Java Card Virtual Machine Compromising from a Bytecode Verified Applet
Autor: | Julien Lancia, Guillaume Bouffard |
---|---|
Přispěvatelé: | THALES COMMUNICATIONS & SECURITY, THALES, Agence nationale de la sécurité des systèmes d'information (ANSSI) |
Jazyk: | angličtina |
Rok vydání: | 2015 |
Předmět: |
OpenPGP card
Java Computer science business.industry computer.software_genre BCV vulnerabilities Oracle Java Card Bytecode [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] Real time Java Operating system Software Attack Smart card business Java applet computer computer.programming_language |
Zdroj: | Smart Card Research and Advanced Applications-14th International Conference, CARDIS 2015 Smart Card Research and Advanced Applications-14th International Conference, CARDIS 2015, Nov 2015, Bochum, Germany. pp.75-88, ⟨10.1007/978-3-319-31271-2_5⟩ Smart Card Research and Advanced Applications ISBN: 9783319312705 CARDIS |
DOI: | 10.1007/978-3-319-31271-2_5⟩ |
Popis: | International audience; The Byte Code Verifier (BCV) is one of the most important security element in the Java Card environment. Indeed, embedded applets must be verified prior installation to prevent ill-formed applet loading. In this article, we disclose a flaw in the Oracle BCV which affects the applet linking process and can be exploited on real world Java Card smartcards. We describe our exploitation of this flaw on a Java Card implementation that enables injecting and executing arbitrary native malicious code in the communication buffer from a verified applet. This native execution allows snapshotting the smart card memory with OS rights. |
Databáze: | OpenAIRE |
Externí odkaz: |