Pascal Berthomé scite author profile

Pascal Berthomé

3Publications

85Citation Statements Received

53Citation Statements Given

How they've been cited

How they cite others

Affiliations

Institut National des Sciences Appliquées Centre Val de Loire, University of Paris-Sud, Centre Val de Loire

Publications

Order By: Most citations

High Level Model of Control Flow Attacks for Smart Card Functional Security

Berthomé

Heydemann²,

Kauffmann-Tourkestansky³

et al. 2012

View full text Add to dashboard Cite

Smart card software has to implement software countermeasures to face attacks. Some of these attacks are physical disruptions of chip components that cause a misbehavior in the code execution. A successful functional attack may reveal a secret or grant an undesired authorization. In this paper, we propose to model fault attacks at source level and then simulate these attacks to find out which ones are harmful. After discussing the effects of physical attacks at assembly level and going back to their consequences at source code level, the paper focuses on control flow attacks. Such attacks are good candidates for the proposed model that can be used to exhaustively test the robustness of the attacked program. On the bzip2 software, the paper's results show that up to 21% of the assembly simulated control flow attacks are covered by the C model with 30 times less test cases.

show abstract

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Lalande

Heydemann

Berthomé

2014

View full text Add to dashboard Cite

Abstract. Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. Among all possible attacks, control flow attacks aim at disrupting the normal execution flow. Identifying harmful control flow attacks as well as designing countermeasures at software level are tedious and tricky for developers. In this paper, we propose a methodology to detect harmful intra-procedural jump attacks at source code level and to automatically inject formally-proven countermeasures. The proposed software countermeasures defeat 100% of attacks that jump over at least two C source code statements or beyond. Experiments show that the resulting code is also hardened against unexpected function calls and jump attacks at assembly level.Keywords: control flow integrity, fault attacks, smart card, source level IntroductionSmart cards or more generally secure elements are essential building blocks for many security-critical applications. They are used for securing host applications and sensitive data such as cryptographic keys, biometric data, pin counters, etc. Malicious users aim to get access to these secrets by performing attacks on the secure elements. Fault attacks consists in disrupting the circuit's behavior by using a laser beam or applying voltage, clock or electromagnetic glitches [5,6,24]. Their goal is to alter the correct progress of the algorithm and, by analyzing the deviation of the corrupted behavior with respect to the original one, to retrieve the secret information [14]. For java card, fault attacks target particular components of the virtual machine [3,4,9].Many protections have therefore been proposed to counteract attacks. Fault detection is generally based on spatial, temporal or information redundancy at hardware or software level. In java card enabled smart cards, software components of the virtual machine can perform security checks [18,20,10].In practice, developers of security-critical applications often manually add countermeasures into an application code. This operation requires knowledge about the target code vulnerabilities. Both these tasks are time-consuming with direct impact on the certification of the product. One harmful consequence of fault attacks is control flow disruption which may bypass some implemented countermeasures. It is difficult for programmers to investigate all possible control flow disruption in order to detect sensitive parts of the code and then investigate how to add countermeasures inside these sensitive parts. Moreover, secure smart cards have strong security requirements that have to be certified by an independent qualified entity before being placed on the market. Certification can rely on a review of source code and the implemented software countermeasures. The effectiveness of software security countermeasures is then guaranteed by the use of a certified compiler [21]. Injecting control flow integrity checks at compile time would require to certify the modified compiler. To avoid this diff...

show abstract

Optimal information dissemination in Star and Pancake networks

Berthomé

Ferreira

Pérennès

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.