“…In the Java Card community, several works aim at providing a reference implementation of an off-card [16] or an on-card [3,9] Java Card BCV. These implementations are mainly designed from a formal model and can be used to test the BCV implementation provided by Oracle.…”
Section: State-of-the-art On Java Card Byte Code Verifier Flawsmentioning
confidence: 99%
“…Following our responsible disclosure of the BCV issue to Oracle, we were allowed to publish this article and a new version of the BCV was released 3 . This new BCV version detects the Class component inconsistency and thus mitigate our attack.…”
Section: Conclusion Countermeasure and Future Workmentioning
The Byte Code Verifier (BCV) is one of the most important security element in the Java Card environment. Indeed, embedded applets must be verified prior installation to prevent ill-formed applet loading. In this article, we disclose a flaw in the Oracle BCV which affects the applet linking process and can be exploited on real world Java Card smartcards. We describe our exploitation of this flaw on a Java Card implementation that enables injecting and executing arbitrary native malicious code in the communication buffer from a verified applet. This native execution allows snapshotting the smart card memory with OS rights.
“…In the Java Card community, several works aim at providing a reference implementation of an off-card [16] or an on-card [3,9] Java Card BCV. These implementations are mainly designed from a formal model and can be used to test the BCV implementation provided by Oracle.…”
Section: State-of-the-art On Java Card Byte Code Verifier Flawsmentioning
confidence: 99%
“…Following our responsible disclosure of the BCV issue to Oracle, we were allowed to publish this article and a new version of the BCV was released 3 . This new BCV version detects the Class component inconsistency and thus mitigate our attack.…”
Section: Conclusion Countermeasure and Future Workmentioning
The Byte Code Verifier (BCV) is one of the most important security element in the Java Card environment. Indeed, embedded applets must be verified prior installation to prevent ill-formed applet loading. In this article, we disclose a flaw in the Oracle BCV which affects the applet linking process and can be exploited on real world Java Card smartcards. We describe our exploitation of this flaw on a Java Card implementation that enables injecting and executing arbitrary native malicious code in the communication buffer from a verified applet. This native execution allows snapshotting the smart card memory with OS rights.
“…Furthermore, Java Cards are becoming more and more powerful which will most probably result in an available on-card verification process which only accepts applets which only contain harmless operations. Resource optimized on-card verification algorithms are presented in different works [5,14].…”
Section: Logical Attack On the Java Heapmentioning
Several logical attacks against Java based smart card have been published recently. Most of them are based on the hypothesis that the type verification was not performed, thus allowing to obtain dynamically a type confusion. To mitigate such attacks, typed stack have been introduced on recent smart card. We propose here a new attack path for performing a type confusion even in presence of a typed stack. Then we propose using a Fault Tree Analysis a way to design efficiently counter measure in a top down approach. These counter measures are then evaluated on a Java Card virtual machine
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.