Embedded Eavesdropping on Java Card

In this article we present the first Combined Attack on a Java Card targeting the APDU buffer itself, thus threatening both the security of the platform and of the hosted applications as well as the privacy of the cardholder. We show that such an attack, which combines malicious application and fault injection, is achievable in practice on the latest release of the Java Card specifications by presenting several case studies taking advantage for instance of the well-known GlobalPlatform and (U)SIM Application ToolKit.

[1]  Guillaume Barbu,et al.  Application-Replay Attack on Java Cards: When the Garbage Collector Gets Confused , 2012, ESSoS.

[2]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[3]  Guillaume Barbu,et al.  Synchronized Attacks on Multithreaded Systems - Application to Java Card 3.0 - , 2011, CARDIS.

[4]  Jean-Louis Lanet,et al.  Developing a Trojan applets in a smart card , 2010, Journal in Computer Virology.

[5]  Guillaume Barbu,et al.  Java Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures , 2011, CARDIS.

[6]  P. Kocher,et al.  Di erential Power Analysis , 1999 .

[7]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[8]  Jean-Louis Lanet,et al.  Automatic detection of fault attack and countermeasures , 2009, WESS '09.

[9]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[10]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[11]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[12]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[13]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[14]  Jean-Louis Lanet,et al.  Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings , 2010, CARDIS.

[15]  D. B. Davis,et al.  Sun Microsystems Inc. , 1993 .

[16]  Frank Yellin,et al.  The Java Virtual Machine Specification , 1996 .

[17]  Erik Poll,et al.  Malicious Code on Java Card Smartcards: Attacks and Countermeasures , 2008, CARDIS.

[18]  Wojciech Mostowski,et al.  Full Memory Attack on a Java Card , 2009 .

[19]  Christophe Giraud,et al.  A Survey on Fault Attacks , 2004, CARDIS.

[20]  Eric Vétillard,et al.  Combined Attacks and Countermeasures , 2010, CARDIS.

[21]  Guillaume Barbu,et al.  Attacks on Java Card 3.0 Combining Fault and Logical Attacks , 2010, CARDIS.