The Next Smart Card Nightmare

Logical Attacks, Combined Attacks, Mutant Applications and Other Funny Things
  • Guillaume Bouffard
  • Jean-Louis Lanet
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6805)


Java Card is a kind of smart card that implements one of the two editions, “Classic Edition” or “Connected Edition”, of the standard Java Card 3.0 [7]. Such a smart card embeds a virtual machine which interprets codes already romized with the operating system or downloaded after issuance. Due to security reasons, the ability to download code into the card is controlled by a protocol defined by Global Platform [3]. This protocol ensures that the owner of the code has the necessary authorization to perform the action. Java Card is an open platform for smart cards, i.e. able of loading and executing new applications after issuance. Thus, different applications from different providers run in the same smart card. Thanks to type verification, byte codes delivered by the Java compiler and the converter (in charge of giving a compact representation of class files) are safe, i.e. the loaded application is not hostile to other applications in the Java Card. Furthermore, the Java Card firewall checks permissions between applications in the card, enforcing isolation between them.


Virtual Machine Smart Card Fault Injection Physical Attack Fault Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aumüller, C., Bier, P., Fischer, W., Hofreiter, P., Seifert, J.: Fault attacks on RSA with CRT: Concrete results and practical countermeasures. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 81–95. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on java card 3.0 combining fault and logical attacks. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 148–163. Springer, Heidelberg (2010), CrossRefGoogle Scholar
  3. 3.
    Global Platform: Card Specification v2.2 (2006)Google Scholar
  4. 4.
    Hemme, L.: A differential fault attack against early rounds of (Triple-)DES. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 170–217. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Hubbers, E., Poll, E.: Transactions and non-atomic API calls in Java Card: specification ambiguity and strange implementation behaviours. Dept. of Computer Science NIII-R0438, Radboud University Nijmegen (2004)Google Scholar
  6. 6.
    Iguchi-Cartigny, J., Lanet, J.: Developing a Trojan applet in a Smart Card. Journal in Computer Virology (2010)Google Scholar
  7. 7.
    Oracle: Java Card Platform Specification,
  8. 8.
    Piret, G., Quisquater, J.: A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Sere, A., Iguchi-Cartigny, J., Lanet, J.: Automatic detection of fault attack and countermeasures. In: Proceedings of the 4th Workshop on Embedded Systems Security, p. 7. ACM, New York (2009)Google Scholar
  10. 10.
    Smart Secure Devices (SSD) Team – XLIM/University of Limoges: OPAL: An Open Platform Access Library,
  11. 11.
    Smart Secure Devices (SSD) Team – XLIM/University of Limoges: The CAP file manipulator,

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Guillaume Bouffard
    • 1
  • Jean-Louis Lanet
    • 1
  1. 1.Smart Secure Devices (SSD) Team XLIMUniversity of LimogesFrance

Personalised recommendations