An overview of the vulnerabilities of Java Card enabled Smart Cards against fault attacks

This thesis gives a wide overview of the problems of the Java Card technology regarding fault attacks. It uses fault attacks on RSA as an example, and shows how RSA can be broken in various ways. It then gives an overview of the different defense strategies against fault attacks, and how these are applicable against the various means of fault injection.

[1]  Dennis G. Abraham,et al.  Transaction Security System , 1991, IBM Syst. J..

[2]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[3]  David A. Wagner,et al.  Cryptanalysis of a provably secure CRT-RSA algorithm , 2004, CCS '04.

[4]  Jean-Pierre Seifert,et al.  A new CRT-RSA algorithm secure against bellcore attacks , 2003, CCS '03.

[5]  Ksheerabdhi Krishna,et al.  Secure object sharing in java card , 1999 .

[6]  Xavier Leroy,et al.  Bytecode verification on Java smart cards , 2002 .

[7]  Arjen K. Lenstra Memo on RSA signature generation in the presence of faults , 1996 .

[8]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[9]  Alexander May,et al.  Cryptanalysis of Unbalanced RSA with Small CRT-Exponent , 2002, CRYPTO.

[10]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Journal of Cryptology.

[11]  Seungjoo Kim,et al.  RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis , 2003, IEEE Trans. Computers.

[12]  Andrew W. Appel,et al.  Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..

[13]  Michael Montgomery,et al.  Java Card Secure Object Sharing , 1999, Smartcard.

[14]  Marc Joye,et al.  Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis , 2000, IEEE Trans. Computers.

[15]  Robert H. Deng,et al.  Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults , 1997, Security Protocols Workshop.

[16]  Uwe Hansmann,et al.  Smart Card Application Development Using Java , 2000, Springer Berlin Heidelberg.

[17]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[18]  Zhiqun Chen,et al.  Java CardTM Technology for Smart Cards , 2007 .

[19]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.