Top

International Journal of Information Security

Published in:

22-02-2018 | Regular Contribution

Reverse engineering Java Card and vulnerability exploitation: a shortcut to ROM

Authors: Abdelhak Mesbah, Jean-Louis Lanet, Mohamed Mezghiche

Published in: International Journal of Information Security | Issue 1/2019

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Secure elements store and manipulate assets in a secure way. The most attractive assets are the cryptographic keys stored into the memory that can be used to provide secure services to a system. For this reason, secure elements are prone to attacks. But retrieving assets inside such a highly secure device is a challenging task. This paper presents the process we used to gain access to the assets in the particular case of Java Card secure element. In a Java Card, the assets are stored securely, i.e., respecting confidentiality and integrity attributes. Only the native layers can manipulate these sensitive objects. Thus, the Java interpreter, the API and the run time act as a firewall between the assets and the Java applications that one can load into the device. Finding a vulnerability into this piece of software is of a prime importance. Finding a vulnerability into a software is often not enough to develop a complete exploit. Here, we demonstrate at the end that a Java Card applet can call the hidden native functions used to decipher the secure container that encapsulates a key. Some previous attacks have shown the ability to get access to the application code area. But the Java Card intermediate byte code detected in the dumps has shown several differences with regard to the specification, which prevents the reverse engineering of the applicative code. Thus, to avoid the execution of shell code by a hostile applet, a part of the byte code stored into the card is unknown. The transformation is done on-the-fly during the upload of an application. We present in this article a new approach for reversing the unknown instruction set of the intermediate byte code which in turn has led to reverse engineering of the Java classes of the attacked card. We discovered during the reverse that some method calls have an unusual signature. Without having access to the native code, we have inferred the semantics of the called methods and their calling convention. These methods have access to the assets of the card without being restricted by security mechanisms like the firewall. We exploit this knowledge to set up a new attack that provides a full access to the cryptographic material and allows to reset the state of the card to the initial configuration. We demonstrate the ability to call these methods at the Java level in an application to retrieve sensitive assets whatever the protections are. Then, we suggest several possibilities to mitigate these attacks.

previous article Differential audio analysis: a new side-channel attack on PIN pads

next article Deployment and performance evaluation of mobile multicoupon solutions

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Internal call: the called method is in the same package as the caller.

External call: the method called is in a different package that the caller method.

Part of the package’s name has been obfuscated.

Barbu, G.: On the security of Java Card\(^{\text{TM}}\) platforms against hardware attacks. PhD thesis, Grant-funded with Oberthur Technologies and Télécom ParisTech (2012)

Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on Java Card 3.0 combining fault and logical attacks. In: Gollmann, D., Lanet, J.L., Iguchi-Cartigny J. (eds.) Smart Card Research and Advanced Application, Lecture Notes in Computer Science, vol. 6035, pp. 148–163. Springer, Berlin (2010). https://doi.org/10.1007/978-3-642-12510-2_11

Bizzotto, G., Grimaud, G.: Practical Java Card bytecode compression (2002)

Bouffard, G., Iguchi-Cartigny, J., Lanet, J.L.: Combined software and hardware attacks on the Java Card control flow. In: Prouff, E. (ed.) Smart Card Research and Advanced Applications, Lecture Notes in Computer Science, vol. 7079, pp. 283–296. Springer, Berlin (2011). https://doi.org/10.1007/978-3-642-27257-8_18

Bouffard, G., Lackner, M., Lanet, J.L., Loinig, J.: Heap... hop! heap is also vulnerable. In: Smart Card Research and Advanced Applications, pp. 18–31. Springer, Berlin (2014)

Bouffard, G., Lanet, J.: Reversing the operating system of a java based smart card. J. Comput. Virol. Hack. Tech. 10(4), 239–253 (2014). https://doi.org/10.1007/s11416-014-0218-7. http://link.springer.com/article/10.1007/s11416-014-0218-7/fulltext.html

Clausen, L.R., Schultz, U.P., Consel, C., Muller, G.: Java bytecode compression for low-end embedded systems. ACM Trans. Program. Lang. Syst. 22(3), 471–489 (2000). https://doi.org/10.1145/353926.353933 CrossRef

Courtois, N.T.: The dark side of security by obscurity and cloning Mifare Classic Rail and building passes, anywhere, anytime. IACR Cryptology ePrint Archive (2009)

EMV: EMV Testing and Certification White Paper (2013). http://www.emv-connection.com/downloads/2013/05/EMV_Testing_Certification_V1.0-080213.pdf. Accessed 7 Feb 2018

10.

