Skip to main content
SpringerLink
Log in

Java Type Confusion and Fault Attacks

  • Conference paper
Fault Diagnosis and Tolerance in Cryptography (FDTC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4236))

Abstract

Virtual machines executing high level languages are nowadays found even in small secure embedded systems. We have studied properties of the Java virtual machine and the Java virtual machine language under certain fault attacks. Focused glitching attacks may enforce type confusion situations. Defensive Java virtual machine is prosed as a counter-measure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lawton, G.: Moving Java into mobile phones. Computer 35(6), 17–20 (2002)

    Article  Google Scholar 

  2. Baentsch, M., Buhler, P., Eirich, T., Hring, F., Oestreicher, M.: JavaCard – from hype to reality. IEEE Concurrency 7(4), 36–43 (1999)

    Article  Google Scholar 

  3. Levis, P., Culler, D.: Maté: a tiny virtual machine for sensor networks. In: ASPLOS-X: Proceedings of the 10th international conference on Architectural support for programming languages and operating systems, pp. 85–95. ACM Press, New York (2002)

    Chapter  Google Scholar 

  4. Naccache, D.: Finding faults. IEEE Security & Privacy, 61–65 (2005)

    Google Scholar 

  5. Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer’s apprentice guide to fault attacks. In: Workshop on Fault Diagnosis and Tolerance in Cryptography (2004), http://www.gemplus.com/smart/rd/publications/pdf/BCN_04sor.pdf

  6. Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  7. Skorobogatov, S., Anderson, R.: Optical fault induction attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Moore, S., Anderson, R., Cunningham, P., Mullins, R., Taylor, G.: Improving smart card security using self-timed circuits. In: ASYNC 2002: Proceedings of the 8th International Symposium on Asynchronus Circuits and Systems, Washington, DC, USA, p. 211. IEEE Computer Society, Los Alamitos (2002)

    Chapter  Google Scholar 

  9. Govindavajhala, S., Appel, A.W.: Using memory errors to attack a virtual machine. In: Proceedings of 2003 IEEE Symposium on Security and Privacy, pp. 154–165 (2003)

    Google Scholar 

  10. Stärk, R., Schmid, J., Börger, E.: JavaTM and the JavaTM Virtual Machine, Definition, Verification, Validation. Springer, Heidelberg (2001)

    MATH  Google Scholar 

  11. Cohen, R.M.: The defensive Java virtual machine specification version 0.5. Technical report, Computational Logic Inc., Austin, Texas (1997)

    Google Scholar 

  12. Ravi, S., Raghunathan, A., Chakradhar, S.: Tamper resistance mechanisms for secure, embedded systems. In: VLSID 2004: Proceedings of the 17th International Conference on VLSI Design, Washington, DC, USA, p. 605. IEEE Computer Society, Los Alamitos (2004)

    Chapter  Google Scholar 

  13. Hoglund, G., McGraw, G.: Exploiting Software, How to break code. Addison-Wesley, Reading (2004)

    Google Scholar 

  14. Venners, B.: Inside the Java Virtual Machine, 2nd edn. McGraw-Hill, New York (2000)

    Google Scholar 

  15. Sun Microsystems Inc. Palo Alto, California: Java Card 2.2 Run-Time Environment (JCRE) Specification (2002)

    Google Scholar 

  16. Witteman, M.: Java card security. Information Security Bulletin 8, 291–298 (2003)

    Google Scholar 

  17. Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: USENIX Workshop on Smartcard Technology (Smartcard 1999), pp. 9–20 (1999)

    Google Scholar 

  18. Dodd, P.E., Massengill, L.W.: Basic mechanims and modeling of single-event upset in digital electronics. IEEE Transactions on Nuclear Science 50(3), 583–602 (2003)

    Article  Google Scholar 

  19. Gagnon, E.: A Portable Research Framework for the Execution of Java Bytecode. Ph.D thesis, School of Computer Science, McGill University, Montreal (2002)

    Google Scholar 

  20. Aycock, J.: A brief history of just-in-time. ACM Comput. Surv. 35(2), 97–113 (2003)

    Article  Google Scholar 

  21. Alpern, B., Attanasio, C.R., Barton, J.J., Burke, M.G., Cheng, P., Choi, J.D., Cocchi, A., Fink, S.J., Grove, D., Hind, M., Hummel, S.F., Lieber, D., Litvinov, V., Mergen, M.F., Ngo, T., Russell, J.R., Sarkar, V., Serrano, M.J., Shepherd, J.C., Smith, S.E., Sreedhar, V.C., Srinivasan, H., Whaley, J.: The Jalapeño virtual machine. IBM System Journal 39(1) (2000)

