Memory-efficient on-card byte code verification for Java cards

Berlach, Reinhard; Lackner, Michael; Steger, Christian; Loinig, Johannes; Haselsteiner, Ernst

doi:10.1145/2556315.2556323

Cited by 3 publications

(3 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the Java Card community, several works aim at providing a reference implementation of an off-card [16] or an on-card [3,9] Java Card BCV. These implementations are mainly designed from a formal model and can be used to test the BCV implementation provided by Oracle.…”

Section: State-of-the-art On Java Card Byte Code Verifier Flawsmentioning

confidence: 99%

See 1 more Smart Citation

Java Card Virtual Machine Compromising from a Bytecode Verified Applet

Lancia¹,

Bouffard

2016

Smart Card Research and Advanced Applications

View full text Add to dashboard Cite

The Byte Code Verifier (BCV) is one of the most important security element in the Java Card environment. Indeed, embedded applets must be verified prior installation to prevent ill-formed applet loading. In this article, we disclose a flaw in the Oracle BCV which affects the applet linking process and can be exploited on real world Java Card smartcards. We describe our exploitation of this flaw on a Java Card implementation that enables injecting and executing arbitrary native malicious code in the communication buffer from a verified applet. This native execution allows snapshotting the smart card memory with OS rights.

show abstract

Section: State-of-the-art On Java Card Byte Code Verifier Flawsmentioning

confidence: 99%

“…Following our responsible disclosure of the BCV issue to Oracle, we were allowed to publish this article and a new version of the BCV was released 3 . This new BCV version detects the Class component inconsistency and thus mitigate our attack.…”

Section: Conclusion Countermeasure and Future Workmentioning

confidence: 99%

Java Card Virtual Machine Compromising from a Bytecode Verified Applet

Lancia¹,

Bouffard

2016

Smart Card Research and Advanced Applications

View full text Add to dashboard Cite

show abstract

“…Furthermore, Java Cards are becoming more and more powerful which will most probably result in an available on-card verification process which only accepts applets which only contain harmless operations. Resource optimized on-card verification algorithms are presented in different works [5,14].…”

Section: Logical Attack On the Java Heapmentioning

confidence: 99%

Heap $$\ldots $$ Hop! Heap Is Also Vulnerable

Bouffard

Lackner

Lanet

et al. 2015

Smart Card Research and Advanced Applications

Self Cite

View full text Add to dashboard Cite

Several logical attacks against Java based smart card have been published recently. Most of them are based on the hypothesis that the type verification was not performed, thus allowing to obtain dynamically a type confusion. To mitigate such attacks, typed stack have been introduced on recent smart card. We propose here a new attack path for performing a type confusion even in presence of a typed stack. Then we propose using a Fault Tree Analysis a way to design efficiently counter measure in a top down approach. These counter measures are then evaluated on a Java Card virtual machine

show abstract