Farhadi, M., Lanet, J.L.: Chronicle of a java card death. J. Comput. Virol. Hack. Tech. (2016). https://doi.org/10.1007/s11416-016-0276-0

11.

Farhadi, M., Lanet, J.L.: Paper tigers: an endless fight. In: International Conference for Information Technology and Communications, pp. 40–62. Springer, Berlin (2016)

12.

gemalto: Java Card and STK Applet Development Guidelines. http://developer.gemalto.com. Accessed 7 Feb 2018

13.

GlobalPlatform, C.S.: Version 2.2. Mars (2006)

14.

GSMA: Embedded UICC Protection Profile (2015). https://www.gsma.com/newsroom/wp-content/uploads/SGP_05_v1_1.pdf. Accessed 7 Feb 2018

15.

Hamadouche, S., Bouffard, G., Lanet, J.L., Dorsemaine, B., Nouhant, B., Magloire, A., Reygnaud, A.: Subverting byte code linker service to characterize Java Card API. In: Seventh Conference on Network and Information Systems Security (SAR-SSI), pp. 75–81 (2012)

16.

Iguchi-Cartigny, J., Lanet, J.L.: Developing a Trojan applets in a smart card. J. Comput. Virol. 6(4), 343–351 (2010)CrossRef

17.

Lancia, J., Bouffard, G.: Java Card virtual machine compromising from a bytecode verified applet. In: Smart Card Research and Advanced Applications, pp. 75–88. Springer, Berlin (2015)

18.

Lanet, J.L., Bouffard, G., Lamrani, R., Chakra, R., Mestiri, A., Monsif, M., Fandi, A.: Memory forensics of a Java Card dump. In: Joye, M., Moradi, A. (eds.) Smart Card Research and Advanced Applications, Lecture Notes in Computer Science, vol. 8968, pp. 3–17. Springer, Berlin (2015). https://doi.org/10.1007/978-3-319-16763-3_1

19.

Mesbah, A., Lanet, J.L., Mezghiche, M.: Reverse engineering a Java Card memory management algorithm. Comput. Secur. 66, 97–114 (2017)CrossRef

20.

Mesbah, A., Regnaud, L., Lanet, J.L., Mezghiche, M.: The hell forgery, polymorphic codes shoot again. In: 15th Smart Card Research and Advanced Application Conference (2016)

21.

Nohl, K.: Rooting SIM cards. In: BlackHat Conference, Las Vegas, July 31, 2013, Security Research Labs blog. https://srlabs.de/rooting-sim-cards/

22.

Oracle: Java Card 3 Platform, Virtual Machine Specification, Classic Edition. Version 3.0.4. Oracle, Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065 (2011)

23.

oracle: Java Card Protection Profile Open Configuration (2012). https://www.commoncriteriaportal.org/files/ppfiles/ANSSI-CC-profil_PP-2010-03en.pdf. Accessed 7 Feb 2018

24.

Razafindralambo, T., Bouffard, G., Thampi, B.N., Lanet, J.L.: A dynamic syntax interpretation for java based smart card to mitigate logical attacks. In: International Conference on Security in Computer Networks and Distributed Systems, pp. 185–194. Springer, Berlin (2012)

25.

Rolles, R.: Unpacking virtualization obfuscators. In: 3rd USENIX Workshop on Offensive Technologies.(WOOT) (2009)

26.

Schwarz, B., Debray, S., Andrews, G.: Disassembly of executable code revisited. In: Proceedings of the Ninth Working Conference on Reverse Engineering, 2002. pp. 45–54 (2002)

27.

Volokitin, S., Poll, E.: Logical attacks on secured containers of the Java Card platform. In: Smart Card Research and Advanced Applications. Springer, Berlin (2016)

Title: Reverse engineering Java Card and vulnerability exploitation: a shortcut to ROM
Authors: Abdelhak Mesbah
Jean-Louis Lanet
Mohamed Mezghiche
Publication date: 22-02-2018
Publisher: Springer Berlin Heidelberg
Published in: International Journal of Information Security / Issue 1/2019
Print ISSN: 1615-5262
Electronic ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-018-0401-9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2019

Deployment and performance evaluation of mobile multicoupon solutions

Defeating SQL injection attack in authentication security: an experimental study

Commix: automating evaluation and exploitation of command injection vulnerabilities in Web applications

Differential audio analysis: a new side-channel attack on PIN pads

Design and implementation of Negative Authentication System

Premium Partner