Tampering with Java Card Exceptions - The Exception Proves the Rule

Guillaume Barbu; Philippe Hoogvorst; Guillaume Duc

doi:10.5220/0004018600550063

Tampering with Java Card Exceptions - The Exception Proves the Rule

Guillaume Barbu, Philippe Hoogvorst, Guillaume Duc

2012

Abstract

Many publications have studied the various issues concerning Java Cards security regarding software and/or hardware attacks. However, it is surprising to notice that the particular case of exception-related mechanisms has not been tackled yet in the literature. In this article, we fill this gap by proposing several attacks against Java Card platforms based on both exception handling and exception throwing. In addition, this study allows us to point out that a weakness known by the web-oriented Java community for more than a decade still passes the different steps of the state-of-the-art Java Card application deployment process (namely conversion and verification). This appears all the more important as the Java Card 3 Connected Edition specifications have started to bridge the gap between the two worlds that are Java Cards and Java web services.

Download

Paper Citation

in Harvard Style

Barbu G., Hoogvorst P. and Duc G. (2012). Tampering with Java Card Exceptions - The Exception Proves the Rule . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012) ISBN 978-989-8565-24-2, pages 55-63. DOI: 10.5220/0004018600550063

in Bibtex Style

@conference{secrypt12,
author={Guillaume Barbu and Philippe Hoogvorst and Guillaume Duc},
title={Tampering with Java Card Exceptions - The Exception Proves the Rule},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},
year={2012},
pages={55-63},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004018600550063},
isbn={978-989-8565-24-2},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)
TI - Tampering with Java Card Exceptions - The Exception Proves the Rule
SN - 978-989-8565-24-2
AU - Barbu G.
AU - Hoogvorst P.
AU - Duc G.
PY - 2012
SP - 55
EP - 63
DO - 10.5220/0004018600550063