Tampering with Java Card Exceptions - The Exception Proves the Rule

Guillaume Barbu, Philippe Hoogvorst, Guillaume Duc

Abstract

Many publications have studied the various issues concerning Java Cards security regarding software and/or hardware attacks. However, it is surprising to notice that the particular case of exception-related mechanisms has not been tackled yet in the literature. In this article, we fill this gap by proposing several attacks against Java Card platforms based on both exception handling and exception throwing. In addition, this study allows us to point out that a weakness known by the web-oriented Java community for more than a decade still passes the different steps of the state-of-the-art Java Card application deployment process (namely conversion and verification). This appears all the more important as the Java Card 3 Connected Edition specifications have started to bridge the gap between the two worlds that are Java Cards and Java web services.

References

  1. Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., and Whelan, C. (2006). The Sorcerer's Apprentice Guide to Fault Attacks. IEEE, 94(2):370-382.
  2. Barbu, G. (2009). Fault Attacks on Java Card 3 Virtual Machine. In e-Smart'09.
  3. Barbu, G., Duc, G., and Hoogvorst, P. (2011). Java Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures. In (Prouff, 2011), pages 297-313.
  4. Barbu, G., Giraud, C., and Guerin, V. (2012a). Embedded Eavesdropping on Java Card. In Proceedings of the IFIP International Information Security and Privacy Conference 2012 - SEC 2012. Springer Verlag. to be published.
  5. Barbu, G., Hoogvorst, P., and Duc, G. (2012b). Application-Replay Attack on Java Cards: When the Garbage Collector Gets Confused. In Barthe, G. and Livshits, B., editors, International Symposium on Engineering Secure Software and Systems - ESSoS 2012, Lecture Notes in Computer Science. Springer.
  6. Barbu, G. and Thiebeauld, H. (2011). Synchronized Attacks on Multithreaded Systems - Application to Java Card 3.0 -. In (Prouff, 2011), pages 18-33.
  7. Barbu, G., Thiebeauld, H., and Guerin, V. (2010). Attacks on Java Card 3.0 Combining Fault and Logical Attacks. In (Gollmann and Lanet, 2010), pages 148-163.
  8. Caromel, D. and Vayssière, J. (2001). Reflection on MOPs, Components, and Java Security. In Proceedings of the Engineering C of Object-Oriented Programs (ECOOP), volume 2072 of LNCS. Springer-Verlag.
  9. Chen, Z. (2000). Java Card Technology for Smart Cards, Architecture and Programmer's Guide. AddisonWesley.
  10. Cholakov, N. and Milev, D. (2005). The Evolution of the Java Security Model. In Proceedings of the International Conference on Computer Systems and Technologies (CompSysTech'2005).
  11. Dean, D., Felten, E. W., and Wallach, D. S. (1996). Java Security: From HotJava to Netscape and Beyond. In Proceedings of the IEEE Symposium on Security and Privacy.
  12. Giraud, C. and Thiebeauld, H. (2004). A Survey on Fault Attacks. In Quisquater, J.-J., Paradinas, P., Deswarte, Y., and Kalam, A. E., editors, Smart Card Research and Advanced Applications VI - CARDIS 2004, pages 159-176. Kluwer Academic Publishers.
  13. Gollmann, D. and Lanet, J.-L., editors (2010). volume 6035 of Lecture Notes in Computer Science. Springer.
  14. Gosling, J., Joy, B., Steele, G., and Bracha, G. (2005). The Java Language Specification. Addiosn-Wesley, 3rd edition.
  15. Govindavajhala, S. and Appel, A. (2003). Using Memory Errors to Attack a Virtual Machine. In IEEE Symposium on Security and Privacy, pages 154-165. IEEE Computer Society.
  16. Gutterman, Z. and Malkhi, D. (2005). Hold Your Sessions: An Attack on Java Session-Id Generation. In Proceedings of the Cryptographer's Track at the RSA Conference (CT-RSA), LNCS. Springer.
  17. Hubert, L., Jensen, T., Monfort, V., and Pichardie, D. (2010). Enforcing Secure Object Initialization in Java. In Proceedings of the European Symposium on Research in Computer Securiy, ESORICS'10, pages 101-115. Springer-Verlag.
