Language:

Attacks on Java Card 3.0 Combining Fault and Logical Attacks

Smart Card Research and Advanced Application. 9th IFIP WG 8.8/11.2 International Conference, 2010, Vol.6035, p.148-163 [Peer Reviewed Journal]

Distributed under a Creative Commons Attribution 4.0 International License ;DOI: 10.1007/978-3-642-12510-2_11

Digital Resources/Online E-Resources

Citations Cited by

Actions
1. Add to My Research
2. Remove from My Research
3. E-mail
4. Print
5. Permalink
6. Citation
7. EasyBib
8. EndNote
9. RefWorks
10. Delicious
11. Export RIS
12. Export BibTeX

Title:
Attacks on Java Card 3.0 Combining Fault and Logical Attacks
Author: Barbu, Guillaume ; Thiebeauld, Hugues ; Guerin, Vincent
Subjects: Computer Science ; Cryptography and Security
Is Part Of: Smart Card Research and Advanced Application. 9th IFIP WG 8.8/11.2 International Conference, 2010, Vol.6035, p.148-163
Description: Java Cards have been threatened so far by attacks using ill-formed applications which assume that the application bytecode is not verified. This assumption remained realistic as long as the bytecode verifier was commonly executed off-card and could thus be bypassed. Nevertheless it can no longer be applied to the Java Card 3 Connected Edition context where the bytecode verification is necessarily performed on-card. Therefore Java Card 3 Connected Edition seems to be immune against this kind of attacks. In this paper, we demonstrate that running ill-formed application does not necessarily mean loading and installing ill-formed application. For that purpose, we introduce a brand new kind of attack which combines fault injection and logical tampering. By these means, we describe two case studies taking place in the new Java Card 3 context. The first one shows how ill-formed applications can still be introduced and executed despite the on-card bytecode verifier. The second example leads to the modification of any method already installed on the card into any malicious bytecode. Finally we successfully mount these attacks on a recent device, emphasizing the necessity of taking into account these new threats when implementing Java Card 3 features.
Publisher: Springer
Language: English
Identifier: DOI: 10.1007/978-3-642-12510-2_11
Source: Hyper Article en Ligne (HAL) (Open Access)

Back to results list


INSPIRE LIBRARY - TON DUC THANG UNIVERSITY	(84-028) 37 755 057	Feedback
19 Nguyen Huu Tho St. Dist.7, HCM	thuvien@tdtu.edu.vn	Feedback

Attacks on Java Card 3.0 Combining Fault and Logical Attacks

Distributed under a Creative Commons Attribution 4.0 International License ;DOI: 10.1007/978-3-642-12510-2_11

Searching Remote Databases, Please Wait