Java Card Combined Attacks with Localization-Agnostic Fault Injection
نویسنده
چکیده
In this paper, we present a paradigm for combined attacks on Java Cards that lowers the requirements on the localization precision of the fault injection. The attack relies on educated objects allocation to create favorable memory patterns that raise the chances of success of the combined attack. In order to maximize the probability of successful injection, we determine the optimal parameters depending on the physical properties of the targeted platform. Finally, we demonstrate the e ciency of our approach through fault injection simulation.
منابع مشابه
Mitigating Type Confusion on Java Card
One of the challenges for smart card deployment is the security interoperability. A smart card resistant to an attack on a given platform should be able to guarantee the same behavior on another platform. But the current implementations do not comply with this requirement. In order to improve such standardization the authors propose a framework based on annotations with an external pre-processi...
متن کاملJava Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures
Until 2009, Java Cards have been mainly threatened by Logical Attacks based on ill-formed applications. The publication of the Java Card 3.0 Connected Edition specifications and their mandatory on-card byte code verification may have then lead to the end of software-based attacks against such platforms. However, the introduction in the Java Card field of Fault Attacks, well-known from the crypt...
متن کاملAttacks on Java Card 3.0 Combining Fault and Logical Attacks
Java Cards have been threatened so far by attacks using ill-formed applications which assume that the application bytecode is not verified. This assumption remained realistic as long as the bytecode verifier was commonly executed off-card and could thus be bypassed. Nevertheless it can no longer be applied to the Java Card 3 Connected Edition context where the bytecode verification is necessari...
متن کاملAutomatic Integration of Counter-Measures Against Fault Injection Attacks
This paper describes a technology aiming at enforcing semiautomatically counter-measures against fault injection attacks of smart cards. This technology addresses in a generic way the whole software embedded on the card. In particular, it addresses threats going beyond cryptography-related parts of the embedded software, like threats against the firewall of the Java Card embedded virtual machin...
متن کاملNeural Network VS. Bayesian Network to Detect Java Card Mutants
Being a vital element for the different domains such as communication system, authentication, and payment, multiple attackers manipulate the Card fraudulently in order to access to the services offered by this one. Smartcards are often the target of software and hardware attacks. The most recent attacks are based on fault injection which modifies the application behavior. By disrupting the Java...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012