Software countermeasures for control flow integrity of smart card C codes

Abstract : Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. Among all possible attacks, control flow attacks aim at disrupting the normal execution flow. Identifying harmful control flow attacks as well as designing countermeasures at software level are tedious and tricky for developers. In this paper, we propose a methodology to detect harmful intra-procedural jump attacks at source code level and to automatically inject formally-proven countermeasures. The proposed software countermeasures defeat 100% of attacks that jump over at least two C source code statements or beyond. Experiments show that the resulting code is also hardened against unexpected function calls and jump attacks at assembly level.
Type de document :
Communication dans un congrès
Mirosław Kutyłowski; Jaideep Vaidya. ESORICS - 19th European Symposium on Research in Computer Security, Sep 2014, Wroclaw, Poland. Springer International Publishing, 8713, pp.200-218, 2014, Lecture Notes in Computer Science. 〈10.1007/978-3-319-11212-1_12〉
Liste complète des métadonnées

Littérature citée [28 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01059201
Contributeur : Jean-François Lalande <>
Soumis le : samedi 13 septembre 2014 - 07:00:05
Dernière modification le : mercredi 16 mai 2018 - 12:14:01
Document(s) archivé(s) le : dimanche 14 décembre 2014 - 10:21:41

Fichiers

Identifiants

Citation

Jean-François Lalande, Karine Heydemann, Pascal Berthomé. Software countermeasures for control flow integrity of smart card C codes. Mirosław Kutyłowski; Jaideep Vaidya. ESORICS - 19th European Symposium on Research in Computer Security, Sep 2014, Wroclaw, Poland. Springer International Publishing, 8713, pp.200-218, 2014, Lecture Notes in Computer Science. 〈10.1007/978-3-319-11212-1_12〉. 〈hal-01059201〉

Partager

Métriques

Consultations de la notice

1117

Téléchargements de fichiers

646