inossem
play

INOSSEM i nsti tut de recherche Guillaume Bouffard (SSD) - PowerPoint PPT Presentation

Dec 09, 2023 •308 likes •705 views

Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Vulnerability Analysis on Smart Cards using Fault Tree Guillaume Bouffard Bhagyalekshmy N Thampi Jean-Louis Lanet Smart Secure Devices (SSD) Team

  1. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Vulnerability Analysis on Smart Cards using Fault Tree Guillaume Bouffard Bhagyalekshmy N Thampi Jean-Louis Lanet Smart Secure Devices (SSD) Team – XLIM/University of Limoges guillaume.bouffard @xlim.fr http://secinfo.msi.unilim.fr SAFECOMP 2013 INOSSEM i nsti tut de recherche Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 1 / 23

  2. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Outline Introduction 1 Smart Card Java Card Technology Attacks on Java Card Fault Tree Analysis 2 Definition FTA for Smart Card Code Integrity An API to Mitigate the Undesirable Events 3 Principle The INOSSEM API Conclusion 4 Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 2 / 23

  3. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Smart Card The Smart Card Widely used device ◮ Credit Card; ◮ (U)SIM Card; ◮ Health Card (french Vitale card); ◮ Pay TV; ◮ . . . This device contains sensitive data Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 3 / 23

  4. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Java Card Technology Java Card based Smart Card Applet Applet Applet ◮ Created by Vendor and/or Schlumberger in Industry Spe- Java Card 1996. cific Extensions Runtime ◮ Specified by Oracle Java Card Framework and APIs Environment ◮ Provide a friendly Java Card Virtual Machine environment to Card Operating System develop secure Java-applications. Hardware Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 4 / 23

  5. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Java Card Technology Java Card Security Model Off-card Security Java Class Files Java Card Files Byte Code Verifier Byte Code Converter Byte Code Signer On-card Security Byte Code Verifier Installed applet Java Card Files Firewall Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 5 / 23

  6. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Java Card Attacks Logical attacks ◮ Execution of malicious Java Card byte codes Physical attacks ◮ Side Channel attacks (timing attacks, power analysis attack, . . . ); ◮ Fault attacks Combined attacks (electromagnetic injection, Mix of physical and logical laser beam injection, . . . ) attacks. Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 6 / 23

  7. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack ... Operand Stack Unknown area Local variables Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 7 / 23

  8. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack ... ToS param. 2 param. 1 @method Unknown area Local variables Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 7 / 23

  9. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack ... ToS Unknown ... ToS area param. 2 param. 2 param. 1 param. 1 @method @method Unknown area Previous Frame Local variables Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 7 / 23

  10. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack ✞ ☎ public void ModifyStack ( byte [] apduBuffer , APDU apdu , short a) { short i=( short )0xCAFE; short j=( short ) maliciousFunction (); i = j ; } ✝ ✆ Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 8 / 23

  11. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack ✞ ☎ ModifyStack public void invokevirtual @ModifyStack ( byte [] apduBuffer , APDU apdu , short a) { short i=( short )0xCAFE; short j=( short ) maliciousFunction (); ModifyStack Method i = j ; } ✝ ✆ Any unchecked byte code Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 8 / 23

  12. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack ✞ ☎ public void ModifyStack ( byte [] apduBuffer , APDU apdu , short a) { 02 // flags:0 max_stack:2 invokevirtual @ModifyStack 42 // nargs:4 max_locals:2 11 CAFE sspush 0xCAFE 29 04 sstore 4 18 aload_0 7B 00 getstatic_a 0 ModifyStack Method 8B 01 invokevirtual 1 29 05 sstore 5 16 05 sload 5 29 04 sstore 4 7A } return ✝ ✆ Any unchecked byte code Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 8 / 23

  13. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack ✞ ☎ The Return Address of the public void ModifyStack current function is changed! ( byte [] apduBuffer , APDU apdu , short a) { 02 // flags:0 max_stack:2 invokevirtual @ModifyStack 42 // nargs:4 max_locals:2 11 CAFE sspush 0xCAFE 29 04 sstore 4 18 aload_0 7B 00 getstatic_a 0 ModifyStack Method 8B 01 invokevirtual 1 29 05 sstore 5 16 05 sload 5 29 07 sstore 7 7A } return ✝ ✆ Any unchecked byte code Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 8 / 23

