Skip to Main content Skip to Navigation
Conference papers

Synchronized Attacks on Multithreaded Systems - Application to Java Card 3.0

Abstract : Up to now devices in charge of performing secure transactions mainly remained limited regarding their functionalities. However the trend has recently gone towards an increasing integration of features and technologies, which could potentially represent a source of additional threats. This article introduces an innovative attack exploiting advanced functionalities and offering unrivalled opportunities. This attack targets specifically the multithreaded systems featuring network capabilities. By the way of a network flooding we show how a process can be interrupted at the precise time a sensitive operation is being executed. This interruption aims at subsequently modifying the execution context and consequently breaking the sensitive operation. The practical feasibility of this attack is illustrated on a Java Card 3.0 Connected Edition platform. This description reveals that going through with the full attack scenario is not obvious. However this apparent complexity must not conceal the potential breach, which may significantly alter any application running on the system. Finally the goal of this work is to emphasize that the increasing products complexity may generate new security issues rather than to highlight a specific weakness on released products.
Complete list of metadatas

Cited literature [14 references]  Display  Hide  Download
Contributor : Guillaume Barbu <>
Submitted on : Saturday, April 28, 2012 - 6:22:07 PM
Last modification on : Thursday, March 5, 2020 - 4:28:27 PM
Document(s) archivé(s) le : Sunday, July 29, 2012 - 2:45:08 AM


Files produced by the author(s)



Guillaume Barbu, Hugues Thiebeauld. Synchronized Attacks on Multithreaded Systems - Application to Java Card 3.0. 10th Smart Card Research and Advanced Applications (CARDIS), Sep 2011, Leuven, Belgium. pp.18-33, ⟨10.1007/978-3-642-27257-8_2⟩. ⟨hal-00692172⟩



Record views


Files downloads