Information Theory-Based Quantitative Evaluation Method for Countermeasures Against Fault Injection Attacks

Evaluation of Countermeasures Against Fault Attacks on Smart Cards

Java Card are devices subject to either hardware and software attacks. Thus several countermeasures need to be embedded to avoid the effects of these attacks. Recently, the idea to combine logical attacks with a physical attack to bypass bytecode verification has emerged. For instance, correct and legitimate Java Card applications can be dynamically modified on-card using laser beam. Such appli...

Fault attacks and countermeasures

User Authentication Method against SQL Injection Attacks

The Internet and web applications are playing very important role in our today’s modern day life. Most of the web applications use the database as a back end to store critical information. SQL injection attacks represent a serious threat to any database-driven site. The methods behind an attack are easy to learn and the damage caused can range from considerable to complete system compromise. De...

Fault Attacks for CRT Based RSA: New Attacks, New Results, and New Countermeasures

Nowadays RSA using Chinese Remainder Theorem (CRT) is widely used in practical applications. However there is a very powerful attack against it with a fault injection during one of its exponentiations. Many countermeasures were proposed but almost all of them are proven to be insecure. In 2005, two new countermeasures were proposed. However they still have a weakness. The final signature is sto...

Java Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures

Until 2009, Java Cards have been mainly threatened by Logical Attacks based on ill-formed applications. The publication of the Java Card 3.0 Connected Edition specifications and their mandatory on-card byte code verification may have then lead to the end of software-based attacks against such platforms. However, the introduction in the Java Card field of Fault Attacks, well-known from the crypt...