combined software and hardware attacks on the java card
play

Combined Software and Hardware Attacks on the Java Card Control Flow - PowerPoint PPT Presentation

Jul 13, 2023 •26 likes •476 views

Introduction EMAN 2 EMAN 4 Conclusion Combined Software and Hardware Attacks on the Java Card Control Flow Guillaume Bouffard Julien Iguchi-Cartigny Jean-Louis Lanet Smart Secure Devices (SSD) Team Xlim Universit e de Limoges

  1. Introduction EMAN 2 EMAN 4 Conclusion Combined Software and Hardware Attacks on the Java Card Control Flow Guillaume Bouffard Julien Iguchi-Cartigny Jean-Louis Lanet Smart Secure Devices (SSD) Team – Xlim – Universit´ e de Limoges guillaume.bouffard @xlim.fr http://secinfo.msi.unilim.fr CARDIS 2011 i nsti tut de recherche Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 1 / 24

  2. Introduction EMAN 2 EMAN 4 Conclusion Outline Introduction 1 EMAN 2: A Stack Underflow in the Java Card 2 EMAN 4: Modifying the Execution Flow with a Laser Beam 3 Conclusion 4 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 2 / 24

  3. Introduction EMAN 2 EMAN 4 Conclusion Introduction 1 Java Card Security Model Everything must begin A quick overview about EMAN 1 EMAN 2: A Stack Underflow in the Java Card 2 EMAN 4: Modifying the Execution Flow with a Laser Beam 3 Conclusion 4 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 3 / 24

  4. Introduction EMAN 2 EMAN 4 Conclusion Java Card Security Model Java Card Security Model Off-card Security Java Class Files Java Card Files Byte Code Verifier Byte Code Converter Byte Code Signer On-card Security Byte Code Verifier Installed applet Java Card Files Firewall Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 4 / 24

  5. Introduction EMAN 2 EMAN 4 Conclusion Everything must begin Why? Our motivations Understand the implemented Java Card security mechanisms Improve these implementations Design the associated counter-measures Tools developed by the team OPAL to communicate with the smart cards The CapFileManipulator in order to modify CAP Files Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 5 / 24

  6. Introduction EMAN 2 EMAN 4 Conclusion A quick overview about EMAN 1 EMAN1? Design by ´ Emilie Faugeron and Anthony Dessiatnikoff, former Cryptis Master degree students (2008–2009) Hypothesis Smart card loading keys are known The card has not Byte Code Verifier (BCV) The firewall does not check the call of putstatic , getstatic and invokestatic Yes, we can! Generate mutant code Dump the EEPROM & RAM memories Modify other installed applets ;) Published at SSTIC 2008 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 6 / 24

  7. Introduction EMAN 2 EMAN 4 Conclusion Introduction 1 EMAN 2: A Stack Underflow in the Java Card 2 The Aim of this attack Obtain address array The Java Card Stack Let’s modify the stack Counter-measures EMAN 4: Modifying the Execution Flow with a Laser Beam 3 Conclusion 4 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 7 / 24

  8. Introduction EMAN 2 EMAN 4 Conclusion The Aim of this attack The Attack idea I Attack idea Locate the return address of the current function Modify this address . . . . . . to execute our malicious byte code Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 8 / 24

  9. Introduction EMAN 2 EMAN 4 Conclusion The Aim of this attack The Attack idea II Hypothesis There is no BCV The loading keys are known Requirements list 1 Find the array address (EMAN 1) 2 Discover where is located the return address in the stack 3 Change this value in the stack Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 9 / 24