  14. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Example: Eman 2 attack – Countermeasure Security Requirements ◮ Embed a B yte C ode V erifier (BCV); ◮ Check the number of locals; ◮ Check the frame integrity; Proposed Countermeasure: the linked-frame ◮ The memory area is non-contiguous ◮ The top of stack should be copied Method Method Applet Frame Frame 1 Frame 2 Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 9 / 23

  15. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Attacks on Java Card Problematic Inductive Approach ◮ 1 attack = 1 countermeasure ◮ bottom-up solution Our Requirements ◮ A top-down analytic solution; ◮ Definition of each undesirable events; Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 10 / 23

  16. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Definition The Fault Tree Analysis (FTA) Effect ◮ Undesirable event; or ◮ Initial causes; ◮ Gate Connector. Cause 1 Cause 2 Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 11 / 23

  17. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Definition The Fault Tree Analysis (FTA) Effect ◮ Undesirable event; or ◮ Initial causes; ◮ Gate Connector. Cause 1 Cause 2 Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 11 / 23

  18. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Definition The Fault Tree Analysis (FTA) Effect ◮ Undesirable event; or ◮ Initial causes; ◮ Gate Connector. Cause 1 Cause 2 Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 11 / 23

  19. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Definition The Fault Tree Analysis (FTA) Effect ◮ Undesirable event; or ◮ Initial causes; ◮ Gate Connector. Cause 1 Cause 2 Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 11 / 23

  20. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Definition FTA for Eman 2 attack Access to the frame content and Ill-formed CAP file applet execution Modification is allowed and No BCV No runtime No frame locals check integrity Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 12 / 23

  21. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion FTA for Smart Card Smart Card’s Assets Undesirable events can affect: ◮ Code integrity; ◮ Data integrity; ◮ Code confidentiality; ◮ Data confidentiality; Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 13 / 23

  22. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion FTA for Smart Card Smart Card’s Assets Undesirable events can affect: ◮ Code integrity ; ◮ Data integrity; ◮ Code confidentiality; ◮ Data confidentiality; An attack offers the execution of a malicious byte code. Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 13 / 23

  23. Introduction Fault Tree Analysis An API to Mitigate the Undesirable Events Conclusion Code Integrity How to break the Java Card Code Integrity? Perturbation of the Code Integrity or Execution of new Existing code arbitrary code modification or or Frame Extended Byte Code desyn- Condition Exception Type corruption branch Code chronization branch mechanism Confusion Modifi- cation Guillaume Bouffard (SSD) Vulnerability Analysis on Smart Cards SAFECOMP 2013 14 / 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MetLife Financial MetLife Financial Services Services MetLife Financial Services MetLife

MetLife Financial MetLife Financial Services Services MetLife Financial Services MetLife

MetLife Financial MetLife Financial Services Services MetLife Financial Services MetLife Financial Services Snapshot Snapshot MetLifes Career Agency Field Force 5,350 career agents by end 2003 129 agencies Its a

726 views • 53 slides
MCOA Small and Rural Conference Robin Lipson, Executive Office of Elder Affairs 17 April 2018

MCOA Small and Rural Conference Robin Lipson, Executive Office of Elder Affairs 17 April 2018

MCOA Small and Rural Conference Robin Lipson, Executive Office of Elder Affairs 17 April 2018 Governors Council to Address Aging in MA 2 Governors Council to Address Aging in MA Plan and Process Year One Year Two Held 5 in-person

421 views • 13 slides
Service layering I n t e g r a t i n g S a mb a w i t h e x i s t i n g

Service layering I n t e g r a t i n g S a mb a w i t h e x i s t i n g

Service layering I n t e g r a t i n g S a mb a w i t h e x i s t i n g D N S i n f r a s t r u c t u r e S a mb a X P 2 0 1 8 J u n e 6 t h / 7 t h 2 0 1 8 P i e t e r H o

