Instruction Randomization, or When the Attacker Gets Lost in Translation. Accepted Talk at Chip-to-Cloud'12 Security Forum, 2012. ,
Fault Attacks on Java Card 3 Virtual Machine. Accepted Talk at e-Smart'09, 2009. ,
Combined Attacks on Java Card 3 -Type Confusion Issues. Accepted Talk at e-Smart'10, 2010. ,
Java Card Operand Stack:??Fault Attacks, Combined Attacks and Countermeasures, Smart Card Research and Advanced Applications, 10th International Conference ? CARDIS 2011, pp.297-313, 2011. ,
DOI : 10.1007/978-3-642-27257-8_19
URL : https://hal.archives-ouvertes.fr/hal-00692171
Procédé et Système de Sécurisation d'une Application Logicielle comprenant une Instruction Conditionnelle basée sur une Variable Booléenne, 2011. ,
Embedded Eavesdropping on Java Card, Proceedings of the IFIP International Information Security and Privacy Conference 2012 ? SEC 2012, 2012. ,
DOI : 10.1007/978-3-642-30436-1_4
URL : https://hal.archives-ouvertes.fr/hal-00706186
Application-Replay on Java Card 3, When the Garbage Collector Gets confused. Accepted Talk at e-Smart, 2011. ,
Application-Replay Attack on Java Cards: When the Garbage Collector Gets Confused, Proceedings of the International Symposium on Engineering Secure Software and Systems ? ESSoS 2012, pp.1-13, 2012. ,
DOI : 10.1007/978-3-642-28166-2_1
URL : https://hal.archives-ouvertes.fr/hal-00692173
Tampering with Java Card Exception -The Exception Proves the Rule, Proceedings of the International Conference on Security and Cryptography ? SECRYPT'12. SciTePress Digital Library, 2012. ,
Synchronized Attacks on Multithreaded Systems - Application to Java Card 3.0 -, Smart Card Research and Advanced Applications , 10th International Conference ? CARDIS 2011, pp.18-33, 2011. ,
DOI : 10.1007/978-3-642-27257-8_2
URL : https://hal.archives-ouvertes.fr/hal-00692172
Attacks on Java Card 3.0 Combining Fault and Logical Attacks, Smart Card Research and Advanced Application Conference ? CARDIS 2010, pp.148-163, 2010. ,
DOI : 10.1007/978-3-642-12510-2_11
URL : https://hal.archives-ouvertes.fr/hal-00692165
Power Analysis for Secret Recovering and Reverse Engineering of Public Key Algorithms, LNCS, vol.4876, pp.110-125, 2007. ,
DOI : 10.1007/978-3-540-77360-3_8
An Implementation of DES and AES, Secure against Some Attacks, Koç et al. [KNP01], pp.309-318 ,
DOI : 10.1007/3-540-44709-1_26
Man-in-the-middle in tunnelled authentication protocols, Security Protocols, pp.28-41, 2005. ,
Fuzzing on the http protocol implementation in mobile embedded web server, pp.14-27, 2011. ,
Correlation Power Analysis with a Leakage Model, LNCS, vol.3156, pp.16-29, 2004. ,
DOI : 10.1007/978-3-540-28632-5_2
A Tool-Assisted Framework for??Certified??Bytecode??Verification, Lecture Notes in Computer Science, vol.2984, pp.99-113, 2004. ,
DOI : 10.1007/978-3-540-24721-0_7
On the Importance of Checking Cryptographic Protocols for Faults, Advances in Cryptology -EUROCRYPT'97, pp.37-51, 1997. ,
DOI : 10.1007/3-540-69053-0_4
The Sorcerer's Apprentice Guide to Fault Attacks, IEEE, vol.94, issue.2, pp.370-382, 2006. ,
The Sorcerer's Apprentice Guide to Fault Attacks, Proceedings of the IEEE, pp.370-382, 2006. ,
New Threat Model Breaks Crypto Codes. Press Release, 1996. ,
Combined Software and Hardware Attacks on the Java Card Control Flow, Smart Card Research and Advanced Applications, 10th International Conference ? CARDIS 2011, 2011. ,
DOI : 10.1007/978-3-642-27257-8_18
URL : https://hal.archives-ouvertes.fr/hal-00684616
The Next Smart Card Nightmare, Logical Attacks, Combined Attacks, Mutant Applications and Other Funny Things, 2012. ,
URL : https://hal.archives-ouvertes.fr/hal-00684662
RFC 1738: Uniform Resource Locators (URL). The Internet Engineering Task Force, 1994. ,
DOI : 10.17487/rfc1738
