Result: PhiAttack ; PhiAttack: Rewriting the Java Card Class Hierarchy

Title:

PhiAttack ; PhiAttack: Rewriting the Java Card Class Hierarchy

Authors:

Contributors:

SERMA SAFETY & SECURITY, Agence nationale de la sécurité des systèmes d'information (ANSSI), Département d'informatique - ENS Paris (DI-ENS), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Vincent Grosso, Thomas Pöppelmann

Source:

Lecture Notes in Computer Science ; CARDIS 2021 - 20th International Conference on Smart Card Research and Advanced Applications ; https://hal.science/hal-03823792 ; CARDIS 2021 - 20th International Conference on Smart Card Research and Advanced Applications, Nov 2021, Lübeck, Germany. pp.275-288, ⟨10.1007/978-3-030-97348-3_15⟩

Publisher Information:

HAL CCSD
Springer International Publishing

Publication Year:

2021

Collection:

Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe)

Subject Terms:

Java Card, BCV, Inheritance tree, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]

Subject Geographic:

Lübeck, Germany

Document Type:

*Conference* conference object

Language:

English

Relation:

hal-03823792; https://hal.science/hal-03823792; https://hal.science/hal-03823792/document; https://hal.science/hal-03823792/file/DubreuilB21.pdf

DOI:

10.1007/978-3-030-97348-3_15

Availability:

https://hal.science/hal-03823792
https://hal.science/hal-03823792/document
https://hal.science/hal-03823792/file/DubreuilB21.pdf
https://doi.org/10.1007/978-3-030-97348-3_15

Rights:

info:eu-repo/semantics/OpenAccess

Accession Number:

edsbas.1AE300D2

Database:

BASE

Further Information

*International audience ; Compiling Java Card applets is based on the assumption that export files used to translate Java class item to Java Card CAP tokens are legitimate. Bouffard et al. [2] reversed the translation mechanism. Based on malicious Application Programming Interface (API) embedded in a target, they succeeded in making a man-in-the-middle attack where cryptographic keys can leak. In this article, we disclose that, on a pool of legitimate export files, Java Card Virtual Machine (JCVM) implementations can be confused by a CAP file verified by the Java Card Bytecode Verifier (BCV). The disclosed vulnerability leads to Java Card class hierarchy rewriting. The introduced vulnerability is exploitable up to Java Card 3.0.5. Recently, Java Card 3.1.0 provides a new export file format which prevents this vulnerability.*

*Result*: PhiAttack ; PhiAttack: Rewriting the Java Card Class Hierarchy

*Further Information*

*Links*

*Additional functions*

Result: PhiAttack ; PhiAttack: Rewriting the Java Card Class Hierarchy

Further Information

Links

Additional functions