Software Countermeasures for Control Flow Integrity of Smart Card C Codes
- Cite this paper as:
- Lalande JF., Heydemann K., Berthomé P. (2014) Software Countermeasures for Control Flow Integrity of Smart Card C Codes. In: Kutyłowski M., Vaidya J. (eds) Computer Security - ESORICS 2014. ESORICS 2014. Lecture Notes in Computer Science, vol 8713. Springer, Cham
Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. Among all possible attacks, control flow attacks aim at disrupting the normal execution flow. Identifying harmful control flow attacks as well as designing countermeasures at software level are tedious and tricky for developers. In this paper, we propose a methodology to detect harmful intra-procedural jump attacks at source code level and to automatically inject formally-proven countermeasures. The proposed software countermeasures defeat 100% of attacks that jump over at least two C source code statements or beyond. Experiments show that the resulting code is also hardened against unexpected function calls and jump attacks at assembly level.
Keywordscontrol flow integrity fault attacks smart card source level
Unable to display preview. Download preview PDF.