Mohammed Amine Kasmi, Mostafa Azizi, Jean-Louis Lanet
언어
영어(ENG)
URL
https://www.earticle.net/Article/A269800
※ 원문제공기관과의 협약기간이 종료되어 열람이 제한될 수 있습니다.
원문정보
초록
영어
Side-channel Analysis (SCA) has become a reliable method for cryptanalysts to break cryptographic algorithms. Recently, SCA is used to reverse engineer the applet bytecodes on Java based smart cards. In addition of Power Analysis, other techniques of SCA exist, such as Electromagnetic Analysis (EMA). EMA of smart cards is a powerful technique that allows extracting information about the executed bytecode as well as about the processed data. In our work, we study the possibility to apply reverse engineering upon a Java Card applet in which the virtual machine is obfuscated by using SCA techniques. Even if this process of bytecode obfuscation is an effective way to prevent execution of an arbitrary and malicious bytecode, we believe that it can be systematically bypassed regardless the level of the platform encryption under the reverse engineering trails. In this paper, we present a methodology that could be used to find out the encryption key of the obfuscation process using the reverse engineering process through SCA. To perform reverse engineering, a white box approach providing access to the Java Card is needed in a learning stage, and then the technique used can be used on a black box approach where the code of applications is not accessible at the matching stage.
목차
Abstract 1. Introduction 2. Issue Raised by Code Injection 3. Logical attack « EMAN2 » 4. The Bfuscation Process 5. Reverse Engineering Methodology 5.1. Related Work in Term of Reverse Engineering 5.2. Our Acquisition Platform 6. Reverse Engineering Process 6.1. Learning Stage 6.2. Matching Stage 6.3. New Idea for the Reverse Engineering Process 6.4. Find the Encryption Key 7. Conclusion and Perspectives Appendix References
보안공학연구지원센터(IJSIA) [Science & Engineering Research Support Center, Republic of Korea(IJSIA)]
설립연도
2006
분야
공학>컴퓨터학
소개
1. 보안공학에 대한 각종 조사 및 연구
2. 보안공학에 대한 응용기술 연구 및 발표
3. 보안공학에 관한 각종 학술 발표회 및 전시회 개최
4. 보안공학 기술의 상호 협조 및 정보교환
5. 보안공학에 관한 표준화 사업 및 규격의 제정
6. 보안공학에 관한 산학연 협동의 증진
7. 국제적 학술 교류 및 기술 협력
8. 보안공학에 관한 논문지 발간
9. 기타 본 회 목적 달성에 필요한 사업
간행물
간행물명
International Journal of Security and Its Applications
간기
격월간
pISSN
1738-9976
수록기간
2008~2016
등재여부
SCOPUS
십진분류
KDC 505DDC 605
이 권호 내 다른 논문 / International Journal of Security and Its Applications Vol.9 No.11