nach oben

Journal of Computer Virology and Hacking Techniques

Erschienen in:

17.05.2016 | Original Paper

Chronicle of a Java Card death

verfasst von: Mozhdeh Farhadi, Jean-Louis Lanet

Erschienen in: Journal of Computer Virology and Hacking Techniques | Ausgabe 2/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Various attacks are designed to gain access to the assets of Java Card Platforms. These attacks use software, hardware or a combination of both. Manufacturers have improved their countermeasures to protect card assets from these attacks. In this paper, we attempt to gain access to assets of a recent Java Card Platform by combining various logical attacks. As we did not have any information about the internal structure of the targeted platform, we had to execute various attacks and analyze the results. Our investigation on the targeted Java Card Platform lead us to introduce two generic methods to gain access to the assets of Java Card Platforms. One of the new methods we present in this paper is based on the misuse of the Java Card API to build a type confusion and get access to the objects (including cryptographic keys) of a Java Card applet. The other method is a new approach to get access to the return address of the methods in Java Cards with Separate Stack countermeasure. We also propose a pattern that the targeted platform uses to store data and code of applets on the card plus the ability to read and write in the data and code area of the applets in different security contexts. These new attacks occur even in the presence of countermeasures such as Separate Stack for kernel and user data, indirect mapping for objects addressing and firewall mechanisms.

Vorheriger Artikel Clustering for malware classification

Nächster Artikel Identification of malicious android app using manifest and opcode features

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on Java Card 3.0 combining fault and logical attacks. In: Smart Card Research and Advanced Application, pp. 148–163. Springer, Berlin (2010)

Barbu, G., Andouard, P., Giraud, C.: Dynamic fault injection countermeasure. In: Mangard, S. (ed.) Smart Card Research and Advanced Applications, Lecture Notes in Computer Science, vol. 7771, pp. 16–30. Springer, Berlin (2013). doi:10.1007/9783642372889_2

Barenghi, A., Breveglieri, L., Koren, I., Pelosi, G., Regazzoni, F.: Countermeasures against fault attacks on software implemented aes: effectiveness and cost. In: Proceedings of the 5th Workshop on Embedded Systems Security, WESS ’10, pp. 7:1–7:10. ACM, New York (2010). doi:10.1145/1873548.1873555

Bistarelli, S., Fioravanti, F., Peretti, P.: Defense trees for economic evaluation of security investments. In: The First International Conference on Availability, Reliability and Security, 2006. ARES 2006, IEEE (2006)

Bouffard, G.: A generic approach for protecting java card smart card against software attacks, Ph.D. thesis, University of Limoges, 123 Avenue Albert Thomas, 87060 LIMOGES CEDEX (2014)

Bouffard, G., Lanet, J.-L.: The next smart card nightmare - logical attacks, combined attacks, mutant applications and other funny things. In: Cryptography and Security: From Theory to Applications—Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday (2012)

Bouffard, G., Lanet, J.-L.: The ultimate control fow transfer in a Java based smart card. Comput. Secur. 50, 3346 (2015). doi:10.1016/j.cose.2015.01.004 CrossRef

Bouffard, G., Lackner, M., Lanet, J.-L., Loinig, J.: Heap ... Hop! Heap is also vulnerable. In: Joye, M., Moradi A. (eds.) Smart Card Research and Advanced Applications—13th International Conference, CARDIS 2014, Paris, France, November 5-7, 2014. Revised Selected Papers, Lecture Notes in Computer Science, vol. 8968, pp. 18–31. Springer, Berlin (2014). doi:10.1007/9783319167633_2

Bouissou, M., Bon, J.: A new formalism that combines advantages of faulttrees and markov models: Boolean logic driven markov processes. Rel. Eng. Syst. Saf. 82(2), 149163 (2003). doi:10.1016/S09518320(03)001431 CrossRef

10.

Chen, Z.: Java Card Technology for Smart Cards: architecture and programmer’s guide. Addison-Wesley. https://books.google.co.uk/books?id=4WDj4H6pT50C (2000)

11.