Differential fault analysis of secret key cryptosystems, LNCS, vol.1294, pp.513-525, 1997. ,
DOI : 10.1007/BFb0052259
An analysis of the vulnerabilities introduced with the java card 3 connected edition, 2012. ,
Formal development of an embedded verifier for Java Card byte code, Proceedings International Conference on Dependable Systems and Networks, 2002. ,
DOI : 10.1109/DSN.2002.1028886
Java Card Technology for Smart Cards, Architecture and Programmer's Guide, 2000. ,
JCAT: An Environment for Attack and Test on Java Card, pp.270-275, 2003. ,
The Evolution of the Java Security Model, Proceedings of the International Conference on Computer Systems and Technologies (CompSysTech'2005), 2005. ,
Side Channel Cryptanalysis of a Higher Order Masking Scheme, Cryptographic Hardware and Embedded Systems ? CHES 2007, pp.28-44, 2007. ,
DOI : 10.1007/978-3-540-74735-2_3
An Efficient and Simple Way to Test the Security of Java Card, Proceedings of WOSIS'05, pp.331-341, 2005. ,
Reflections on MOP s, Components, and Java Security, Proceedings of the Engineering C of Object-Oriented Programs (ECOOP), volume 2072 of LNCS, 2001. ,
DOI : 10.1007/3-540-45337-7_14
Personal History of the Java Card, 2012. French version originally published in MISC magazine, 2008. ,
Java security: from HotJava to Netscape and beyond, Proceedings 1996 IEEE Symposium on Security and Privacy, 1996. ,
DOI : 10.1109/SECPRI.1996.502681
Differential Fault Analysis on AES, LNCS, vol.2846, pp.293-306, 2003. ,
Univariate side channel attacks and leakage modeling, Journal of Cryptographic Engineering, vol.34, issue.9, pp.123-144, 2011. ,
DOI : 10.1007/s13389-011-0010-2
RFC 4346: The Transport Layer Security (TLS) Protocol Version 1.1. The Internet Engineering Task Force (IETF), 2006. ,
RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2. The Internet Engineering Task Force (IETF), 2008. ,
Integrated Circuit Card Specifications for Payment Systems, 2011. ,
Building a Side Channel Based Disassembler, In Transactions on Computational Science X LNCS, vol.6340, pp.78-99, 2010. ,
DOI : 10.1007/978-3-642-17499-5_4
RFC 6101: The Secure Sockets Layer (SSL) Protocol Version 3.0. The Internet Engineering Task Force, 2011. ,
How to hoax an off-card verifier. Accepted Talk at e-Smart'10, 2010. ,
Using memory errors to attack a virtual machine, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405), p.154, 2003. ,
DOI : 10.1109/SECPRI.2003.1199334
Fault Attacks on Java Card : An Overview of the Vulnerabilities of Java Card Enabled Smartcards against Fault Attacks, 2005. ,
Einrichtung zur Durchführung von Bearbeitungsvorgängen mit wenigstens einem Identifikanden und einer Vorrichtung, 1982. ,
Introduction to Focused Ion Beam -Instrumentation, Theory, Techniques and Practice, 2004. ,
The Java Language Specification, 2005. ,
The Java?Language Specification, 2005. ,
GlobalPlatform Card Technology Secure Channel Protocol 03 Card Specification v2.2 -Amendment D, Version 1, 2009. ,
GlobalPlatform Card Technology Contactless Services Card Specification v 2.2 -Amendment C, Version 1.01, 2012. ,
GlobalPlatform Card Technology Java Card Contactless API and Export File for Card Specification v2.2.1 (org.globalplatform.contactless) v1.1, 2012. ,
Hold Your Sessions: An Attack on Java Session-Id Generation, Proceedings of the Cryptographer's Track at the RSA Conference (CT-RSA), 2005. ,
DOI : 10.1007/978-3-540-30574-3_5
Electromagnetic Analysis: Concrete Results, Koç et al. [KNP01], pp.251-261 ,
DOI : 10.1007/3-540-44709-1_21
DES and Differential Power Analysis The ???Duplication??? Method, Cryptographic Hardware and Embedded Systems ? CHES '99, pp.158-172, 1999. ,
DOI : 10.1007/3-540-48059-5_15
Measuring the performance of the Java Card Platform, Java One, 2006. ,
Julien Micolod, Denis Réal, and Frédéric Valette. Defeating any Secret Cryptography with SCARE Attacks, LNCS, vol.6212, pp.273-293, 2010. ,
