Towards the Hardware Accelerated Defensive Virtual Machine – Type and Bound Protection

Lackner, Michael; Berlach, Reinhard; Loinig, Johannes; Weiß, Reinhold; Steger, Christian

doi:10.1007/978-3-642-37288-9_1

Cited by 10 publications

(7 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This bytecode encryption counteracts the security threat of jumping out of the actual method code and executing undefined data. Another countermeasure proposed in [7,11] counteracts the threat of type confusion between the two main data types integralData and reference. All elements of one main data type are pushed and popped onto their specific OS.…”

Section: Related Workmentioning

confidence: 98%

See 1 more Smart Citation

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

Lackner

Berlach

Weiß

et al. 2014

Proceedings of the First Workshop on Cryptography and Security in Computing Systems

Self Cite

View full text Add to dashboard Cite

Java enabled smart cards protect security-related code and data by a sandbox concept. Unfortunately, this sandbox can be bypassed by fault attacks. Therefore, there is a substantial need for transparent, effective, and low-overhead countermeasures. This work demonstrates a new countermeasure against type confusion and buffer overflow attacks. This new countermeasure is based on obfuscating the security critical calculation parts of a virtual machine by secret keys. This countermeasure was integrated into a Java Card virtual machine running on a smart card prototype. New hardware features were added to this prototype to accelerate the obfuscating operation. The execution time overhead of the new countermeasure is demonstrated by performing run-time measurements on the prototype.

show abstract

Section: Related Workmentioning

confidence: 98%

“…No Applet Preprocessing Required: In [11,12], a defensive JVM that stores the used main data type integralData or reference during run-time for every OS and LV element are proposed. A drawback of this type of storing approach is that it requires additional memory for type storing and additional computational power for the type checks.…”

Section: Related Workmentioning

confidence: 99%

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

Lackner

Berlach

Weiß

et al. 2014

Proceedings of the First Workshop on Cryptography and Security in Computing Systems

Self Cite

View full text Add to dashboard Cite

show abstract

“…Preventing type confusion from a Java Card applet aims at blocking arithmetic operations on reference. Lackner et al (2012) proposed a typed stack where each element is associated with a bit. During the access of an element, the JCRE checks the associated bit value to avoid a type confusion attack from the Java Card stack.…”

Section: Type Confusion On a Typed Stackmentioning

confidence: 99%

The ultimate control flow transfer in a Java based smart card

Bouffard

Lanet

2015

Computers & Security

View full text Add to dashboard Cite

International audienceRecently, researchers published several attacks on smart cards. Among these, software attacks are the most affordable, they do not require specific hardware (laser, EM probe, etc.). Such attacks succeed to modify a sensitive system element which offers access to the smart card assets. To prevent that, smart card manufacturers embed dedicated countermeasures that aim to protect the sensitive system elements. We present a generic approach based on a Control Flow Transfer (CFT) attack to modify the Java Card program counter. This attack is built on a type confusion using the couple of instructions jsr/ret. Evaluated on different Java Cards, this new attack is a generic CFT exploitation that succeeds on each attacked cards. We present several countermeasures proposed by the literature or implemented by smart card designers and for all of them we explain how to bypass them. Then, we propose to use Attack Countermeasure Tree to develop an effective and affordable countermeasure for this attack

show abstract

“…Another run-time check against FAs is proposed in [10,14], in which they create separate OSes for each of the two data types, integralValue and reference. With this approach of splitting the OS, it is possible to counteract type-confusion attacks.…”

Section: Countermeasures Against Java Card Attacksmentioning

confidence: 99%

“…With the help of these policies, it is possible to counteract the most dangerous threats that jeopardize security-critical data on the card. The type and bound policies are taken from [14] and are augmented with a control-flow policy. The fulfillment of the three policies on every bytecode is checked by three different D-VM layer implementations using our D-VM API.…”

Section: Security Policymentioning

confidence: 99%

A Defensive Virtual Machine Layer to Counteract Fault Attacks on Java Cards

Lackner

Berlach

Raschke

et al. 2013

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. The objective of Java Cards is to protect security-critical code and data against a hostile environment. Adversaries perform fault attacks on these cards to change the control and data flow of the Java Card Virtual Machine. These attacks confuse the Java type system, jump to forbidden code or remove run-time security checks. This work introduces a novel security layer for a defensive Java Card Virtual Machine to counteract fault attacks. The advantages of this layer from the security and design perspectives of the virtual machine are demonstrated. In a case study, we demonstrate three implementations of the abstraction layer running on a Java Card prototype. Two implementations use software checks that are optimized for either memory consumption or execution speed. The third implementation accelerates the run-time verification process by using the dedicated hardware protection units of the Java Card.

show abstract

Towards the Hardware Accelerated Defensive Virtual Machine – Type and Bound Protection

Cited by 10 publications

References 13 publications

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

The ultimate control flow transfer in a Java based smart card

A Defensive Virtual Machine Layer to Counteract Fault Attacks on Java Cards

Contact Info

Product

Resources

About