Towards the hardware accelerated defensive virtual machine: type and bound protection

Authors:
Michael Lackner;Reinhard Berlach;Johannes Loinig;Reinhold Weiss;Christian Steger
Affiliations:
Institute for Technical Informatics, Graz University of Technology, Graz, Austria;Institute for Technical Informatics, Graz University of Technology, Graz, Austria;NXP Semiconductors Austria GmbH, Gratkorn, Austria;Institute for Technical Informatics, Graz University of Technology, Graz, Austria;Institute for Technical Informatics, Graz University of Technology, Graz, Austria
Venue:
CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
Year:
2012

Citing 10
Cited 1

A Formal Correspondence between Offensive and Defensive JavaCard Virtual Machines

VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
Java Bytecode Verification: An Overview

CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Malicious Code on Java Card Smartcards: Attacks and Countermeasures

CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Developing a Trojan applets in a smart card

Journal in Computer Virology
Java type confusion and fault attacks

FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
Combined attacks and countermeasures

CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
Attacks on java card 3.0 combining fault and logical attacks

CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
Combined software and hardware attacks on the java card control flow

CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Java card operand stack: fault attacks, combined attacks and countermeasures

CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
A side channel attack countermeasure using system-on-chip power profile scrambling

IOLTS '11 Proceedings of the 2011 IEEE 17th International On-Line Testing Symposium

Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation

Proceedings of the First Workshop on Cryptography and Security in Computing Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Currently, security checks on Java Card applets are performed by a static verification process before executing an applet. A verified and later unmodified applet is not able to break the Java Card sand-box model. Unfortunately, this static verification process is not a countermeasure against physical run-time attacks corrupting the control or data flow of an applet. In this piece of work, designs for Java Card Virtual Machines are investigated in relation to their ability to perform run-time security checks. These security checks are accelerated by hardware units and performed in parallel to CPU instructions that are executing concurrently. Attacks on the Java operand stack and local variables, which are elementary components for the Virtual Machine, are thwarted by type and bound protection. To enable these hardware checks, different designs of a defensive Java Card Virtual Machine are compared to their overheads on a prototype platform.