  10. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) { foo=( byte ) 0xAA ; short tab [0]=( byte ) 0xFF ; foo ; } return getMyAddressTabByte ( byte [ ] tab ) { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA TOS 31 s s t o r e 2 19 alo ad 1 03 sconst 0 L2: foo 02 sconst m1 39 s a s t o r e 1E s l oa d 2 @tab L1 78 s r e t u r n } ⇒ Return value: ?? this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  11. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) ⇐ { foo=( byte ) 0xAA ; short tab [0]=( byte ) 0xFF ; foo ; } return getMyAddressTabByte ( byte [ ] tab ) TOS { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA AA ⇐ 31 s s t o r e 2 19 alo ad 1 03 sconst 0 L2: foo 02 sconst m1 39 s a s t o r e 1E s l oa d 2 @tab L1 78 s r e t u r n } ⇒ Return value: ?? this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  12. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) { foo=( byte ) 0xAA ; short ⇐ tab [0]=( byte ) 0xFF ; foo ; } return getMyAddressTabByte ( byte [ ] tab ) { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA TOS 31 s s t o r e 2 ⇐ 19 alo ad 1 03 sconst 0 AA L2: foo 02 sconst m1 39 s a s t o r e 1E s l oa d 2 @tab L1 78 s r e t u r n } ⇒ Return value: ?? this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  13. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) TOS { foo=( byte ) 0xAA ; short ⇐ tab [0]=( byte ) 0xFF ; foo ; } FF return getMyAddressTabByte ( byte [ ] tab ) 00 { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA @tab 31 s s t o r e 2 19 alo ad 1 03 sconst 0 AA L2: foo 02 sconst m1 ⇐ 39 s a s t o r e 1E s l oa d 2 @tab L1 78 s r e t u r n } ⇒ Return value: ?? this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  14. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) { foo=( byte ) 0xAA ; short tab [0]=( byte ) 0xFF ; } ⇐ foo ; return getMyAddressTabByte ( byte [ ] tab ) TOS { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA AA 31 s s t o r e 2 19 alo ad 1 03 sconst 0 AA L2: foo 02 sconst m1 39 s a s t o r e 1E s l oa d 2 @tab } ⇐ L1 78 s r e t u r n ⇒ Return value: AA this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  15. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) { foo=( byte ) 0xAA ; short tab [0]=( byte ) 0xFF ; foo ; } return getMyAddressTabByte ( byte [ ] tab ) { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA TOS 31 s s t o r e 2 19 alo ad 1 00 nop L2: foo 00 nop 00 nop 00 nop @tab L1 78 s r e t u r n } ⇒ Return value: ?? this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  16. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) ⇐ { foo=( byte ) 0xAA ; short tab [0]=( byte ) 0xFF ; foo ; } return getMyAddressTabByte ( byte [ ] tab ) TOS { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA AA ⇐ 31 s s t o r e 2 19 alo ad 1 00 nop L2: foo 00 nop 00 nop 00 nop @tab L1 78 s r e t u r n } ⇒ Return value: ?? this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  17. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) { foo=( byte ) 0xAA ; short ⇐ tab [0]=( byte ) 0xFF ; foo ; } return getMyAddressTabByte ( byte [ ] tab ) TOS { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA @tab 31 s s t o r e 2 ⇐ 19 alo ad 1 00 nop AA L2: foo 00 nop 00 nop 00 nop @tab L1 78 s r e t u r n } ⇒ Return value: ?? this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  18. Introduction EMAN 2 EMAN 4 Conclusion Obtain address array Find the array address ... p u b l i c short getMyAddressTabByte ( byte [ ] tab ) { foo=( byte ) 0xAA ; short tab [0]=( byte ) 0xFF ; } ⇐ foo ; return getMyAddressTabByte ( byte [ ] tab ) TOS { 03 // f l a g s : 0 max stack : 3 21 // nargs : 2 m a x l o c a l s : 1 10 AA bspush 0xAA @tab 31 s s t o r e 2 19 alo ad 1 00 nop AA L2: foo 00 nop 00 nop 00 nop @tab } ⇐ L1 78 s r e t u r n ⇒ Return value: @tab this L0 Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 10 / 24

  19. Introduction EMAN 2 EMAN 4 Conclusion The Java Card Stack Characterize the Stack ... Operand Stack Local variables Guillaume Bouffard (SSD – Xlim) Combined Attacks on the Java Card Control Flow CARDIS 2011 11 / 24

Recommend

Smart Card Attacks: Enter the Matrix Tiana Razafindralambo Guillaume Bouffard Julien

Smart Card Attacks: Enter the Matrix Tiana Razafindralambo Guillaume Bouffard Julien

Introduction Logical attacks Combined attacks Conclusion Smart Card Attacks: Enter the Matrix Tiana Razafindralambo Guillaume Bouffard Julien Iguchi-Cartigny Jean-Louis Lanet Smart Secure Devices (SSD) Team Xlim Labs Universit e

902 views • 53 slides
s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space:

s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space:

s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space: time vs distance Remote key brute software protocol force relay attack side Fast Slow mitm channel Hardware attacks require: Hardware

360 views • 24 slides
Java Card Applet Firewall Java Card Applet Firewall Exploration and Exploitation Exploration and

Java Card Applet Firewall Java Card Applet Firewall Exploration and Exploitation Exploration and

Java Card Applet Firewall Java Card Applet Firewall Exploration and Exploitation Exploration and Exploitation Wojciech Mostowski and Erik Poll Digital Security Radboud University Nijmegen The Netherlands http://www.cs.ru.nl/~{woj,erikpoll}/