482 views • 26 slides
DAQ Office Space Is ProtoDUNE a good analog? Partly: Yes: initial installation and

DAQ Office Space Is ProtoDUNE a good analog? Partly: Yes: initial installation and

DAQ Office Space Is ProtoDUNE a good analog? Partly: Yes: initial installation and commissioning has a similar onsite profile No: was a big rush, and remote control was not in the immediate plans so everyone came to CERN over

518 views • 8 slides
The Ins and Outs of Programming Cryptography in Smart Cards . . . and announcing the launch of

The Ins and Outs of Programming Cryptography in Smart Cards . . . and announcing the launch of

The Ins and Outs of Programming Cryptography in Smart Cards . . . and announcing the launch of OpenCard Pascal Paillier CryptoExperts Real World Crypto 2015 Jan 2015 Real World Crypto 2015 Jan 2015 What are Smart Cards? Real World

968 views • 51 slides
Hardware-based Cryptography Smart cards, YubiKeys & more Karol Babioch Security Engineer

Hardware-based Cryptography Smart cards, YubiKeys & more Karol Babioch Security Engineer

Hardware-based Cryptography Smart cards, YubiKeys & more Karol Babioch Security Engineer kbabioch@suse.de Rationale - Computers running general purpose software can be compromised hacked Offline-access, etc. -

619 views • 26 slides
NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I,

NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I,

NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I, 15th March NFC applications and use cases https://attendee.gotowebinar.com/rt/1059402932312036099 Session II, 22th March NFC essentials

1.03k views • 35 slides
Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia

Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia

Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia Brisbane Research Topics Analytics for service / operations planning / control Passenger smart card data Vehicle location and trajectory data

634 views • 4 slides
Fault enabled viruses against smart cards 1 2 1 Samiya

Fault enabled viruses against smart cards 1 2 1 Samiya

Fault enabled viruses against smart cards 1 2 1 Samiya HAMADOUCHE , Jean-Louis LANET , Mohamed MEZGHICHE 1 LIMOSE Laboratory, University

898 views • 36 slides
Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela E.Fourneret J.Jurjens P. Yousefi ARES 2011 OUTLINE Introduction Background UMLsec Model-based Testing Security in smart-card

356 views • 17 slides
CryptoPuces 2011 Introduction State of the art SCWS / BIP The HTTP protocol

CryptoPuces 2011 Introduction State of the art SCWS / BIP The HTTP protocol

Matthieu BARREAUD, Guillaume BOUFFARD & Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team XLIM University of Limoges http://secinfo.msi.unilim.fr This work is based on the M1 students project.

669 views • 23 slides
Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers

Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers

Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers are as secure as real world systems, and people believe it . This is hard because: Computers can do a lot of damage fast. There are many

391 views • 28 slides
Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and

Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and

Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and Machine Learning Resistance 18th Smart Card Research and Advanced Application Conference: CARDIS 2019 Nils Wisiol, Georg T. Becker, Marian Margraf,

952 views • 21 slides
Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Department of Technology & Operations Management Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk, Timo Polman, Leo Kroon, Peter Vervest and Gbor Marti Complexity in Public Transport:

2.21k views • 55 slides
FSIJ USB Token for GnuPG Niibe Yutaka <gniibe@fsij.org> 2009-10-21 Japan Linux Symposium

FSIJ USB Token for GnuPG Niibe Yutaka <gniibe@fsij.org> 2009-10-21 Japan Linux Symposium

FSIJ USB Token for GnuPG Niibe Yutaka <gniibe@fsij.org> 2009-10-21 Japan Linux Symposium Contents Who am I? GNU Privacy Guard FSIJ USB Token PCB design V-USB (AVR-USB) CCID/ICCD Protocol OpenPGP Protocol RSA

991 views • 26 slides
Exploring the use of Intel SGX for Secure Many-Party Applications SysTEX16 K. A. Kucuk

Exploring the use of Intel SGX for Secure Many-Party Applications SysTEX16 K. A. Kucuk

Exploring the use of Intel SGX for Secure Many-Party Applications SysTEX16 K. A. Kucuk University of Oxford, UK December 12, 2016 Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure

607 views • 23 slides
Agent Coordination Mechanism s in the COMBI NED System s First Aid Case Patrick Storm s

Agent Coordination Mechanism s in the COMBI NED System s First Aid Case Patrick Storm s

COMBI NED System s Agent Coordination Mechanism s in the COMBI NED System s First Aid Case Patrick Storm s Yall W aalw ijk, The Netherlands AgentLink- I I I - TF3 Budapest, Hungary Septem ber 2 0 0 5 16 September

551 views • 14 slides
The Silicon Vertex Detector of the Belle II Experiment Thomas Bergauer (HEPHY Vienna) Vertex

The Silicon Vertex Detector of the Belle II Experiment Thomas Bergauer (HEPHY Vienna) Vertex

The Silicon Vertex Detector of the Belle II Experiment Thomas Bergauer (HEPHY Vienna) Vertex 2010 Loch Lomond 10 June 2010 The Silicon Vertex Detector of the Belle II Experiment Introduction Belle II: The Future Double Sided Sensors

626 views • 43 slides
University of Pittsburgh: EOI Response Interest: Testing and Quality Assurance for Cold

University of Pittsburgh: EOI Response Interest: Testing and Quality Assurance for Cold

University of Pittsburgh: EOI Response Interest: Testing and Quality Assurance for Cold Motherboards Design, setup, and operation of possible test-stand People: Naples&Paolone, at least 1/3 of postdoc, and undergraduates Previous

309 views • 4 slides
Chapter 2 & 3 September 06, 2011 Internetworking With TCP/IP 1 Chapter 2 & 3 September

Chapter 2 & 3 September 06, 2011 Internetworking With TCP/IP 1 Chapter 2 & 3 September

Chapter 2 & 3 September 06, 2011 Internetworking With TCP/IP 1 Chapter 2 & 3 September 06, 2011 Internetworking With TCP/IP 2 Chapter 2 & 3 September 06, 2011 Internetworking With TCP/IP 3 Chapter 2 & 3 September 06,

778 views • 53 slides
ATLAS ITk Pixel Detector Overview Attilio Andreazza Universit di Milano and INFN for the ATLAS

ATLAS ITk Pixel Detector Overview Attilio Andreazza Universit di Milano and INFN for the ATLAS

ATLAS ITk Pixel Detector Overview Attilio Andreazza Universit di Milano and INFN for the ATLAS Collaboration International Workshop on Semiconductor Pixel Detectors for Particles and Images Academia Sinica, Taipei, 10-14 December 2018 Outline

685 views • 36 slides
ADDITIVE MA E MANUF UFACT CTURING COMMUN COMMUNITY Strategy Days Summit November 6-7, 2019 |

ADDITIVE MA E MANUF UFACT CTURING COMMUN COMMUNITY Strategy Days Summit November 6-7, 2019 |

ADDITIVE MA E MANUF UFACT CTURING COMMUN COMMUNITY Strategy Days Summit November 6-7, 2019 | Marriott Marquis Chicago AM market has grown so rapidly in the past 10 years Messaging is very splintered and inconsistent Focus

307 views • 4 slides
D. Predictions for neutral-meson interferometry from L SME , extract CPT-violating Hamiltonian

D. Predictions for neutral-meson interferometry from L SME , extract CPT-violating Hamiltonian

D. Predictions for neutral-meson interferometry from L SME , extract CPT-violating Hamiltonian contribution d H SME for valence quarks of meson P 0 = K 0 , D 0 , B 0 d , B 0 s under consideration usual quantum perturbation theory in meson rest

374 views • 21 slides
Nigeria Economic Outlook 2020 and Covid-19 Responses Prof. Joseph Nnanna, Chief Economist

Nigeria Economic Outlook 2020 and Covid-19 Responses Prof. Joseph Nnanna, Chief Economist

Nigeria Economic Outlook 2020 and Covid-19 Responses Prof. Joseph Nnanna, Chief Economist Development Bank of Nigeria Economic Outlook Nigeria GDP Nigeria Inflation Growth Rate Rate q The GDP in Nigeria has declined to -6.1% in Q2 2020 q

484 views • 44 slides

More recommend