  18. Ladue, M. D. (1997). When Java was One: Threats from Hostile Bytecode. In Proceedings of the 20th National Information Systems Security Conference, pages 104- 115.
  19. Last Stage of Delirium Research Group (2002). Java and Java Virtual Machine Security Vulnerabilities and their Exploitation Techniques. In BlackHat Conference.
  20. Lindholm, T. and Yellin, F. (1999). Java Virtual Machine Specification. Addison-Wesley, Inc., 2nd edition.
  21. Livshits, B. and Lam, M. S. (2005). Finding Security Vulnerabilities in Java Applications with Static Analysis. Technical report, USENIX.
  22. Long, F., Mohlndra, D., Seacord, R. C., Sutherland, D. F., and Svoboda, D. (2011). The CERT Oracle Secure Coding Standard for Java. Carnegie Mellon Software Engineering Institue (SEI) series. Addison-Wesley.
  23. McGraw, G. and Felten, E. W. (2000). Getting Down to Business with Mobile Code. John Wiley & Sons.
  24. Mehta, N. V. and Sollins, K. R. (1998). Expanding and Extending the Security Features of Java. In Proceedings of the 7th USENIX Security Symposium.
  25. Mostowski, W. and Poll, E. (2008). Malicious Code on Java Card Smartcards: Attacks and Countermeasures. In Grimaud, G. and Standaert, F.-X., editors, Smart Card Research and Advanced Applications, 8th International Conference - CARDIS 2008, volume 5189 of Lecture Notes in Computer Science, pages 1-16. Springer.
  26. Oaks, S. (2001). Java Security. O'Reilly, second edition.
  27. Prouff, E., editor (2011). volume 7079 of Lecture Notes in Computer Science. Springer.
  28. Quisquater, J.-J. and Samyde, D. (2002). Eddy Current for Magnetic Analysis with Active Sensor. In e-Smart 2002.
  29. Séré, A. A. K., Iguchi-Cartigny, J., and Lanet, J.-L. (2009). Automatic Detection of Fault Attack and Countermeasures. In Proceedings of the 4th Workshop on Embedded Systems Security, WESS 7809, pages 1-7.
  30. Séré, A. A. K., Iguchi-Cartigny, J., and Lanet, J.-L. (2010). Checking the Paths to Identify Mutant Application on Embedded Systems. In FGIT, pages 459-468.
  31. Skorobogatov, S. and Anderson, R. (2002). Optical Fault Induction Attack. In Kaliski Jr., B., Koc¸, C¸., and Paar, C., editors, Cryptographic Hardware and Embedded Systems - CHES 2002, volume 2523 of Lecture Notes in Computer Science, pages 2-12. Springer.
  32. Sun Microsystems (2006). Virtual Machine Specification - Java CardTM Plateform, Version 2.2.2.
  33. Sun Microsystems Inc. (2009a). Application Programming Interface, Java Card Platform, Version 3.0.1 Connected Edition.
  34. Sun Microsystems Inc. (2009b). Runtime Environment Specification, Java Card Platform, Version 3.0.1 Connected Edition.
  35. Sun Microsystems Inc. (2009c). Virtual Machine Specification - Java Card Plateform, Version 3.0.1.
  36. The Open Web Application Security Project (OWASP) (2012a). Information Leakage.
  37. The Open Web Application Security Project (OWASP) (2012b). Uncaught Exceptions.
  38. Vétillard, E. and Ferrari, A. (2010). Combined Attacks and Countermeasures. In (Gollmann and Lanet, 2010), pages 133-147.
  39. Witteman, M. (2003). Java Card Security. In Information Security Bulletin, volume 8, pages 291-298.
Download


Paper Citation


in Harvard Style

Barbu G., Hoogvorst P. and Duc G. (2012). Tampering with Java Card Exceptions - The Exception Proves the Rule . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012) ISBN 978-989-8565-24-2, pages 55-63. DOI: 10.5220/0004018600550063


in Bibtex Style

@conference{secrypt12,
author={Guillaume Barbu and Philippe Hoogvorst and Guillaume Duc},
title={Tampering with Java Card Exceptions - The Exception Proves the Rule},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},
year={2012},
pages={55-63},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004018600550063},
isbn={978-989-8565-24-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)
TI - Tampering with Java Card Exceptions - The Exception Proves the Rule
SN - 978-989-8565-24-2
AU - Barbu G.
AU - Hoogvorst P.
AU - Duc G.
PY - 2012
SP - 55
EP - 63
DO - 10.5220/0004018600550063