Advertisement

Java Card Combined Attacks with Localization-Agnostic Fault Injection

  • Julien Lancia
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7771)

Abstract

In this paper, we present a paradigm for combined attacks on Java Cards that lowers the requirements on the localization precision of the fault injection. The attack relies on educated objects allocation to create favorable memory patterns that raise the chances of success of the combined attack. In order to maximize the probability of successful injection, we determine the optimal parameters depending on the physical properties of the targeted platform. Finally, we demonstrate the efficiency of our approach through fault injection simulation.

Keywords

Virtual Machine Smart Card Memory Error Fault Injection Java Virtual Machine 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Agrawal, D., Archambeault, B., Rao, J., Rohatgi, P.: The EM side-channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer’s apprentice guide to fault attacks (2004)Google Scholar
  3. 3.
    Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on Java Card 3.0 Combining Fault and Logical Attacks. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 148–163. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Bouffard, G., Iguchi-Cartigny, J., Lanet, J.-L.: Combined software and hardware attacks on the Java Card control flow. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 283–296. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  6. 6.
    Giraud, C., Thiebeauld, H.: A survey on fault attacks. In: Quisquater, J.-J., Paradinas, P., Deswarte, Y., El Kalam, A.A. (eds.) Smart Card Research and Advanced Applications VI. IFIP, vol. 153, pp. 159–176. Springer, Boston (2004)CrossRefGoogle Scholar
  7. 7.
    Govindavajhala, S., Appel, A.W.: Using memory errors to attack a virtual machine. In: IEEE Symposium on Security and Privacy, pp. 154–165. IEEE Computer Society (2003)Google Scholar
  8. 8.
    Hogenboom, J., Mostowski, W.: Full memory read attack on a Java Card (2003)Google Scholar
  9. 9.
    Iguchi-Cartigny, J., Lanet, J.L.: Developing a trojan applets in a smart card. Journal in Computer Virology 6, 343–351 (2010)CrossRefGoogle Scholar
  10. 10.
    Kim, C.H., Quisquater, J.J.: Faults, injection methods, and fault attacks. IEEE Des. Test 24, 544–545 (2007)CrossRefGoogle Scholar
  11. 11.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  12. 12.
    Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proceedings of the USENIX Workshop on Smartcard Technology, p. 2. USENIX Association, Berkeley (1999)Google Scholar
  13. 13.
    Lancia, J.: Un framework de fuzzing pour cartes à puce: application aux protocoles EMV. In: Symposium sur la Sécurité des Technologies de l’Information et de la Communication, SSTIC, pp. 350–368 (2011)Google Scholar
  14. 14.
    Lancia, J.: Compromission d’une application bancaire JavaCard par attaque logicielle. In: Symposium sur la Sécurité des Technologies de l’Information et de la Communication, SSTIC (2012)Google Scholar
  15. 15.
    Lindholm, T., Yellin, F.: The Java(TM) Virtual Machine Specification, 2nd edn. Prentice Hall PTR (April 1999)Google Scholar
  16. 16.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51, 541–552 (2002)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Moore, S., Anderson, R., Cunningham, P., Mullins, R., Taylor, G.: Improving smart card security using self-timed circuits. In: Technology, Fourth AciD-WG Workshop, Grenoble, ISBN, pp. 211–218 (2002)Google Scholar
  18. 18.
    Mostowski, W., Poll, E.: Malicious code on Java Card smartcards: Attacks and countermeasures. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 1–16. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Quisquater, J.J., Samyde, D.: Electromagnetic analysis (ema): Measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Skorobogatov, S.P., Anderson, R.J.: Optical fault induction attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Skorobogatov, S.P.: Semi-invasive attacks – a new approach to hardware security analysis. Tech. Rep. 630, University of Cambridge, Computer Laboratory (April 2005), http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-630.pdf
  22. 22.
    Sun Microsystems, Inc., Palo Alto/CA, USA: Java Card Platform Security, technical White Paper (2001)Google Scholar
  23. 23.
    Sun Microsystems, Inc., Palo Alto/CA, USA: Java Card 2.2 Application Programming Interface, API (2002)Google Scholar
  24. 24.
    Sun Microsystems, Inc., Palo Alto/CA, USA: Java Card 2.2 Runtime Environment (JCRE) Specification (2002)Google Scholar
  25. 25.
    Sun Microsystems, Inc., Palo Alto/CA, USA: Java Card 2.2 Virtual Machine Specification (2002)Google Scholar
  26. 26.
    Sun Microsystems, Inc., Palo Alto/CA, USA: Application Programming Interface (API) - Java Card(TM) Platform, Version 3.0.1 (2009)Google Scholar
  27. 27.
    Sun Microsystems, Inc., Palo Alto/CA, USA: Runtime Environment Specification - Java Card(TM) Platform, Version 3.0.1 (2009)Google Scholar
  28. 28.
    Sun Microsystems, Inc., Palo Alto/CA, USA: Virtual Machine Specification - Java Card(TM) Platform, Version 3.0.1 (2009)Google Scholar
  29. 29.
    Vetillard, E., Ferrari, A.: Combined attacks and countermeasures. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 133–147. Springer, Heidelberg (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Julien Lancia
    • 1
  1. 1.SERMA TechnologiesCESTIPessacFrance

Personalised recommendations