| As a secure data processing and storage media, smart card has been more and morewidely used in daily life. At the meanwhile, smart card, especially Java Card Platform isalso faced increasing security threats. Since the latest Java Card3.0specification wasreleased, the security features of Java Card Platform has been deeply improved with themandatory on card byte code verification process, which should have terminated thetraditional logical attack based on manually crafted byte code of CAP files before theyloaded to card, but when logical attack cooperated with fault attack, which initially used inthe context of cryptography community, there formed a new kind of attack which calledcombined attack, and severely challenges the security of smart card.After the case learning of combined attack, this thesis summarizes two typical kind ofcombined attack, byte code attack and operand stack attack respectively, and analyzes thealready exists countermeasures of each attack, point out the limitations and inadequaciesof each countermeasures, and also proposed the improved countermeasures for bothattacks. As for byte code attack, NOP instruction is exploited by malicious code, so thisthesis introduces White List for NOP instructions; As for operand stack, frames and localvariables should be protected as while as stack pointer. At the same time, this thesis alsooffers a simulator for fault attack on smart card, and verifies the improvedcountermeasures of both attacks with the help of fault attack simulator. By analyzes theexperimental data, state out the advances of the improved countermeasures.Experiments show that the improved countermeasures provides the better run-timeprotection against combined attack, has a better chance to detect the fault attack, andreached a balance between security and run-time overhead. |
PDF Full Text Request