论文信息 - Evaluation of Countermeasures Against Fault Attacks on Smart Cards

Evaluation of Countermeasures Against Fault Attacks on Smart Cards

Java Card are devices subject to either hardware and software attacks. Thus several countermeasures need to be embedded to avoid the effects of these attacks. Recently, the idea to combine logical attacks with a physical attack to bypass bytecode verification has emerged. For instance, correct and legitimate Java Card applications can be dynamically modified on-card using laser beam. Such applications become mutant applications, with a different behavior. This internal change could lead to bypass control and protection and thus should offer illegal access to secret data and operation inside the chip. In this paper, we propose a set of countermeasures that can be activated by the developer using the annotation mechanism. These countermeasures are efficient but also affordable for the smart card domain, as shown by the evaluation of the coverage and memory usage.

[1] Wieland Fischer,et al. Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures , 2002, CHES.

[2] Jean-Louis Lanet,et al. Developing a Trojan applets in a smart card , 2010, Journal in Computer Virology.

[3] Ludger Hemme,et al. A Differential Fault Attack Against Early Rounds of (Triple-)DES , 2004, CHES.

[4] Ulrik Pagh Schultz,et al. Java bytecode compression for low-end embedded systems , 2000, TOPL.

[5] Guillaume Barbu,et al. Attacks on Java Card 3.0 Combining Fault and Logical Attacks , 2010, CARDIS.

[6] Eric Vétillard,et al. Combined Attacks and Countermeasures , 2010, CARDIS.

[7] Jean-Louis Lanet,et al. Automatic detection of fault attack and countermeasures , 2009, WESS '09.

[8] David A. Wagner,et al. Cryptanalysis of a provably secure CRT-RSA algorithm , 2004, CCS '04.

[9] Jean-Pierre Seifert,et al. A new CRT-RSA algorithm secure against bellcore attacks , 2003, CCS '03.

[10] Jean-Jacques Quisquater,et al. A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.