The Hell Forgery, Polymorphic Codes Shoot Again

Abdelhak Mesbah 1 Leo Regnaud 2 Jean-Louis Lanet 3 Mohamed Mezghiche 4
1 Université M'Hamed Bougara Boumerdes
2 UNILIM - Université de Limoges
3 TAMIS - Threat Analysis and Mitigation for Information Security
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
4 LIMOSE - Laboratoire d’Informatique de Modélisation d’Optimisation et de Systèmes Electroniques [Boumerdes]
Abstract : We present in this paper a new approach to gain access to assets of a smart card. It is based on the concept of reference forgery and array extension. We characterize the meta data of the system using different level of expertize from human know-hows to formal methods. We are able to generate arbitrary but well formed references which allow us to execute self modifying Java program inside the card. This hostile program is able to dump the complete Non Volatile Memory (NVM) memory segment. Then we develop a graphical representation of the objects belonging to the system for gaining abstraction of the binary dump.
Keywords : Polymorphic code Reference forgery Logical Attack Java Card
Type de document :
Communication dans un congrès
15th Smart Card Research and Advanced Application Conference , Nov 2016, Cannes, France. 〈https://2016.cardis.org/〉
Liste complète des métadonnées
https://hal.inria.fr/hal-01385202
Contributeur : Jean-Louis Lanet <>
Soumis le : vendredi 21 octobre 2016 - 08:16:20
Dernière modification le : mercredi 16 mai 2018 - 11:24:11

Identifiants

  • HAL Id : hal-01385202, version 1

Collections

INRIA | IRISA | CENTRALESUPELEC | UR1-UFR-ISTIC | UNILIM | UNIV-RENNES

Citation

Abdelhak Mesbah, Leo Regnaud, Jean-Louis Lanet, Mohamed Mezghiche. The Hell Forgery, Polymorphic Codes Shoot Again. 15th Smart Card Research and Advanced Application Conference , Nov 2016, Cannes, France. 〈https://2016.cardis.org/〉. 〈hal-01385202〉

Exporter

BibTeX TEI DC DCterms EndNote

Partager

Métriques

Consultations de la notice

355

Contact


archive-ouverte@inria.fr