Abstract
Nowadays several papers have shown the ability to dump the EEPROM area of several Java Cards leading to the disclosure of already loaded applet and data structure of the card. Such a reverse engineering process is costly and prone to errors. Currently there are no tools available to help the process. We propose here an approach to find in the raw data obtained after a dump, the area containing the code and the data. Then, once the code area has been identified, we propose to rebuilt the original binary Cap file in order to be able to obtain the source code of the applet stored in the card.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Due to security reasons, the ability to download code into the card is controlled by a protocol defined by Global Platform [15]. This protocol ensures that the owner of the code has the necessary authorization to perform the action.
- 2.
The Java Card specification [12] provides some functions to create transient objects. The data of the transient object stored in the RAM memory, but the header of this object is always stored in the persistent memory.
References
Aumüller, C., Bier, P., Hofreiter, P., Fischer, W., Seifert, J.P.: Fault attacks on RSA with CRT: concrete results and practical countermeasures. IACR Cryptol. ePrint Arch. 2002, 73 (2002)
Barbu, G.: On the security of Java Card platforms against hardware attacks. Ph.D. thesis, TÉLÉCOM ParisTech (2012)
Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on java card 3.0 combining fault and logical attacks. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 148–163. Springer, Heidelberg (2010)
Bouffard, G., Iguchi-Cartigny, J., Lanet, J.-L.: Combined software and hardware attacks on the java card control flow. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 283–296. Springer, Heidelberg (2011)
Dolan-Gavitt, B.: Forensic analysis of the windows registry in memory. Digit. Invest. 5, 26–32 (2008)
Friedman, W.F.: The Index of Coincidence and Its Applications in Cryptography. Aegean Park Press, Laguna Hills (1922)
Hamadouche, S., Bouffard, G., Lanet, J.L., Dorsemaine, B., Nouhant, B., Magloire, A., Reygnaud, A.: Subverting byte code linker service to characterize java card API. In: Seventh Conference on Network and Information Systems Security (SAR-SSI), pp. 75–81, 22–25 May 2012. https://sarssi2012.greyc.fr/
Hemme, L.: A differential fault attack against early rounds of (Triple-)DES. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 254–267. Springer, Heidelberg (2004)
Hex Rays: IDA Pro Disassembler and Debugger
Klein, T.: All your private keys are belong to us. Technical report, trapkit (Feb 2006)
Lancia, J.: Java card combined attacks with localization-agnostic fault injection. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 31–45. Springer, Heidelberg (2013)
Oracle: Java Card 3 Platform, Virtual Machine Specification, Classic Edition 3.0.0. Oracle (September 2011)
Peikari, C., Chuvakin, A.: Security Warrior - Know Your Enemy. O’Reilly, Sebastopol (2004)
Piret, G., Quisquater, J.-J.: A differential fault attack technique against spn structures, with application to the AES and KHAZAD. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)
Platform: Card Specification v2.2. (March 2006)
Razafindralambo, T., Bouffard, G., Thampi, B.N., Lanet, J.-L.: A dynamic syntax interpretation for java based smart card to mitigate logical attacks. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Alcaraz Calero, J.M., Thomas, T. (eds.) SNDS 2012. CCIS, vol. 335, pp. 185–194. Springer, Heidelberg (2012)
Schuster, A.: Searching for processes and threads in microsoft windows memory dumps. Digit. Invest. 3(Supplement–1), 10–16 (2006)
Walters, A., Petroni, N.: Integrating volatile memory forensics into the digital investigation process. In: Blackhat Hat DC (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Content of a Dumped Area
A Content of a Dumped Area
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Lanet, JL. et al. (2015). Memory Forensics of a Java Card Dump. In: Joye, M., Moradi, A. (eds) Smart Card Research and Advanced Applications. CARDIS 2014. Lecture Notes in Computer Science(), vol 8968. Springer, Cham. https://doi.org/10.1007/978-3-319-16763-3_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-16763-3_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-16762-6
Online ISBN: 978-3-319-16763-3
eBook Packages: Computer ScienceComputer Science (R0)