818 views • 42 slides
Combined Attacks from Boomerangs to Sandwiches and Differential-Linear Orr Dunkelman

Combined Attacks from Boomerangs to Sandwiches and Differential-Linear Orr Dunkelman

Introduction Boomerang Diff-Lin Summary Combined Attacks from Boomerangs to Sandwiches and Differential-Linear Orr Dunkelman Department of Computer Science, University of Haifa June 5th, 2014 Orr Dunkelman Combined Attacks 1/ 36

656 views • 36 slides
Smart Card to Mitigate Logical Attacks Tiana Razafindralambo, Guillaume Bouffard, Bhagyalekshmy N

Smart Card to Mitigate Logical Attacks Tiana Razafindralambo, Guillaume Bouffard, Bhagyalekshmy N

A Dynamic Syntax Interpretation for Java based Smart Card to Mitigate Logical Attacks Tiana Razafindralambo, Guillaume Bouffard, Bhagyalekshmy N Thampi , and Jean-Louis Lanet Smart Secure Devices (SSD) Team, XLIM/ Universit de Limoges, France

466 views • 17 slides
Smart( Java )Card ... What & Why What - smart card Tiny PC without Human Interface

Smart( Java )Card ... What & Why What - smart card Tiny PC without Human Interface

Smart( Java )Card ... What & Why What - smart card Tiny PC without Human Interface capabilities CPU : 16b/32b RISC @ handful of MhZ Math co-processor: RSA/DES/AES/ECC RAM : X KB HDD : XX..XXX KB (EEPROM) NET :

568 views • 36 slides
software and hardware for the Internet of Things. Choose hardware Design hardware Design

software and hardware for the Internet of Things. Choose hardware Design hardware Design

Zeidman Technologies has created a fundamentally new way to develop embedded software and hardware for the Internet of Things. Choose hardware Design hardware Design software Initial hardware choices determine Integrate functionality and

185 views • 15 slides
Attacking AUTOSAR using Software and Hardware Attacks Pascal al Nasahl Graz University of

Attacking AUTOSAR using Software and Hardware Attacks Pascal al Nasahl Graz University of

Attacking AUTOSAR using Software and Hardware Attacks Pascal al Nasahl Graz University of Technology Niek Timmer mers Riscure 1 Introduction 2 Introduction Niek Timmers Principal Security Analyst @ Riscure 3 Introduction

1.34k views • 115 slides
SAR-SSI 2012 1 Introduction Java Card security model Off-card security model Java class Byte

SAR-SSI 2012 1 Introduction Java Card security model Off-card security model Java class Byte

Samiya Hamadouche, Guillaume Bouffard , Jean-Louis Lanet, Bruno Dorsemaine , Bastien Nouhant, Alexandre Magloire, Arnaud Reygnaud guillaume.bouffard@xlim.fr bruno.dorsemaine@etu.unilim.fr SAR-SSI 2012 1 Introduction Java Card security model

227 views • 19 slides
A Single Platform Approach: Automating Receivables, Payables, & P Card Reconciliation

A Single Platform Approach: Automating Receivables, Payables, & P Card Reconciliation

A Single Platform Approach: Automating Receivables, Payables, & P Card Reconciliation Andy Schwartz Jeff Bissonette MTS Software Solutions StoneMor Partners, L.P. Introduction MTS Software Solutions MTS provides software, hardware

967 views • 18 slides
Java Card vs. File System card Marc Kekicheff- Technical Director, GlobalPlatform March 10, 2004

Java Card vs. File System card Marc Kekicheff- Technical Director, GlobalPlatform March 10, 2004

Java Card vs. File System card Marc Kekicheff- Technical Director, GlobalPlatform March 10, 2004 A misleading question ? File System = a data structure seen at the card edge This part of ISO/IEC 7816 specifies: the contents of the

99 views • 5 slides
Cate: A System for Analysis and Test of Java Card Applications Peter Pfahler, Universitt

Cate: A System for Analysis and Test of Java Card Applications Peter Pfahler, Universitt

Cate: A System for Analysis and Test of Java Card Applications Peter Pfahler, Universitt Paderborn, Institut fr Informatik Jrgen Gnther, ORGA Kartensysteme GmbH, Paderborn First International Workshop on Software Quality SOQUA 2004,

458 views • 17 slides
Channel Attacks on the AES Key Schedule Franois DASSANCE Inside Secure Alexandre VENELLI

