Vulnerability Analysis on Smart Cards Using Fault Tree

  title={Vulnerability Analysis on Smart Cards Using Fault Tree},
  author={Guillaume Bouffard and Bhagyalekshmy N. Thampi and Jean-Louis Lanet},
In smart card domain, attacks and countermeasures are advancing at a fast rate. In order to have a generic view of all the attacks, we propose to use a Fault Tree Analysis. This method used in safety analysis helps to understand and implement all the desirable and undesirable events existing in this domain. We apply this method to Java Card vulnerability analysis. We define the properties that must be ensured: integrity and confidentiality of smart card data and code. By modeling the conditions… 

A Generic Approach for Protecting Java Card™ Smart Card Against Software Attacks

By modelling the conditions, this thesis discovered new attack paths to get access to the smart card contents and introduced new countermeasures to mitigate the undesirable events defined in the tree models.

A Fault Attack Emulation Environment to Evaluate Java Card Virtual-Machine Security

The environment enables the recreation of currently known attacks and allows the effects of fault attacks on the virtual-machine behavior to be studied, and the concept was successfully evaluated by a Java wallet case study.

Worst-case resource-usage analysis of Java Card classic editions application bytecode

A static analysis for Java Card applets at the bytecode level which conservatively approximates properties of interest affecting memory usage, input-output/APDU usage and transaction usage and the Implicit Path Enumeration Technique is used to generate and solve Integer Linear Programming problems representing the worst-case memory-usage and worstcase execution-time.



A Dynamic Syntax Interpretation for Java Based Smart Card to Mitigate Logical Attacks

A powerful attack based on the vulnerability of the linker which could change the correct byte code into malicious one is discussed and a countermeasure which scrambles the instructions of the method byte code with the Java Card Program Counter is proposed.

Type Classification against Fault Enabled Mutant in Java Based Smart Card

This paper proposes a new protection mechanism which makes application to be less prone to mutant generation, which requires a transformation of the original program byte codes which remains semantically equivalent.

Combined Attacks and Countermeasures

Practical work done recently on logical attacks with a physical attack in order to evade bytecode verification is presented, as well as some countermeasures that can be put in place against such attacks, and how they can be evaluated by security laboratories.

Automatic Integration of Counter-Measures Against Fault Injection Attacks

This paper describes a technology aiming at enforcing semiautomatically counter-measures against fault injection attacks of smart cards. This technology addresses in a generic way the whole software

Developing a Trojan applets in a smart card

This paper presents a method to inject a mutable Java Card applet into a smart card. This code can on demand parse the memory in order to search for a given pattern and eliminate it. One of these key

Combined Software and Hardware Attacks on the Java Card Control Flow

Two attacks to modify the Java Card control flow and to execute the authors' own malicious byte code are described with the help of a laser beam.

On the security of Java Card platforms against hardware attacks. (De la sécurité des plateformes Java Card face aux attaques matérielles)

  • G. Barbu
  • Computer Science, Mathematics
  • 2012
This thesis proves that the type-safety property, the control-flow integrity and the application isolation can be tampered with by the combination of adequate fault injections and malicious applications and presents different approaches allowing to improve the resistance of Java Cards and Java Card applications against combined attacks.

Control-flow integrity principles, implementations, and applications

Control-flow integrity provides a useful foundation for enforcing further security policies, as it is demonstrated with efficient software implementations of a protected shadow call stack and of access control for memory regions.

The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems

The authors identify eleven possible attacker goals and identify security vulnerabilities inherent in both the specification and in typical deployments of SCADA systems to suggest possible best practices for SCADA operators and improvement to the MODBUS standard.

Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings

Improve Multi-bit Spectral Analysis on Hiding in Temporal Dimension and Secure Delegation of Elliptic-Curve Pairing are enhanced.