CROct 19, 2021
Java Card Virtual Machine Memory Organization: a Design ProposalGuillaume Bouffard, Vincent Giraud, Léo Gaspard
The Java Card Virtual Machine (JCVM) platform is widely deployed on security-oriented components. JCVM implementations are mainly evaluated under security schemes. However, existing implementation are close-source without detail. We believe studying how to design JCVM will improve them and it can be reused by the community to improve Java Card security. In 2018, Bouffard et al. [6] introduced an Operating System (OS) which aims at running JCVM compatible implementation. This OS is compatible with several Commercially available Off-The-Shelf (COTS) components. This is a first step to design a secure JCVM platform. However, some important details are missing to design a secure-oriented Java Card platform. In this article, we focus on the JCVM memory. This memory contains everything required to run JCVM and applets. Currently, JCVM memory is out of the Java Card specification and each JCVM developer use his own approach. Based on the existing tools and documentation, we explain how to extract from the Java Card toolchain every data required by applets and JCVM. When data to store in memory are identified, this article introduces how to organize required data onto JCVM memory.
CROct 25, 2019
Electromagnetic fault injection against a System-on-Chip, toward new micro-architectural fault modelsThomas Trouchkine, Sébanjila Kevin Bukasa, Mathieu Escouteloup et al.
Electromagnetic fault injection (EMFI) is a well known technique used to disturb the behaviour of a chip for weakening its security. These attacks are mostly done on simple microcontrollers. On these targets, the fault effects are relatively simple and understood. Exploiting EMFI on modern system-on-chips (SoCs), the fast and complex chips ubiquitous today, requires to understand the impact of such faults. In this paper, we propose an experimental setup and a forensic process to create exploitable faults and assess their impact on the SoC micro-architecture. On our targeted SoC (a BCM2837), the observed behaviours are radically different to what were obtained with state-of-the-art fault injection attacks on microcontrollers. SoC subsystems (L1 caches, L2 cache, memory management unit (MMU)) can be individually targeted leading to new fault models. We also highlight the differences in the fault impact with and without an operating system (OS). This shows the importance of the software layers in the exploitation of a fault. With this work, we demonstrate that the complexity and the speed of SoCs do not protect them against hardware fault attacks. To conclude our work, we introduce countermeasures to protect the SoC caches and MMU against EMFI attacks based on the disclosed faults effects.