research-article

Memory-efficient on-card byte code verification for Java cards

Authors:

Ernst HaselsteinerAuthors Info & Claims

CS2 '14: Proceedings of the First Workshop on Cryptography and Security in Computing Systems

Pages 37 - 40

https://doi.org/10.1145/2556315.2556323

Published: 20 January 2014 Publication History

Get Access

Abstract

Java enabled smart cards are widely used to store confidential information in a trusted and secure way in an untrusted and insecure environment, for example the credit card in your briefcase. In this environment the owner of the card can install and run any applet on his card, such as the loyalty application of your favorite store. However, every applet that runs on a trusted card has to be verified. On-card Bytecode Verification is a crucial step towards creating a trusted environment on the smart cards. The innovative verification method presented in this work comes without any additional off-card component and uses nearly the same amount of memory as the execution of the applet uses. The usage of a Control Flow Graph and Basic Blocks and the implementation of a temporary transformation of the methods reduces the complexity of this new verifier. We will show a detailed analysis of the implemented algorithm and preliminary tests of a prototype on a Java Card.

References

[1]

R. Akram, K. Markantonakis, and K. Mayes. A Paradigm Shift in Smart Card Ownership Model. In International Conference on Computational Science and Its Applications (ICCSA), 2010, March 2010.

Digital Library

Google Scholar

[2]

C. Bernardeschi, L. Martini, and P. Masci. Java bytecode verification with dynamic structures. In International Conference on Software Engineering and Applications (SEA), Cambridge, MA, USA, 2004.

Google Scholar

[3]

D. Deville and G. Grimaud. Building an "impossible" verifier on a java card. In Proceedings of the 2nd conference on Industrial Experiences with Systems Software - Volume 2, Berkeley, CA, USA, 2002. USENIX Association.

Digital Library

Google Scholar

[4]

J. Gosling. Java intermediate bytecodes. ACM SIGPLAN workshop on intermediate representations (IR'95), 30(3):111--118, 1995.

Digital Library

Google Scholar

[5]

X. Leroy. Bytecode verification on Java smart cards. Software: Practice and Experience, 32(4):319--340, 2002.

Digital Library

Google Scholar

[6]

D. Naccache, A. Tchoulkine, C. Tymen, and E. Trichina. Reducing the memory complexity of type-inference algorithms. In Information and Communications Security, volume 2513 of Lecture Notes in Computer Science, pages 109--121. Springer Berlin/Heidelberg, 2002.

Digital Library

Google Scholar

[7]

Oracle. Virtual Machine Specification. Java Card Platform, Version 3.0.4, Classic Edition, 2011.

Google Scholar

[8]

Oracle. Java card 3 platform off-card verification tool specification, classic edition. Beta Draft Version 1.0, Oracle, February 2012.

Google Scholar

[9]

E. Rose and K. H. Rose. Lightweight Bytecode Verification. Journal of Automated Reasoning, 31:303--334, 2003.

Digital Library

Google Scholar

[10]

M. Witteman. Java Card Security. Information Security Bulletin, July 2003.

Google Scholar

Cited By

View all

Lancia JBouffard G(2015)Java Card Virtual Machine Compromising from a Bytecode Verified AppletRevised Selected Papers of the 14th International Conference on Smart Card Research and Advanced Applications - Volume 951410.1007/978-3-319-31271-2_5(75-88)Online publication date: 4-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-319-31271-2_5
Bouffard GLackner MLanet JLoinig J(2015)Heap $$\ldots $$ Hop! Heap Is Also VulnerableSmart Card Research and Advanced Applications10.1007/978-3-319-16763-3_2(18-31)Online publication date: 17-Mar-2015
https://doi.org/10.1007/978-3-319-16763-3_2
Eletriby MSobh MEldin AFahmy H(2014)High Performance Java Card Operating SystemProceedings of the 2014 Eighth International Conference on Software Security and Reliability10.1109/SERE.2014.16(30-39)Online publication date: 30-Jun-2014
https://dl.acm.org/doi/10.1109/SERE.2014.16

Index Terms

Memory-efficient on-card byte code verification for Java cards

Recommendations

Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Bytecode verification on Java smart cards

This article presents a novel approach to the problem of bytecode verification for Java Card applets. By relying on prior off-card bytecode transformations, we simplify the bytecode verifier and reduce its memory requirements to the point where it can ...
Java bytecode verification on Java cards
SAC '04: Proceedings of the 2004 ACM symposium on Applied computing

A Java program is usually translated into an intermediate language, known as Java Virtual Machine Language (JVML), which is then executed by a Java Virtual Machine (JVM). Before its execution a JVML program is verified to prevent a wide range of run-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CS2 '14: Proceedings of the First Workshop on Cryptography and Security in Computing Systems

January 2014

56 pages

ISBN:9781450324847

DOI:10.1145/2556315

General Chairs:
Jens Knoop
TU Vienna, Austria
,
Valentina Salapura
IBM
,
Program Chairs:
Israel Koren
University of Massachusetts Amherst
,
Gerardo Pelosi
Politecnico di Milano

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 January 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Bundesministerium für Verkehr, Innovation und Technologie

Conference

CS2

Sponsor:

HiPEAC

CS2: Cryptography and Security in Computing Systems

January 20, 2014

Vienna, Austria

Acceptance Rates

CS2 '14 Paper Acceptance Rate 6 of 26 submissions, 23%;

Overall Acceptance Rate 27 of 91 submissions, 30%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
83
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Lancia JBouffard G(2015)Java Card Virtual Machine Compromising from a Bytecode Verified AppletRevised Selected Papers of the 14th International Conference on Smart Card Research and Advanced Applications - Volume 951410.1007/978-3-319-31271-2_5(75-88)Online publication date: 4-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-319-31271-2_5
Bouffard GLackner MLanet JLoinig J(2015)Heap $$\ldots $$ Hop! Heap Is Also VulnerableSmart Card Research and Advanced Applications10.1007/978-3-319-16763-3_2(18-31)Online publication date: 17-Mar-2015
https://doi.org/10.1007/978-3-319-16763-3_2
Eletriby MSobh MEldin AFahmy H(2014)High Performance Java Card Operating SystemProceedings of the 2014 Eighth International Conference on Software Security and Reliability10.1109/SERE.2014.16(30-39)Online publication date: 30-Jun-2014
https://dl.acm.org/doi/10.1109/SERE.2014.16

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Java Card Technology for Smart Cards: Architecture and Programmer's Guide

Bytecode verification on Java smart cards

Java bytecode verification on Java cards