Common Criteria, Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model (2009) version 3.1, Revision 3 (CCMB-2009-07-001) (2009)

12.

Dubreuil, J., Lanet, J.-L., Bouffard, G., Thampi, B.N.: Mitigating type confusion on Java Card. Int. J. Secure Softw. Eng. (IJSSE) 4(1), 19–39 (2013)CrossRef

13.

El-Idrissi, N.E.J., El-Hajji, S., Lanet, J.-L.: Countermeasures mitigation for designing rich shell code in Java Card. In: Codes, Cryptology, and Information Security - First International Conference, C2SI 2015, Rabat, Morocco, May 26-28, 2015, Proceedings—In Honor of Thierry Berger, pp. 149–161 (2015). doi:10.1007/9783319186818_12

14.

Faugeron, E.: Manipulating the frame information with an underflow attack. In: Smart Card Research and Advanced Applications—12th International Conference, CARDIS 2013, Berlin, Germany, November 27- 29, 2013. Revised Selected Papers, pp. 140–151 (2013). doi:10.1007/9783319083025_10

15.

Faugeron, E., Valette, S.: How to hoax an on-card verifier, Accepted Talk at e-Smart, vol. 10 (2010)

16.

Hamadouche, S., Bouffard, G., Lanet, J.-L., Dorsemaine, B., Nouhant, B., Magloire, A., Reygnaud, A.: Subverting Byte Code Linker service to characterize Java Card API. In: Seventh Conference on Network and Information Systems Security (SAR-SSI), pp. 75–81 (2012)

17.

Hogenboom, J., Mostowski, W.: Full memory read attack on a Java Card. In: 4th Benelux Workshop on Information and System Security Proceedings (WISSEC09) (2009)

18.

Hubbers, E., Poll, E.: Transactions and Non-atomic api Calls in Java Card: Specification Ambiguity and Strange Implementation Behaviors. Radboud University Nijmegen, Nijmegen

19.

Iguchi-Cartigny, J., Lanet, J.-L.: Developing a Trojan applets in a smart card. J. Comput. Virol. 6(4), 343–351 (2010). doi:10.1007/s11416-009-0135-3 CrossRef

20.

Lancia, J., Bouffard, G.: Java Card virtual machine compromising from a byte code verified applet. In: Smart Card Research and Advanced Applications—14th International Conference, CARDIS 2015, Bochum (2015)

21.

Laugier, B., Razafindralambo, T.: Misuse of frame creation to exploit stack underflow attacks on Java Card. In: Smart Card Research and Advanced Applications—14th International Conference, CARDIS 2015, Bochum (2015)

22.

Mostowski, W.: Formal development of safe and secure java card applets, Tech. rep. (2005)

23.

Mostowski, W., Poll, E.: Malicious code on java card smartcards: attacks and countermeasures. In: Grimaud, G., Standaert, F.-X. (eds.) Smart Card Research and Advanced Applications, Lecture Notes in Computer Science, vol. 5189, p. 116. Springer, Berlin (2008). doi:10.1007/9783540858935_1

24.

Oracle, Java Card 3 Platform, Virtual Machine Specification, Classic Edition, no. Version 3.0.4, Oracle, Oracle America, Inc., Redwood City (2011)

25.

Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (act): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)CrossRef

26.

Schneier, B.: Attack trees. Dr. Dobb J. 24(12), 21–29 (1999)

27.

Sun Microsystems, Java Card Platform Security, Technical White Paper, October 2001

Titel: Chronicle of a Java Card death
verfasst von: Mozhdeh Farhadi
Jean-Louis Lanet
Publikationsdatum: 17.05.2016
Verlag: Springer Paris
Erschienen in: Journal of Computer Virology and Hacking Techniques / Ausgabe 2/2017
Elektronische ISSN: 2263-8733
DOI: https://doi.org/10.1007/s11416-016-0276-0

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2017

Erratum to: Evolution and characterization of point-of-sale RAM scraping malware

Identification of malicious android app using manifest and opcode features

Structural analysis of binary executable headers for malware detection optimization

Clustering for malware classification

Premium Partner