Seminar on Security of Embedded Electronic Systems

Home     Presentation     Previous years

Guillaume Bouffard


Next-Gen Attacks against the Java Card Smart Cards

Nowadays, the Java Card security model requires that, to load an application, a trusted authority must check everything sent to the card. Breaking this security mechanism involves executing malicious code inside the card. From the state-of-the-art software attacks, some vulnerabilities were be disclosed.

During this presentation, we will discover how the Java Card security model is organized upon the real use cases. Next, state-of-the-art attack will be introduced and described to run run illegal instructions in order to obtain the deep secret of the card. Finally, we will discover how informations disclosed on development card can be exploited on cards on production cycle life.