DSpace
 

Depot Institutionnel de l'UMBB >
Publications Scientifiques >
Communications Internationales >

Veuillez utiliser cette adresse pour citer ce document : http://dlibrary.univ-boumerdes.dz:8080/handle/123456789/6674

Titre: Persistent fault injection attack from white-box to black-box
Auteur(s): Mesbah, Abdelhak
Mezghiche, Mohamed
Lanet, Jean-Louis
Mots-clés: Combined attack
Component
Java Card
Smart card
Date de publication: 2017
Editeur: IEEE
Collection/Numéro: 2017 5th International Conference on Electrical Engineering - Boumerdes (ICEE-B);
Résumé: Among the protection mechanisms that ensure the Java Card security, the Byte Code Verifier (BCV) is one of the most important security elements. In fact, embedded applets must be verified prior installation. This prevents ill-formed applet to be loaded. In this article, the behavior of the Oracle BCV towards some unchecked piece of codes is analyzed, and the way to bypass the BCV is highlighted. Then, we demonstrate how one can use this breach to access to the system data of a frame, and persistently activate any code. Using both a white-box approach and fault injection that can transform a well-formed code to an ill-formed one during runtime execution
URI/URL: https://ieeexplore.ieee.org/document/8192164
DOI: 10.1109/ICEE-B.2017.8192164
http://dlibrary.univ-boumerdes.dz:8080/handle/123456789/6674
ISBN: 978-1-5386-0687-2
ISSN: Electronic ISBN:978-1-5386-0686-5
Collection(s) :Communications Internationales

Fichier(s) constituant ce document :

Fichier Description TailleFormat
Persistent fault injection attack from white-box to black-box.pdf524,66 kBAdobe PDFVoir/Ouvrir
View Statistics

Tous les documents dans DSpace sont protégés par copyright, avec tous droits réservés.

 

Valid XHTML 1.0! Ce site utilise l'application DSpace, Version 1.4.1 - Commentaires