Attack model for verification of interval security properties for smart card C codes

Abstract : Smart card programs are subject to physical attacks that disturb the execution of the embedded code. These attacks enable attackers to steal valuable information or to force a malicious behavior upon the attacked code. This paper proposes a methodology to check interval security properties on smart card source codes. The goal is to identify critical attacks that violate these security properties. The verification takes place at source-level and considers all possible attacks thanks to a proposed source-level model of physical attacks. The paper defines an equivalence relation between attacks and shows that a code can be divided into areas where attacks are equivalent. Thus, verifying an interval security property considering all the possible attacks requires to verify as many codes as the number of equivalence classes. This paper provides a reduction algorithm to define the classes i.e. the minimal number of attacked codes that covers all possible attacks. The paper also proposes a solution to make the property verification possible for large codes or codes having unknown source parts.
Document type :
Conference papers
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-00476478
Contributor : Jean-François Lalande <>
Submitted on : Monday, April 26, 2010 - 3:16:28 PM
Last modification on : Tuesday, April 2, 2019 - 1:39:24 AM

Identifiers

Citation

Pascal Berthomé, Karine Heydemann, Xavier Kauffmann-Tourkestansky, Jean-François Lalande. Attack model for verification of interval security properties for smart card C codes. PLAS '10 - 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, Jun 2010, Toronto, Canada. ACM, pp.2:1--2:12, 2010, 〈10.1145/1814217.1814219〉. 〈hal-00476478〉

Share

Metrics

Record views

287