In our work, we study the possibility to apply reverse engineering upon a Java Card applet in which the virtual machine is obfuscated by using SCA techniques. EMA of smart cards is a powerful technique that allows extracting information about the executed bytecode as well as about the processed data. In addition of Power Analysis, other techniques of SCA exist, such as Electromagnetic Analysis (EMA). Recently, SCA is used to reverse engineer the applet bytecodes on Java based smart cards. Side-channel Analysis (SCA) has become a reliable method for cryptanalysts to break cryptographic algorithms. We then suggest a new combined attack that allows performing several type confusions with one fault model.
#Table indirection code#
In spite of that, it is well-known that fault injection can be used to turn harmless code sequence into malicious code. Nevertheless the attack relies on ill-formed application that does not undergo the Bytecode Verifier. This article presents a new attack which does not rely on the Java stack implementation model and that exploits specific countermeasure omission during frame allocation. However, Java stacks are implementation dependent and their structures are not always in the above configuration. The current attacks are restricted to the main assumption that the frame system data is located between the operand stack and the local variable area. Indeed, their exploitations rely on changing system data (return address, execution of context, etc.). Stack underflow attacks against Java Card platform attempt to access undefined local variables or operands to corrupt data that are not supposed to be accessible. These new attacks occur even in the presence of countermeasures such as Separate Stack for kernel and user data, indirect mapping for objects addressing and firewall mechanisms.
#Table indirection plus#
We also propose a pattern that the targeted platform uses to store data and code of applets on the card plus the ability to read and write in the data and code area of the applets in different security contexts. The other method is a new approach to get access to the return address of the methods in Java Cards with Separate Stack countermeasure. One of the new methods we present in this paper is based on the misuse of the Java Card API to build a type confusion and get access to the objects (including cryptographic keys) of a Java Card applet.
Our investigation on the targeted Java Card Platform lead us to introduce two generic methods to gain access to the assets of Java Card Platforms. As we did not have any information about the internal structure of the targeted platform, we had to execute various attacks and analyze the results. In this paper, we attempt to gain access to assets of a recent Java Card Platform by combining various logical attacks. Manufacturers have improved their countermeasures to protect card assets from these attacks. These attacks use software, hardware or a combination of both. Various attacks are designed to gain access to the assets of Java Card Platforms. In the end, we propose a few directions for defense and call for the attention of the security community. We found the RSA private key used by a victim process can be partially recovered. Based on this idea, we implement Volcano and test it against the existing RSA implementations of JDK. With the variant delays, the attacker can deduce the memory access pattern of a victim program, and infer its sensitive data. An attacker can generate interconnect traffic to contend with the victim's on a mesh link, hoping that extra delay will be measured. Nonetheless, the mesh links are shared by all cores, and cache isolation does not segregate the traffic. Specifically, to complete cache transactions, for Intel CPUs, cache lines would travel across cores via the CPU mesh interconnect. This side-channel exploits the timing difference resulted from interconnect congestion. In this work, we advance the state of cache side-channel attacks by showing stateless cache side-channel attacks that cannot be defeated by both spatial and temporal isolation. The existing attacks rely on sensing the micro-architectural state changes made by victims, and this assumption can be invalidated by combining spatial (\eg, Intel CAT) and temporal isolation (\eg, time protection). Cache side-channel attacks lead to severe security threats to the settings that a CPU is shared across users, e.g., in the cloud.
0 kommentar(er)
