Detecting Attacks on Java Cards by Fingerprinting Applets

摘要

Differently from classical JVMs, generally JavaCard Virtual Machines (JCVMs) rely only on limited amount of resources typical of smart cards. Recently, several mixes of logical and physical manoeuvres have been devised to exploit typical JCVM weaknesses and to have mutant applets by means e.g. of faults injection. Such combined attacks manage to bypass the existing countermeasures of several versions of JCVMs. This paper proposes an approach for detecting mutant applets, as soon as they appear at runtime, hence revealing and thwarting an ongoing attack. The approach is completely transparent to the applet's developer, and only a limited (a priori computable) amount of resources are used at runtime, hence it is affordable on board of smart cards. Our experiments have shown that the proposed solution has only a very limited impact on the performances of the target platform.