Java Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures

Abstract: Until 2009, Java Cards have been mainly threatened by Logical Attacks based on ill-formed applications. The publication of the Java Card 3.0 Connected Edition specifications and their mandatory on-card byte code verification may have then lead to the end of software-based attacks against such platforms. However, the introduction in the Java Card field of Fault Attacks, well-known from the cryptologist community, has proven this conclusion wrong. Actually, the idea of combining Fault Attacks and Logical Attacks… Show more

“…Later, the combined attack technique was extended to target various components of JCVM in [217] [220]. These attacks are signi cant; nevertheless, they require the loading of an application designed speci cally to accomplish the attack goals.…”

“…Barbu et el. [217] showed that a fault injection that changes the values stored on the operand stack could have adverse e ect on an application's security. Furthermore, they also provided three di erent counter-measures to the proposed attack and their second-re ned method (countermeasure) is closely related to our protection mechanism.…”

“…According to Barbu et al [217] on every jump instruction beyond the scope of the current frame (method), the runtime environment XORs all the values stored on the operand and compares the result with α. If they match then the integrity of the operand stack is veri ed.…”

“…In fact, Barbu et al [217] detail an attack that targets the conditional statement (e.g. if-else) and showed how a malicious user can circumvent the PIN veri cation in their example application.…”

“…Furthermore, the value on the top of an integrity stack is V Ins-n =S r ⊕Σ n i=1 V i . Therefore, if a card manufacturer wants to implement the α as proposed by the Barbu et al [217] then it can simply do it by α = S r ⊕V Ins-n .…”

User Centric Security Model for Tamper-Resistant Devices

“…Later, the combined attack technique was extended to target various components of JCVM in [217] [220]. These attacks are signi cant; nevertheless, they require the loading of an application designed speci cally to accomplish the attack goals.…”

“…Barbu et el. [217] showed that a fault injection that changes the values stored on the operand stack could have adverse e ect on an application's security. Furthermore, they also provided three di erent counter-measures to the proposed attack and their second-re ned method (countermeasure) is closely related to our protection mechanism.…”

“…According to Barbu et al [217] on every jump instruction beyond the scope of the current frame (method), the runtime environment XORs all the values stored on the operand and compares the result with α. If they match then the integrity of the operand stack is veri ed.…”

“…In fact, Barbu et al [217] detail an attack that targets the conditional statement (e.g. if-else) and showed how a malicious user can circumvent the PIN veri cation in their example application.…”

“…Furthermore, the value on the top of an integrity stack is V Ins-n =S r ⊕Σ n i=1 V i . Therefore, if a card manufacturer wants to implement the α as proposed by the Barbu et al [217] then it can simply do it by α = S r ⊕V Ins-n .…”

User Centric Security Model for Tamper-Resistant Devices

Exploiting JCVM on Smart Cards Using Forged References in the API Calls

Fault Injection Characterization on Modern CPUs