Reverse engineering java card applets using power analysis

Authors:
Dennis Vermoen;Marc Witteman;Georgi N. Gaydadjiev
Affiliations:
Computer Engineering, TU Delft, The Netherlands and Riscure BV, The Netherlands;Riscure BV, The Netherlands;Computer Engineering, TU Delft, The Netherlands
Venue:
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Year:
2007

Citing 4
Cited 5

Numerical Recipes in C++: the art of scientific computing

Numerical Recipes in C++: the art of scientific computing
Java Card Technology for Smart Cards: Architecture and Programmer's Guide

Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Examining Smart-Card Security under the Threat of Power Analysis Attacks

IEEE Transactions on Computers
Krakatoa: decompilation in java (dose bytecode reveal source?)

COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3

Defeating any secret cryptography with SCARE attacks

LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Shape analysis for power signal cryptanalysis on secure components

Journal of Systems and Software
Combined attacks and countermeasures

CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
Attacks on java card 3.0 combining fault and logical attacks

CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
Synchronized attacks on multithreaded systems - application to java card 3.0 -

CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Power analysis on smart cards is widely used to obtain information about implemented cryptographic algorithms. We propose similar methodology for Java Card applets reverse engineering. Because power analysis alone does not provide enough information, we refine our methodology by involving additional information sources. Issues like distinguishing between bytecodes performing similar tasks and reverse engineering of conditional branches and nested loops are also addressed. The proposed methodology is applied to a commercially available Java Card smart card and the results are reported. We conclude that our augmented power analysis can be successfully used to acquire information about the bytecodes executed on a Java Card smart card.