Abstract
Virtual machines executing high level languages are nowadays found even in small secure embedded systems. We have studied properties of the Java virtual machine and the Java virtual machine language under certain fault attacks. Focused glitching attacks may enforce type confusion situations. Defensive Java virtual machine is prosed as a counter-measure.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lawton, G.: Moving Java into mobile phones. Computer 35(6), 17–20 (2002)
Baentsch, M., Buhler, P., Eirich, T., Hring, F., Oestreicher, M.: JavaCard – from hype to reality. IEEE Concurrency 7(4), 36–43 (1999)
Levis, P., Culler, D.: Maté: a tiny virtual machine for sensor networks. In: ASPLOS-X: Proceedings of the 10th international conference on Architectural support for programming languages and operating systems, pp. 85–95. ACM Press, New York (2002)
Naccache, D.: Finding faults. IEEE Security & Privacy, 61–65 (2005)
Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer’s apprentice guide to fault attacks. In: Workshop on Fault Diagnosis and Tolerance in Cryptography (2004), http://www.gemplus.com/smart/rd/publications/pdf/BCN_04sor.pdf
Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)
Skorobogatov, S., Anderson, R.: Optical fault induction attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)
Moore, S., Anderson, R., Cunningham, P., Mullins, R., Taylor, G.: Improving smart card security using self-timed circuits. In: ASYNC 2002: Proceedings of the 8th International Symposium on Asynchronus Circuits and Systems, Washington, DC, USA, p. 211. IEEE Computer Society, Los Alamitos (2002)
Govindavajhala, S., Appel, A.W.: Using memory errors to attack a virtual machine. In: Proceedings of 2003 IEEE Symposium on Security and Privacy, pp. 154–165 (2003)
Stärk, R., Schmid, J., Börger, E.: JavaTM and the JavaTM Virtual Machine, Definition, Verification, Validation. Springer, Heidelberg (2001)
Cohen, R.M.: The defensive Java virtual machine specification version 0.5. Technical report, Computational Logic Inc., Austin, Texas (1997)
Ravi, S., Raghunathan, A., Chakradhar, S.: Tamper resistance mechanisms for secure, embedded systems. In: VLSID 2004: Proceedings of the 17th International Conference on VLSI Design, Washington, DC, USA, p. 605. IEEE Computer Society, Los Alamitos (2004)
Hoglund, G., McGraw, G.: Exploiting Software, How to break code. Addison-Wesley, Reading (2004)
Venners, B.: Inside the Java Virtual Machine, 2nd edn. McGraw-Hill, New York (2000)
Sun Microsystems Inc. Palo Alto, California: Java Card 2.2 Run-Time Environment (JCRE) Specification (2002)
Witteman, M.: Java card security. Information Security Bulletin 8, 291–298 (2003)
Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: USENIX Workshop on Smartcard Technology (Smartcard 1999), pp. 9–20 (1999)
Dodd, P.E., Massengill, L.W.: Basic mechanims and modeling of single-event upset in digital electronics. IEEE Transactions on Nuclear Science 50(3), 583–602 (2003)
Gagnon, E.: A Portable Research Framework for the Execution of Java Bytecode. Ph.D thesis, School of Computer Science, McGill University, Montreal (2002)
Aycock, J.: A brief history of just-in-time. ACM Comput. Surv. 35(2), 97–113 (2003)
Alpern, B., Attanasio, C.R., Barton, J.J., Burke, M.G., Cheng, P., Choi, J.D., Cocchi, A., Fink, S.J., Grove, D., Hind, M., Hummel, S.F., Lieber, D., Litvinov, V., Mergen, M.F., Ngo, T., Russell, J.R., Sarkar, V., Serrano, M.J., Shepherd, J.C., Smith, S.E., Sreedhar, V.C., Srinivasan, H., Whaley, J.: The Jalapeño virtual machine. IBM System Journal 39(1) (2000)
Schultz, U.P., Burgaard, K., Christensen, F.G., Knudsen, J.L.: Compiling Java for low-end embedded systems. In: LCTES 2003: Proceedings of the 2003 ACM SIGPLAN conference on Language, compiler, and tool for embedded systems, pp. 42–50. ACM Press, New York (2003)
Debbabi, M., Gherbi, A., Ketari, L., Talhi, C., Yahyaoui, H., Zhioua, S.: A synergy between efficient interpretation and fast selective dynamic compilation for the acceleration of embedded Java virtual machines. In: PPPJ 2004: Proceedings of the 3rd international symposium on Principles and practice of programming in Java, Trinity College Dublin, pp. 107–113 (2004)
Deville, D., Grimaud, G.: On board compiling in the very small. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362. Springer, Heidelberg (2005)
Porthouse, C.: High performance Java on embedded devices, JazelleTM technology: ARMTM accelerator technology for the JavaTM platform, white paper (2004), http://www.arm.com/pdfs/JazelleWhitePaper.pdf
McGhan, H., O’Connor, M.: PicoJava: A direct execution engine for Java bytecode. Computer 31(10), 22–30 (1998)
NanoAmp Solutions Inc: The MOCA-J Accelerator: Memory Oriented Coprocessor Accelerator for the J2METM Platform, http://www.nanoamp.com/MOCA-J
Radhakrishnan, R., Bhargava, R., John, L.K.: Improving Java performance using hardware translation. In: ICS 2001: Proceedings of the 15th international conference on Supercomputing, pp. 427–439. ACM Press, New York (2001)
Oi, H.: Instruction folding in a hardware-translation based Java virtual machine. In: CF 2006: Proceedings of the 3rd conference on Computing frontiers, pp. 139–146. ACM Press, New York (2006)
Azevedo, A., Kejariwal, A., Veidenbaum, A., Nicolau, A.: High performance annotation-aware JVM for Java Cards. In: EMSOFT 2005: Proceedings of the 5th ACM international conference on Embedded software, pp. 52–61. ACM Press, New York (2005)
Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. The JavaTM Series. Addison-Wesley Professional, Reading (1997)
Chaumette, S., Sauveron, D.: An efficient and simple way to test the security of Java CardsTM. In: Security in Information Systems, Proceedings of the 3rd International Workshop on Security in Information Systems (WOSIS 2005), pp. 331–341 (2005)
Mitra, S., Seifert, N., Zhang, M., Shi, Q., Kim, K.S.: Robust system design with built-in soft-error resilience. Computer 38(2), 43–52 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vertanen, O. (2006). Java Type Confusion and Fault Attacks. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, JP. (eds) Fault Diagnosis and Tolerance in Cryptography. FDTC 2006. Lecture Notes in Computer Science, vol 4236. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11889700_21
Download citation
DOI: https://doi.org/10.1007/11889700_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-46250-7
Online ISBN: 978-3-540-46251-4
eBook Packages: Computer ScienceComputer Science (R0)