research-article

Attack model for verification of interval security properties for smart card C codes

Authors:

P. Berthomé,

K. Heydemann,

X. Kauffmann-Tourkestansky,

J.-F. LalandeAuthors Info & Claims

PLAS '10: Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security

Article No.: 2, Pages 1 - 12

https://doi.org/10.1145/1814217.1814219

Published: 10 June 2010 Publication History

Get Access

Abstract

Smart card programs are subject to physical attacks that disturb the execution of the embedded code. These attacks enable attackers to steal valuable information or to force a malicious behavior upon the attacked code. This paper proposes a methodology to check interval security properties on smart card source codes. The goal is to identify critical attacks that violate these security properties. The verification takes place at source-level and considers all possible attacks thanks to a proposed source-level model of physical attacks. The paper defines an equivalence relation between attacks and shows that a code can be divided into areas where attacks are equivalent. Thus, verifying an interval security property considering all the possible attacks requires to verify as many codes as the number of equivalence classes. This paper provides a reduction algorithm to define the classes i.e. the minimal number of attacked codes that covers all possible attacks. The paper also proposes a solution to make the property verification possible for large codes or codes having unknown source parts.

References

[1]

Smartcard Integrated Circuit Protection Profile, September 1998. PP/9806.

Google Scholar

[2]

R. Anderson and M. Kuhn. Tamper resistance - a cautionary note. In The second USENIX Workshop on Electronic Commerce, pages 1--11, Oakland, California, November 1996.

Digital Library

Google Scholar

[3]

H. Bar-El, H. Choukri, D. Naccache, M. Tunstall, and C. Whelan. The sorcerer's apprentice guide to fault attacks. Proceedings of the IEEE, 94(2):370--382, February 2006.

Crossref

Google Scholar

[4]

P. Baudin, J.-C. Filliâtre, C. Marché, B. Monate, Y. Moy, and V. Prevosto. ACSL: ANSI/ISO C specification language. Technical report, CEA LIST and INRIA, 2009--2010. Preliminary Design (v 1.4).

Google Scholar

[5]

E. Biham and A. Shamir. Differential fault analysis of secret key cryptosystems. In Advances in Cryptology - CRYPTO '97, volume 1294 of Lecture Notes in Computer Science, pages 513--525, Santa Barbara, California, USA, August 1997. Springer Berlin/Heidelberg.

Crossref

Google Scholar

[6]

D. Boneh, R. A. DeMillo, and R. J. Lipton. On the importance of checking cryptographic protocols for faults. In Advances in Cryptology - EUROCRYPT '97, volume 1233 of Lecture Notes in Computer Science, pages 37--51, Konstanz, Germany, January 1997. Springer Berlin/Heidelberg.

Digital Library

Google Scholar

[7]

L. Correnson, P. Cuoq, A. Puccetti, and J. Signoles. Frama-C User Manual. CEA LIST, 2010.

Google Scholar

[8]

P. Cuoq and V. Prevosto. Frama-C's value analysis plug-in. Technical report, CEA LIST, 2010.

Google Scholar

[9]

E. Hess, N. Janssen, B. Meyer, and T. Schütze. Information leakage attacks against smart card implementations of cryptographic algorithms and countermeasures -- a survey. In Eurosmart Security Conference, pages 55--64, Marseilles, France, June 2000.

Google Scholar

[10]

O. Kömmerling and M. G. Kuhn. Design principles for tamper-resistant smartcard processors. In USENIX Workshop on Smartcard Technology, pages 9--20, Chicago, Illinois, USA, May 1999.

Digital Library

Google Scholar

[11]

S. S. Muchnick. Advanced Compiler Design and Implementation. Morgan Kaufmann, 1998.

Digital Library

Google Scholar

[12]

W. Rankl and W. Effing. Smart Card Handbook. John Wiley And Sons, 2003.

Digital Library

Google Scholar

[13]

B. Schneier. Attack trees. Dr. Dobb's journal, 24(12):21--29, 1999.

Google Scholar

[14]

P. Teuwen. How to Make Smartcards Resistant to Hackers' Lightsabers? In J. Guajardo and B. Preneel and A.-R. Sadeghi and P. Tuyls, editor, Foundations for Forgery-Resilient Cryptographic Hardware, pages 1--8, Dagstuhl, 2010.

