Towards the Hardware Accelerated Defensive Virtual Machine – Type and Bound Protection
Currently, security checks on Java Card applets are performed by a static verification process before executing an applet. A verified and later unmodified applet is not able to break the Java Card sand-box model. Unfortunately, this static verification process is not a countermeasure against physical run-time attacks corrupting the control or data flow of an applet. In this piece of work, designs for Java Card Virtual Machines are investigated in relation to their ability to perform run-time security checks. These security checks are accelerated by hardware units and performed in parallel to CPU instructions that are executing concurrently. Attacks on the Java operand stack and local variables, which are elementary components for the Virtual Machine, are thwarted by type and bound protection. To enable these hardware checks, different designs of a defensive Java Card Virtual Machine are compared to their overheads on a prototype platform.
KeywordsJava Card Defensive Virtual Machine Hardware Countermeasure Fault Attack Logical Attack
Unable to display preview. Download preview PDF.
- 6.IEEE: Open SystemC Language Reference Manual IEEE Std 1666-2005, IEEEGoogle Scholar
- 8.Krieg, A., Grinschgl, J., Steger, C., Weiss, R., Haid, J.: A Side Channel Attack Countermeasure using System-On-Chip Power Profile Scrambling. In: 2011 IEEE 17th International On-Line Testing Symposium (IOLTS), pp. 222–227 (July 2011)Google Scholar
- 11.Oracle: Runtime Environment Specification. Java Card Platform, Version 3.0.4, Classic Edition (2011)Google Scholar
- 12.Oracle: Virtual Machine Specification. Java Card Platform, Version 3.0.4, Classic Edition (2011)Google Scholar
- 14.Sere, A., Iguchi-Cartigny, J., Lanet, J.L.: Evaluation of Countermeasures Against Fault Attacks on Smart Cards. International Journal of Security and Its Applications 5(2), 49–61 (2011)Google Scholar
- 15.Sun Microsystems Inc.: Java Card 2.2 Off-card Verifier. White Paper (June 2002)Google Scholar
- 18.Witteman, M.: Advances in Smartcard Security. Information Security Bulletin, 11–22 (July 2002)Google Scholar
- 19.Witteman, M.: Java Card Security. Information Security Bulletin, 291–298 (July 2003)Google Scholar