| Java Card as a secure data storage and interaction media.It is widely used in finance,insurance,communications and many other fields,because of their characteristics of platform-independent,multi-application,large storage capacity and high security.As the above areas involve the national economy and people's livelihood,information security is particularly important.So,the Java Card platform provids some security mechanisms to protect the data.Among them,Byte Code Verification(BCV)is the most important security line.It is in charge of detecting some malicious code before loading on the Java Card,preventing from software attacks and combined attacks.However,it is not always sufficient against software attacks based on flaws in the JCVM implementation itself and against combined attacks.So,this paper takes the Java Card as the research object anddevelops around the combined attack.The main work of this paper includes the following three aspects:Firstly,a new method of software attack is presented based on extensive research of traditional software attack schemes.From the point of view of the difference in the design of the card itself,the software attack is based on flaw of firewall in some specific JCVM implementation.Due to,most of the articles are researched for a certain series of platforms,they ignore a very important fact that the products from difference manufactures have difference in JCVM implementation.Therefore,this paper presents the software attack on the PIN.Secondly,conducting the combined attack experiment based on the Java card platform build in this paper.However,the experiment has the defect of inaccurate fault injection position,resulting in a low success rate of joint attack.And then the precision of fault injection plays an important role in the success rate of joint attacks.Finally,using the method that is proposed by Julien to optimize the success rate of joint attacks solves the problem of difficulty in localization in the combined attacks,and improvs the combined attack of getfiled bytecode.In fact,the program is improved from two aspects.On one hand,the type confusion performed between two instance fields becomes between two objects,On the other hand,using the method that are proposed by Julien to raise the chance of success of the fault injection part of a combined attack by evading the localization constraints of the physical attack.By this way,not only it can optimize the success rate of the fault injecting,but it can also forge any reference from a short value without further fault injection.Moreover,the memory does not have to be filled.The most important thing is that offer a new alternative to perform type confusion with a lower footprint in term of memory usage.The results of simulation experiments show that the improved combined attack scheme for getfiled bytecode is feasible. |
PDF Full Text Request