Google Scholar

Cited By

View all

Kosmatov NSignoles J(2016)Frama-C, A Collaborative Framework for C Code Verification: Tutorial SynopsisRuntime Verification10.1007/978-3-319-46982-9_7(92-115)Online publication date: 20-Sep-2016
https://doi.org/10.1007/978-3-319-46982-9_7
Kirchner FKosmatov NPrevosto VSignoles JYakobowski B(2015)Frama-C: A software analysis perspectiveFormal Aspects of Computing10.1007/s00165-014-0326-727:3(573-609)Online publication date: 9-Jan-2015
https://doi.org/10.1007/s00165-014-0326-7
Christofi MChetali BGoubin LVigilant D(2013)Formal verification of a CRT-RSA implementation against fault attacksJournal of Cryptographic Engineering10.1007/s13389-013-0049-33:3(157-167)Online publication date: 15-Feb-2013
https://doi.org/10.1007/s13389-013-0049-3
Show More Cited By

Index Terms

Attack model for verification of interval security properties for smart card C codes
1. Computing methodologies
  1. Modeling and simulation
    1. Model development and analysis
      1. Model verification and validation
2. Hardware
  1. Hardware test
  2. Robustness

Recommendations

Formally verified software countermeasures for control-flow integrity of smart card C code
Abstract
Fault attacks can target smart card programs to disrupt an execution and take control of the data or the embedded functionalities. Among all possible attacks, control-flow attacks aim at disrupting the normal execution flow. ...
High Level Model of Control Flow Attacks for Smart Card Functional Security
ARES '12: Proceedings of the 2012 Seventh International Conference on Availability, Reliability and Security

Smart card software has to implement software countermeasures to face attacks. Some of these attacks are physical disruptions of chip components that cause a misbehavior in the code execution. A successful functional attack may reveal a secret or grant ...
Software Countermeasures for Control Flow Integrity of Smart Card C Codes
Computer Security - ESORICS 2014
Abstract
Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. Among all possible attacks, control flow attacks aim at disrupting the normal execution flow. ...

Comments

Information & Contributors

Information

Published In

PLAS '10: Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security

June 2010

77 pages

ISBN:9781605588278

DOI:10.1145/1814217

Conference Chairs:
Anindya Banerjee
IMDEA Software Institute
,
Deepak Garg
Carnegie Mellon University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 June 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

PLDI '10

Sponsor:

SIGPLAN

PLDI '10: ACM SIGPLAN Conference on Programming Language Design and Implementation

June 10, 2010

Toronto, Canada

Acceptance Rates

Overall Acceptance Rate 43 of 77 submissions, 56%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
227
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Kosmatov NSignoles J(2016)Frama-C, A Collaborative Framework for C Code Verification: Tutorial SynopsisRuntime Verification10.1007/978-3-319-46982-9_7(92-115)Online publication date: 20-Sep-2016
https://doi.org/10.1007/978-3-319-46982-9_7
Kirchner FKosmatov NPrevosto VSignoles JYakobowski B(2015)Frama-C: A software analysis perspectiveFormal Aspects of Computing10.1007/s00165-014-0326-727:3(573-609)Online publication date: 9-Jan-2015
https://doi.org/10.1007/s00165-014-0326-7
Christofi MChetali BGoubin LVigilant D(2013)Formal verification of a CRT-RSA implementation against fault attacksJournal of Cryptographic Engineering10.1007/s13389-013-0049-33:3(157-167)Online publication date: 15-Feb-2013
https://doi.org/10.1007/s13389-013-0049-3
Cuoq PKirchner FKosmatov NPrevosto VSignoles JYakobowski B(2012)Frama-CProceedings of the 10th international conference on Software Engineering and Formal Methods10.1007/978-3-642-33826-7_16(233-247)Online publication date: 1-Oct-2012
https://dl.acm.org/doi/10.1007/978-3-642-33826-7_16

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Formally verified software countermeasures for control-flow integrity of smart card C code

High Level Model of Control Flow Attacks for Smart Card Functional Security

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Formally verified software countermeasures for control-flow integrity of smart card C code

High Level Model of Control Flow Attacks for Smart Card Functional Security

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations