Full Memory Read Attack on a Java Card
نویسندگان
چکیده
We present a simple attack on a Java Card smart card to perform arbitrary memory reads. The attack utilises a known technique of type confusion of the card’s Java Virtual Machine by exploiting the faulty transaction mechanism implementation. The type confusion attack lets us access the application’s private meta-data, reverse engineer it, and in turn get full read and write access to arbitrary memory locations on the card. The attack gives us good insights into overall memory organisation of the card. We discuss the exploit in detail, including the exploit applet source code, to provide a reproducible attack. We shortly discuss the usefulness of an on-card Bytecode Verifier, that the exploited card is equipped with, and also the Java Card firewall mechanism deficiencies.
منابع مشابه
Java Card for PayTv Application
Smart cards are widely used along with PayTV receivers to store secret user keys and to perform security functions to prevent any unauthorized viewing of PayTV channels. Java Card technology enables programs written in the Java programming language to run on smart cards. Smart cards represent one of the smallest computing platforms in use today. The memory configuration of a smart card are of t...
متن کاملManipulating the Frame Information with an Underflow Attack
This paper presents an underflow attack performed on Java Card platforms. This underflow is based on the dup_x instruction that can be used in order to read and modify the current context of execution of the attacker’s application. We first detail the theoretical and practical attack path by describing the method that can be used to characterize the platform and exploit the obtained information...
متن کاملJavaCard-from hype to reality
functionality would significantly extend smart card possibilities. However, until very recently, such promises have not been backed by real implementations; JavaCard existence has been limited to reference implementations—better known as simulations. However, JavaCard implementations now exist and the technology is beginning to live up to the hype. A JavaCard is a typical smart card: it conform...
متن کاملJava Card Combined Attacks with Localization-Agnostic Fault Injection
In this paper, we present a paradigm for combined attacks on Java Cards that lowers the requirements on the localization precision of the fault injection. The attack relies on educated objects allocation to create favorable memory patterns that raise the chances of success of the combined attack. In order to maximize the probability of successful injection, we determine the optimal parameters d...
متن کاملA Practical Attack on the MIFARE Classic
The mifare Classic is the most widely used contactless smart card in the market. Its design and implementation details are kept secret by its manufacturer. This paper studies the architecture of the card and the communication protocol between card and reader. It reveals command codes and structure that so far were unknown. It also gives a practical, low-cost attack that recovers secret informat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009