A Redundancy-Based Attack Detection Technique for Java Card Bytecode

A Java Card Virtual Machine applet running on smart cards may be subject to tampering. We protect existing applets by encoding additional lists representing specific instructions which may be the targets of a variety of attacks. The lists are specifically encoded to be a viable solution in limited smart cards hardware. Our modified virtual machine before executing a fetched instruction checks the lists to verify that it has not been modified, blocking the execution if a modification is detected.

[1]  Domenico Cantone,et al.  Effective Memory Fault Injection Attacks: Formalization and Properties , 2014 .

[2]  Christophe Giraud,et al.  Dynamic Fault Injection Countermeasure , 2012 .

[3]  Emiliano Tramontana,et al.  Detecting Attacks on Java Cards by Fingerprinting Applets , 2013, 2013 Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[4]  Jean-Louis Lanet,et al.  Evaluation of Countermeasures Against Fault Attacks on Smart Cards , 2011 .

[5]  Erik Poll,et al.  Malicious Code on Java Card Smartcards: Attacks and Countermeasures , 2008, CARDIS.

[6]  Andrew W. Appel,et al.  Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..

[7]  Emiliano Tramontana,et al.  Automated Conformance Testing of Java Virtual Machines , 2013, 2013 Seventh International Conference on Complex, Intelligent, and Software Intensive Systems.

[8]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[9]  Jean-Louis Lanet,et al.  Automatic detection of fault attack and countermeasures , 2009, WESS '09.

[10]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[11]  Guillaume Barbu,et al.  Dynamic Fault Injection Countermeasure - A New Conception of Java Card Security , 2012, CARDIS.

[12]  Guillaume Barbu,et al.  Java Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures , 2011, CARDIS.

[13]  Hisashi Kobayashi,et al.  Image Data Compression by Predictive Coding II: Encoding Algorithms , 1974, IBM J. Res. Dev..

[14]  Wieland Fischer,et al.  Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures , 2002, CHES.

[15]  Andrea Fornaia,et al.  Assessing the Correctness of JVM Implementations , 2014, 2014 IEEE 23rd International WETICE Conference.