Abstract
Logical attacks on smart cards have been used for many years, but their attack potential is hindered by the processes used by issuers to verify the validity of code, in particular bytecode verification. More recently, the idea has emerged to combine logical attacks with a physical attack, in order to evade bytecode verification. We present practical work done recently on this topic, as well as some countermeasures that can be put in place against such attacks, and how they can be evaluated by security laboratories.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Barbu, G.: Fault attacks on a java card 3.0 virtual machine
Barthe, G., Beringer, L., Crégut, P., Grégoire, B., Hofmann, M., Müller, P., Poll, E., Puebla, G., Stark, I., Vétillard, E.: Mobius: Mobility, ubiquity, security. In: Montanari, U., Sannella, D., Bruni, R. (eds.) TGC 2006. LNCS, vol. 4661, pp. 10–29. Springer, Heidelberg (2007)
Chaumette, S., Hatchondo, I., Sauveron, D.: Jcat: An environment for attack and test on java card&trade. In: Proceedings of CCCT 2003 and 9th ISAS 2003, vol. 1, pp. 270–275 (2003)
Dragoni, N., Massacci, F., Schaefer, C., Walter, T., Vétillard, E.: A security-by-contracts architecture for pervasive services. In: Proceedings of 3rd Int’l Workshop on Security, Privacy and Trust in Ubiquitous Computing (SecPerU 2007). IEEE Press, Los Alamitos (2007)
ITSEC Joint Interpretation Library (JIL). Version 2.7. Application of Attack Potential to Smartcards (February 2009)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Lanet, J.-L., Iguchi-Cartigny, J.: Developing a trojan applet in a smart card. Journal in Computer Virology 6(1) (2009)
Leroy, X.: Bytecode verification for java smart card. Software Practice & Experience 32, 319–340 (2002)
Mostowski, W., Poll, E.: Malicious code on java card smartcards: Attacks and countermeasures. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 1–16. Springer, Heidelberg (2008)
Vermoen, D., Witteman, M.F., Gaydadjiev, G.: Reverse engineering java card applets using power analysis. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 138–149. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vetillard, E., Ferrari, A. (2010). Combined Attacks and Countermeasures. In: Gollmann, D., Lanet, JL., Iguchi-Cartigny, J. (eds) Smart Card Research and Advanced Application. CARDIS 2010. Lecture Notes in Computer Science, vol 6035. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12510-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-12510-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12509-6
Online ISBN: 978-3-642-12510-2
eBook Packages: Computer ScienceComputer Science (R0)