Embedded Eavesdropping on Java Card - Information Security and Privacy Research Access content directly
Conference Papers Year : 2012

Embedded Eavesdropping on Java Card

Guillaume Barbu
  • Function : Author
  • PersonId : 924593
Laboratoire Traitement et Communication de l'Information
Oberthur Technologies
Christophe Giraud
  • Function : Author
  • PersonId : 867526
Oberthur Technologies
Vincent Guerin
  • Function : Author
Oberthur Technologies

Abstract

In this article we present the first Combined Attack on a Java Card targeting the APDU buffer itself, thus threatening both the security of the platform and of the hosted applications as well as the privacy of the cardholder. We show that such an attack, which combines malicious application and fault injection, is achievable in practice on the latest release of the Java Card specifications by presenting several case studies taking advantage for instance of the well-known GlobalPlatform and (U)SIM Application ToolKit.

Domains

Computer Science [cs] Cryptography and Security [cs.CR]
Fichier principal
Vignette du fichier
main.pdf (128.84 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Guillaume Barbu  : Connect in order to contact the contributor

https://hal.science/hal-00706186

Submitted on : Saturday, June 9, 2012-10:54:16 AM

Last modification on : Monday, October 9, 2023-12:49:40 PM

Long-term archiving on: Monday, September 10, 2012-2:40:08 AM

Download

Dates and versions

hal-00706186 , version 1 (09-06-2012)

Licence

Attribution

Identifiers

Cite

Guillaume Barbu, Christophe Giraud, Vincent Guerin. Embedded Eavesdropping on Java Card. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Greece. pp.37-48, ⟨10.1007/978-3-642-30436-1_4⟩. ⟨hal-00706186⟩

Export

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

INSTITUT-TELECOM CNRS PARISTECH IFIP IFIP-AICT IFIP-TC IFIP-TC11 IFIP-SEC IFIP-AICT-376 LTCI
252 View
3627 Download

Altmetric

Share

Gmail Facebook X LinkedIn More