Software Countermeasures for Control Flow Integrity of Smart Card C Codes
作者: Jean-François Lalande , Karine Heydemann , Pascal Berthomé
DOI: 10.1007/978-3-319-11212-1_12
关键词:
摘要: Fault attacks can target smart card programs in order to disrupt an execution and gain advantage over the data or embedded functionalities. Among all possible attacks, control flow aim at disrupting normal flow. Identifying harmful as well designing countermeasures software level are tedious tricky for developers. In this paper, we propose a methodology detect intra-procedural jump source code automatically inject formally-proven countermeasures. The proposed defeat 100% of that least two C statements beyond. Experiments show resulting is also hardened against unexpected function calls assembly level.
springer.com
archives-ouvertes.fr
sci-hub.st 参考文章(34)
Julien Iguchi-Cartigny, Jean-Louis Lanet, Dieter Gollmann, Smart Card Research and Advanced Application ,(2011)
Guillaume Barbu, Guillaume Duc, Philippe Hoogvorst, Java Card Operand Stack: Fault Attacks, Combined Attacks and Countermeasures Smart Card Research and Advanced Applications. pp. 297- 313 ,(2011) , 10.1007/978-3-642-27257-8_19
Amine Dehbaoui, Amir-Pasha Mirbaha, Nicolas Moro, Jean-Max Dutertre, Assia Tria, Electromagnetic glitch on the AES round counter international workshop constructive side channel analysis and secure design. pp. 17- 31 ,(2013) , 10.1007/978-3-642-40026-1_2
Alessandro Barenghi, Elena Trichina, Fault Attacks on Stream Ciphers Fault Analysis in Cryptography. pp. 239- 255 ,(2012) , 10.1007/978-3-642-29656-7_14
Guillaume Bouffard, Julien Iguchi-Cartigny, Jean-Louis Lanet, Combined Software and Hardware Attacks on the Java Card Control Flow Smart Card Research and Advanced Applications. pp. 283- 296 ,(2011) , 10.1007/978-3-642-27257-8_18
Fault Analysis in Cryptography Springer Publishing Company, Incorporated. ,(2012) , 10.1007/978-3-642-29656-7
Guillaume Bouffard, Bhagyalekshmy N. Thampi, Jean-Louis Lanet, Detecting Laser Fault Injection for Smart Cards Using Security Automata international symposium on security in computing and communication. pp. 18- 29 ,(2013) , 10.1007/978-3-642-40576-1_3
A.M. Fiskiran, R.B. Lee, Runtime execution monitoring (REM) to detect and prevent malicious code execution international conference on computer design. pp. 452- 457 ,(2004) , 10.1109/ICCD.2004.1347961
M.R. Guthaus, T. Mudge, R.B. Brown, D. Ernst, T.M. Austin, J.S. Ringenberg, MiBench: A free, commercially representative embedded benchmark suite ieee international symposium on workload characterization. pp. 3- 14 ,(2001) , 10.1109/WWC.2001.15
Yuqun Chen, Ramarathnam Venkatesan, Matthew Cary, Ruoming Pang, Saurabh Sinha, Mariusz H. Jakubowski, Oblivious Hashing: A Stealthy Software Integrity Verification Primitive information hiding. pp. 400- 414 ,(2002) , 10.1007/3-540-36415-3_26