Service interruption on Monday 11 July from 12:30 to 13:00: all the sites of the CCSD (HAL, EpiSciences, SciencesConf, AureHAL) will be inaccessible (network hardware connection).
Abstract : Attacks based on type confusion against Java Card platforms have been widely studied in the literature over the past few years. Until now, no generic countermeasure has ever been proposed to cover simultaneously and efficiently direct and indirect type confusions. In this article we bridge this gap by introducing two different schemes which cover both type confusions. First, we show that an adequate random transformation of all the manipulated data on the platform according to their type can bring a very good resistance against type confusion exploits. Secondly, we describe how a so-called Java Card Virtual Machine Abstract Companion can allow one to detect all type confusions between integers and Objects all across the platform. While the second solution stands as a strong but resource-demanding mechanism, we show that the first one is a particularly efficient memory/security trade-off solution to secure the whole platform.
https://hal.inria.fr/hal-01400920 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Tuesday, November 22, 2016 - 4:19:42 PM Last modification on : Wednesday, November 23, 2016 - 8:47:43 AM Long-term archiving on: : Tuesday, March 21, 2017 - 12:38:54 AM
Guillaume Barbu, Christophe Giraud. New Countermeasures against Fault and Software Type Confusion Attacks on Java Cards. 8th IFIP International Workshop on Information Security Theory and Practice (WISTP), Jun 2014, Heraklion, Crete, Greece. pp.57-75, ⟨10.1007/978-3-662-43826-8_5⟩. ⟨hal-01400920⟩