Abstract
In smart card domain, attacks and countermeasures are advancing at a fast rate. In order to have a generic view of all the attacks, we propose to use a Fault Tree Analysis. This method used in safety analysis helps to understand and implement all the desirable and undesirable events existing in this domain. We apply this method to Java Card vulnerability analysis. We define the properties that must be ensured: integrity and confidentiality of smart card data and code. By modeling the conditions, we discovered new attack paths to get access to the smart card contents. Then we introduce a new security api which is proposed to mitigate the undesirable events defined in the tree models.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Leveson, N.G.: Software Safety - What, Why And How? ACM Computing Surveys 16(2), 125–164 (1986)
Stamatis, D.H.: Failure Mode and Effect Analysis: FMEA from Theory to Execution. ASQ Press (1995)
Helmer, G., Wong, J., Slagell, M., Honavar, V., Miller, L., Wang, Y., Lutz, R.: Software fault tree and colored petri net based specification, design and implementation of agent-based intrusion detection systems. IEEE Transactions of Software Engineering (2002) (submitted)
Prevost, S., Sachdeva, K.: Application code integrity check during virtual machine runtime. US Patent App. 10/929,221 (2004)
Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical report, DTIC Document (2001)
Fronczak, E.: A top-down approach to high-consequence fault analysis for software systems. In: Proceedings of the Eighth International Symposium on Software Reliability Engineering, p. 259. IEEE (1997)
Byres, E.J., Franz, M., Miller, D.: The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems. In: International Infrastructure Survivability Workshop (IISW 2004). IEEE (2004)
Oracle: Java Card 3 Platform, Virtual Machine Specification, Classic Edition. Oracle, Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065 (2011)
GlobalPlatform: Card Specification. 2.2.1 edn. GlobalPlatform Inc. (2011)
Hubbers, E., Poll, E.: Transactions and non-atomic API methods in Java Card: specification ambiguity and strange implementation behaviours. Technical Report NIII-R0438, Radboud University Nijmegen (2004)
Iguchy-Cartigny, J., Lanet, J.L.: Developing a Trojan applets in a smart card. Journal in Computer Virology 6(4), 343–351 (2009)
Vetillard, E., Ferrari, A.: Combined Attacks and Countermeasures. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 133–147. Springer, Heidelberg (2010)
Bouffard, G., Iguchi-Cartigny, J., Lanet, J.-L.: Combined Software and Hardware Attacks on the Java Card Control Flow. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 283–296. Springer, Heidelberg (2011)
Dubreuil, J., Bouffard, G., Lanet, J.L., Iguchy-Cartigny, J.: Type classification against Fault Enabled Mutant in Java based Smart Card. In: Sixth International Workshop on Secure Software Engineering (SecSE), pp. 551–556. Springer (2012)
Barbu, G.: On the security of Java CardTMplatforms against hardware attacks. PhD thesis, Grant-funded with Oberthur Technologies and Télécom ParisTech. (2012)
Blömer, J., Otto, M., Seifert, J.P.: A new CRT-RSA algorithm secure against bellcore attacks. In: ACM Conference on Computer and Communications Security, pp. 311–320. ACM, Washington, DC (2003)
Wagner, D.: Cryptanalysis of a provably secure CRT-RSA algorithm. In: ACM Conference on Computer and Communications Security, pp. 92–97. ACM, Washington, DC (2004)
Girard, P.: Contribution à la sécurité des cartes à puce et de leur utilisation. Habilitation thesis, University of Limoges (2011)
Razafindralambo, T., Bouffard, G., Thampi, B.N., Lanet, J.-L.: A Dynamic Syntax Interpretation for Java Based Smart Card to Mitigate Logical Attacks. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Alcaraz Calero, J.M., Thomas, T. (eds.) SNDS 2012. CCIS, vol. 335, pp. 185–194. Springer, Heidelberg (2012)
Al Khary Séré, A.: Tissage de contremesures pour machines virtuelles embarquées. PhD thesis, Université de Limoges, 123 Avenue Albert Thomas, 87100 Limoges Cedex (2010)
Akkar, M.L., Goubin, L., Ly, O., et al.: Automatic integration of counter-measures against fault injection attacks (2003), Pre-print found at http://www.labri.fr/Perso/ly/index.htm
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity principles, implementations, and applications. ACM Transactions on Information and System Security (TISSEC) 13(1), 4 (2009)
Piètre-Cambacédès, L., Bouissou, M.: Attack and Defense Modeling with BDMP. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2010. LNCS, vol. 6258, pp. 86–101. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bouffard, G., Thampi, B.N., Lanet, JL. (2013). Vulnerability Analysis on Smart Cards Using Fault Tree. In: Bitsch, F., Guiochet, J., Kaâniche, M. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2013. Lecture Notes in Computer Science, vol 8153. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40793-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-40793-2_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40792-5
Online ISBN: 978-3-642-40793-2
eBook Packages: Computer ScienceComputer Science (R0)