Dynamic Fault Injection Countermeasure
Nowadays Fault Injection is the main threat for any sensitive applications being executed on embedded devices. Indeed, such an attack allows one to efficiently recover any secret or to gain unauthorized privileges if no appropriate countermeasure is implemented. In the context of Java Card applications, the main method to counteract Fault Injection consists in adding redundancy for sensitive operations and integrity verification for sensitive variables. While being efficient from a security point of view, such a method substantially impacts the performance of the application. In this article we introduce a new pragmatic approach to counteract Fault Injection by dynamically increasing the security level of the application. This methodology, based on upgrading the Java Card Virtual Machine, allows us to optimize the performance of sensitive applications in every day life while providing a strong security level as soon as an attacker tries to disturb their executions.
KeywordsJava Card Fault Injection Countermeasures
Unable to display preview. Download preview PDF.
- 1.Kocher, P.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
- 3.Quisquater, J.J., Samyde, D.: A New Tool for Non-intrusive Analysis of Smart Cards Based on Electro-magnetic Emissions, the SEMA and DEMA Methods. Presented during EUROCRYPT 2000 Rump Session (2000)Google Scholar
- 4.Bellcore: New Threat Model Breaks Crypto Codes. Press Release (1996)Google Scholar
- 5.du Castel, B.: Personal History of the Java Card (2012), French version originally published in MISC magazine, HS-2 (November 2008)Google Scholar
- 6.Joye, M., Tunstall, M.: Fault Analysis in Cryptography. Information Security and Cryptography. Springer (2012)Google Scholar
- 8.Giraud, C., Thiebeauld, H.: A Survey on Fault Attacks. In: Quisquater, J.J., Paradinas, P., Deswarte, Y., Kalam, A.E. (eds.) Smart Card Research and Advanced Applications VI – CARDIS 2004, pp. 159–176. Kluwer Academic Publishers (2004)Google Scholar
- 11.Common Criteria: Application of Attack Potential to Smartcards (2009)Google Scholar
- 15.Sun Microsystems Inc.: Virtual Machine Specification – Java Card Plateform, Version 3.0.1 (2009)Google Scholar
- 16.The Apache Software Foundation: (Apache Commons BCEL, The Byte Code Engineering Library), http://commons.apache.org/bcel/
- 17.Smart Secure Devices (SSD) Team – XLIM, Université de Limoges: CapMap – The CAP file manipulator, http://secinfo.msi.unilim.fr