Channel Attacks on the AES Key Schedule Franois DASSANCE Inside Secure Alexandre VENELLI

Combined Fault and Side- Channel Attacks on the AES Key Schedule Franois DASSANCE Inside Secure Alexandre VENELLI Inside Secure FDTC 2012 09/09/2012 Outline 1. Combined attack 2. Related work on combined attacks Asymmetric

496 views • 28 slides
Whats new? Calibration Hardware IAEA Acquisition software Hardware and Software Upgrade for

Whats new? Calibration Hardware IAEA Acquisition software Hardware and Software Upgrade for

Hardware and Software Upgrade for the Solution Measurement and Monitor System at Rokkasho Reprocessing Plant R.Plenteda, A.Alessandrello, M.Frankl, W.Deringer, M.Lang, M.Cronholm, K.Baird, D.Breban, C.Creusot International Atomic Energy Agency

705 views • 17 slides
Novel Hardware-based Attacks Jason Zheng Aditya Joshi Introduction Direct hardware hacking is

Novel Hardware-based Attacks Jason Zheng Aditya Joshi Introduction Direct hardware hacking is

Novel Hardware-based Attacks Jason Zheng Aditya Joshi Introduction Direct hardware hacking is as old as the trade of hacking Common Characteristics: Physical access (at least within transmission range of EM/Accoustic signals). Seemingly

252 views • 22 slides
Advanced Wi-Fi Attacks Using Commodity Hardware Mathy Vanhoef @vanhoefm BruCON, Belgium, 3

Advanced Wi-Fi Attacks Using Commodity Hardware Mathy Vanhoef @vanhoefm BruCON, Belgium, 3

Advanced Wi-Fi Attacks Using Commodity Hardware Mathy Vanhoef @vanhoefm BruCON, Belgium, 3 October 2018 Background Wi-Fi assumes each stations behaves fairly With special hardware we dont have to Continuous jamming: channel

885 views • 76 slides
s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

When Hardware Attacks s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance Remote key brute software protocol force relay attack side Fast Slow mitm channel Hardware attacks require:

688 views • 25 slides
Lecture 3 Hardware and Software 3. Hardware and Softw are 4. High Level Languages 5.

Lecture 3 Hardware and Software 3. Hardware and Softw are 4. High Level Languages 5.

1. Introduction 2. Binary Representation Lecture 3 Hardware and Software 3. Hardware and Softw are 4. High Level Languages 5. Standard input and output Hardware has been defined as 6. Operators, expression and statem ents the

238 views • 3 slides
Computer Hardware Computer - hardware and software Like piano and music In this

Computer Hardware Computer - hardware and software Like piano and music In this

Computer Hardware Computer - hardware and software Like piano and music In this section: hardware The computer is an amazingly useful general-purpose technology, to the point that now cameras, phones, thermostats .. these are all now

390 views • 17 slides
Data Parallelism in Java Brian Goetz Java Language Architect Hardware trends (Graphic courtesy

Data Parallelism in Java Brian Goetz Java Language Architect Hardware trends (Graphic courtesy

<Insert Picture Here> Data Parallelism in Java Brian Goetz Java Language Architect Hardware trends (Graphic courtesy Herb Sutter) As of ~2003, we stopped seeing increases in CPU clock rate Moores law has not been repealed! Chip

622 views • 35 slides
WISTP 07 A comparative analysis of common threats, vulnerabilities, attacks and

WISTP 07 A comparative analysis of common threats, vulnerabilities, attacks and

WISTP 07 A comparative analysis of common threats, vulnerabilities, attacks and countermeasures within smart card and wireless sensor network node technologies. Kevin Eagles, Konstantinos Markantonakis and Keith Mayes Smart Card Centre,

337 views • 22 slides
CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security

CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security

CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security Introduction Meltdown Papers Spectre Attacks: Exploiting Speculative Execution, IEEE Security and Privacy (S&P), 2019 (Dustin)

726 views • 44 slides
Using Hardware Methods to Improve Time-predictable Performance in Real-time Java Systems Jack

Using Hardware Methods to Improve Time-predictable Performance in Real-time Java Systems Jack

Using Hardware Methods to Improve Time-predictable Performance in Real-time Java Systems Jack Whitham, Neil Audsley, Martin Schoeberl University of York, Technical University of Vienna Hardware Methods Lightweight, Java-friendly

457 views • 32 slides
Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization)

Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization)

Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization) Software to simulate hardware Independent Separate Use one piece of hardware to simulate many computers Topics What are

519 views • 22 slides

More recommend