    Google Scholar 

  22. Schultz, U.P., Burgaard, K., Christensen, F.G., Knudsen, J.L.: Compiling Java for low-end embedded systems. In: LCTES 2003: Proceedings of the 2003 ACM SIGPLAN conference on Language, compiler, and tool for embedded systems, pp. 42–50. ACM Press, New York (2003)

    Chapter  Google Scholar 

  23. Debbabi, M., Gherbi, A., Ketari, L., Talhi, C., Yahyaoui, H., Zhioua, S.: A synergy between efficient interpretation and fast selective dynamic compilation for the acceleration of embedded Java virtual machines. In: PPPJ 2004: Proceedings of the 3rd international symposium on Principles and practice of programming in Java, Trinity College Dublin, pp. 107–113 (2004)

    Google Scholar 

  24. Deville, D., Grimaud, G.: On board compiling in the very small. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362. Springer, Heidelberg (2005)

    Google Scholar 

  25. Porthouse, C.: High performance Java on embedded devices, JazelleTM technology: ARMTM accelerator technology for the JavaTM platform, white paper (2004), http://www.arm.com/pdfs/JazelleWhitePaper.pdf

  26. McGhan, H., O’Connor, M.: PicoJava: A direct execution engine for Java bytecode. Computer 31(10), 22–30 (1998)

    Article  Google Scholar 

  27. NanoAmp Solutions Inc: The MOCA-J Accelerator: Memory Oriented Coprocessor Accelerator for the J2METM Platform, http://www.nanoamp.com/MOCA-J

  28. Radhakrishnan, R., Bhargava, R., John, L.K.: Improving Java performance using hardware translation. In: ICS 2001: Proceedings of the 15th international conference on Supercomputing, pp. 427–439. ACM Press, New York (2001)

    Chapter  Google Scholar 

  29. Oi, H.: Instruction folding in a hardware-translation based Java virtual machine. In: CF 2006: Proceedings of the 3rd conference on Computing frontiers, pp. 139–146. ACM Press, New York (2006)

    Chapter  Google Scholar 

  30. Azevedo, A., Kejariwal, A., Veidenbaum, A., Nicolau, A.: High performance annotation-aware JVM for Java Cards. In: EMSOFT 2005: Proceedings of the 5th ACM international conference on Embedded software, pp. 52–61. ACM Press, New York (2005)

    Chapter  Google Scholar 

  31. Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. The JavaTM Series. Addison-Wesley Professional, Reading (1997)

    Google Scholar 

  32. Chaumette, S., Sauveron, D.: An efficient and simple way to test the security of Java CardsTM. In: Security in Information Systems, Proceedings of the 3rd International Workshop on Security in Information Systems (WOSIS 2005), pp. 331–341 (2005)

    Google Scholar 

  33. Mitra, S., Seifert, N., Zhang, M., Shi, Q., Kim, K.S.: Robust system design with built-in soft-error resilience. Computer 38(2), 43–52 (2005)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Kuopio, Microkatu 1, 70210, Kuopio, Finland

    Olli Vertanen

Authors
  1. Olli Vertanen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electronics and Information Technology, Politecnico di Milano, Milano, Italy

    Luca Breveglieri

  2. Department of Electrical and Computer Engineering,, University of Massachusetts, Amherst, MA, USA

    Israel Koren

  3. École normale supérieure, Équipe de cryptographie, 45 rue d’Ulm, F-75230, Paris cedex 05, France

    David Naccache

  4. Institute for Computer Science, University of Innsbruck, 6020, Innsbruck, Austria

    Jean-Pierre Seifert

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vertanen, O. (2006). Java Type Confusion and Fault Attacks. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, JP. (eds) Fault Diagnosis and Tolerance in Cryptography. FDTC 2006. Lecture Notes in Computer Science, vol 4236. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11889700_21

Download citation

  • DOI: https://doi.org/10.1007/11889700_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-46250-7

  • Online ISBN: 978-3-540-46251-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation