghavan, J., Amrutur, B., Visvanathan, V.: Voltage and Temperature Aware Statistical Leakage Analysis Framework Using Artificial Neural Networks. IEEE Trans. on CAD of Integrated Circuits and Systems 29(7), 1056–1069 (2010). doi: 10.1109/TCAD.2010.2049059

Copyright information

© Springer-Verlag France 2014

Authors and Affiliations

  1. 1.University of LimogesLimogesFrance

Personalised recommendations