A Defensive Virtual Machine Layer to Counteract Fault Attacks on Java Cards

Abstract : The objective of Java Cards is to protect security-critical code and data against a hostile environment. Adversaries perform fault attacks on these cards to change the control and data flow of the Java Card Virtual Machine. These attacks confuse the Java type system, jump to forbidden code or remove run-time security checks. This work introduces a novel security layer for a defensive Java Card Virtual Machine to counteract fault attacks. The advantages of this layer from the security and design perspectives of the virtual machine are demonstrated. In a case study, we demonstrate three implementations of the abstraction layer running on a Java Card prototype. Two implementations use software checks that are optimized for either memory consumption or execution speed. The third implementation accelerates the run-time verification process by using the dedicated hardware protection units of the Java Card.
Type de document :
Communication dans un congrès
Lorenzo Cavallaro; Dieter Gollmann. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. Springer, Lecture Notes in Computer Science, LNCS-7886, pp.82-97, 2013, Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems. 〈10.1007/978-3-642-38530-8_6〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01485935
Contributeur : Hal Ifip <>
Soumis le : jeudi 9 mars 2017 - 15:16:18
Dernière modification le : jeudi 9 mars 2017 - 15:21:21
Document(s) archivé(s) le : samedi 10 juin 2017 - 14:38:43

Fichier

978-3-642-38530-8_6_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Michael Lackner, Reinhard Berlach, Wolfgang Raschke, Reinhold Weiss, Christian Steger. A Defensive Virtual Machine Layer to Counteract Fault Attacks on Java Cards. Lorenzo Cavallaro; Dieter Gollmann. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. Springer, Lecture Notes in Computer Science, LNCS-7886, pp.82-97, 2013, Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems. 〈10.1007/978-3-642-38530-8_6〉. 〈hal-01485935〉

Partager

Métriques

Consultations de la notice

20

Téléchargements de fichiers

19