CCIS Seminar - Wednesday 7 January 2009 - Amphi H of Ensimag
13:30:00 - Salle de Amphi H of Ensimag

Jean-Louis Lanet, Universite de Limoges XLIM

Code Injection in Smart Cards

Abstract: Presentation of Embedded System (In)Security Workshop We present a method to create an hostile ill-formed applet in Javacard if an attacker has the rights to download applet in the smart card and the card has no bytecode verifier. For this we use two weakness in the Java card specifications 3.0 (the classic edition) : one about static fields not checked by firewall under certain conditions, and another one about the on-board linking process. Once downloaded, our malicious applet is able to search for pattern in other applets (even if they are not in the same package and we have no rights on them) and replace bytecodes to bypass important security checks.


Home page CCIS Seminars
How to come to Amphi H of Ensimag -