Mitigating Type Confusion on Java Card

Dubreuil, Jean; Bouffard, Guillaume; Thampi, Bhagyalekshmy N.; Lanet, Jean‐Louis

doi:10.4018/jsse.2013040102

Cited by 6 publications

(6 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, JVM countermeasures should be transparent to an applet and its programmer. Furthermore, no off-card applet pre-processing should be needed to enable the countermeasure because industrial applet providers do not want to change their applets in any way; for example, they are not willing to add additional data into an applet as proposed in [13,7,19,18]. Additional data in an applet increase the risk of interoperability issues between different applets and Java Cards.…”

Section: Countermeasure Designmentioning

confidence: 98%

“…This bytecode encryption counteracts the security threat of jumping out of the actual method code and executing undefined data. Another countermeasure proposed in [7,11] counteracts the threat of type confusion between the two main data types integralData and reference. All elements of one main data type are pushed and popped onto their specific OS.…”

Section: Related Workmentioning

confidence: 98%

“…The countermeasure needs no off-card pre-processing of a Java applet, as required by other countermeasures [18,5,19,17,7,11,13]. Furthermore, the countermeasure consumes no additional run-time memory for storing the Java type information during run-time as in [11].…”

Section: Industrial Usabilitymentioning

confidence: 99%

See 2 more Smart Citations

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

Lackner

Berlach

Weiß

et al. 2014

Proceedings of the First Workshop on Cryptography and Security in Computing Systems

View full text Add to dashboard Cite

Java enabled smart cards protect security-related code and data by a sandbox concept. Unfortunately, this sandbox can be bypassed by fault attacks. Therefore, there is a substantial need for transparent, effective, and low-overhead countermeasures. This work demonstrates a new countermeasure against type confusion and buffer overflow attacks. This new countermeasure is based on obfuscating the security critical calculation parts of a virtual machine by secret keys. This countermeasure was integrated into a Java Card virtual machine running on a smart card prototype. New hardware features were added to this prototype to accelerate the obfuscating operation. The execution time overhead of the new countermeasure is demonstrated by performing run-time measurements on the prototype.

show abstract

Section: Countermeasure Designmentioning

confidence: 98%

Section: Related Workmentioning

confidence: 98%

See 1 more Smart Citation

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

Lackner

Berlach

Weiß

et al. 2014

Proceedings of the First Workshop on Cryptography and Security in Computing Systems

View full text Add to dashboard Cite

show abstract

“…During the access of an element, the JCRE checks the associated bit value to avoid a type confusion attack from the Java Card stack. Dubreuil et al, as described in Dubreuil et al (2013), designed a lightweight typed stack. As the Java Card frame is statically defined, it can be split into two parts.…”

Section: Type Confusion On a Typed Stackmentioning

confidence: 99%

The ultimate control flow transfer in a Java based smart card

Bouffard

Lanet

2015

Computers & Security

Self Cite

View full text Add to dashboard Cite

International audienceRecently, researchers published several attacks on smart cards. Among these, software attacks are the most affordable, they do not require specific hardware (laser, EM probe, etc.). Such attacks succeed to modify a sensitive system element which offers access to the smart card assets. To prevent that, smart card manufacturers embed dedicated countermeasures that aim to protect the sensitive system elements. We present a generic approach based on a Control Flow Transfer (CFT) attack to modify the Java Card program counter. This attack is built on a type confusion using the couple of instructions jsr/ret. Evaluated on different Java Cards, this new attack is a generic CFT exploitation that succeeds on each attacked cards. We present several countermeasures proposed by the literature or implemented by smart card designers and for all of them we explain how to bypass them. Then, we propose to use Attack Countermeasure Tree to develop an effective and affordable countermeasure for this attack

show abstract

“…A checksum can be used to verify the manipulated value for each operation. Another low cost countermeasure approach, to protect stack element against FI attack was explained by Dubreuil et al (2013). Their countermeasure implements the principle of a dual stack where each value is pushed from the bottom and growing up into the stack element.…”

Section: System Based or Dynamic Countermeasure Approachmentioning

confidence: 99%

Security automaton to mitigate laser-based fault attacks on smart cards

Bouffard

Thampi

Lanet

2014

IJTMCC

Self Cite

View full text Add to dashboard Cite

Security and attacks are two sides of the same coin in the smart card industry. Smart cards are prone to different types of attacks to gain access to the assets stored in it and that can cause security issues. It is necessary to identify and exploit these attacks and implement appropriate countermeasures to mitigate their effects. Fault attacks are one among them. They can introduce abnormal behaviour on the smart card environment. The redundancy is necessary to detect this change in their environment. In this work we propose an automatic method to obtain control flow redundancy using a security automaton to mitigate laser based fault attacks and hence implement a smart card countermeasure based on the combination of static analysis and dynamic monitoring method. This is a very cost effective approach which can identify and mitigate the effects of fault attacks in an efficient way.

show abstract

Mitigating Type Confusion on Java Card

Cited by 6 publications

References 17 publications

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

The ultimate control flow transfer in a Java based smart card

Security automaton to mitigate laser-based fault attacks on smart cards

Contact Info

Product

Resources

About