A Survey on Fault Attacks, Smart Card Research and Advanced Application Conference (CARDIS04), pp.159-176, 2004. ,
DOI : 10.1007/1-4020-8147-2_11
The Use of Lasers to Simulate Radiation-Induced Transients in Semicondictor Devices and Circuits, IEEE Transactions on Nuclear Science, vol.12, pp.91-100, 1965. ,
Enforcing Secure Object Initialization in Java, Proceedings of the European Symposium on Research in Computer Securiy, ESORICS'10, pp.101-115, 2010. ,
DOI : 10.1007/978-3-642-15497-3_7
URL : https://hal.archives-ouvertes.fr/inria-00503953
Full memory read attack on a java card, 4th Benelux Workshop on Information and System Security Proceedings (WIS- SEC'09), 2009. ,
RFC 4732 : Internet Denial-of-Service Considerations. The Internet Engineering Task Force (IETF), 2006. ,
Use of Cryptographic Codes for Bytecode Verification in Smartcard Environment, 2003. ,
Developping a Trojan Applet in a Smart Card, Journal in Computer Virology, 2010. ,
Chinese Remaindering Based Cryptosystems in the Presence of Faults, Journal of Cryptology, vol.12, issue.4, pp.241-245, 1999. ,
DOI : 10.1007/s001459900055
Observability Analysis - Detecting When Improved Cryptosystems Fail -, LNCS, vol.2271, pp.17-29, 2002. ,
DOI : 10.1007/3-540-45760-7_2
The Codebreakers: The Story of Secret Writing, 1996. ,
Introduction to differential power analysis and related attacks, 1998. ,
Introduction to differential power analysis, Journal of Cryptographic Engineering, vol.1, issue.3, pp.5-27, 2011. ,
DOI : 10.1007/s13389-011-0006-y
The art of computer programming): seminumerical algorithms, Cryptographic Hardware and Embedded Systems ? CHES 2001, 1997. ,
Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '96, pp.104-113, 1996. ,
When Java was One: Threats from Hostile Bytecode, Proceedings of the 20th National Information Systems Security Conference, pp.104-115, 1997. ,
Java byte-code verification: an overview, pp.265-285, 2001. ,
Bytecode verification on java smart cards. Software Practive & Experience, pp.319-340, 2002. ,
URL : https://hal.archives-ouvertes.fr/hal-01499944
Finding Security Vulnerabilities in Java Applications with Static Analysis, 2005. ,
The Java?Virtual Machine Specification, 1999. ,
Getting Down to Business with Mobile Code, 2000. ,
Protection Circuit against Differential Power Analysis Attacks for Smart Cards, IEEE Transactions on Computers, vol.57, issue.11, pp.1540-1549, 2008. ,
DOI : 10.1109/TC.2008.107
Applet Verification Strategies for RAM-Constrained Devices, pp.118-137, 2002. ,
DOI : 10.1007/3-540-36552-4_9
Procédé et dispositif de commande électronique. French patent FR2266222, 1974. ,
Testing the Java Card Applet Firewall Available at https, 2007. ,
Malicious Code on Java Card Smartcards: Attacks and Countermeasures, Smart Card Research and Advanced Application Conference ? CARDIS 2008, pp.1-16, 2008. ,
DOI : 10.1007/978-3-540-30569-9_7
Expanding and Extending the Security Features of Java, Proceedings of the 7th USENIX Security Symposium, 1998. ,
Proof-carrying code, pp.106-119, 1997. ,
A Differential Fault Attack Technique against SPN Structures, with Application to the AES and Khazad, Cryptographic Hardware and Embedded Systems ? CHES 2003, pp.77-88, 2003. ,
DOI : 10.1007/978-3-540-45238-6_7
ElectroMagnetic Analysis (EMA): Measures and Counter-measures for Smart Cards, pp.200-210, 2001. ,
DOI : 10.1007/3-540-45418-7_17
Eddy Current for Magnetic Analysis with Active Sensor, 2002. ,
Smart Card Handbook, 2003. ,
RFC 2818: HTTP over TLS. The Internet Engineering Task Force, 2000. ,
Lightweight Bytecode Verification, Journal of Automated Reasoning, vol.31, issue.3/4, 1998. ,
DOI : 10.1023/B:JARS.0000021015.15794.82
A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol.21, issue.2, pp.120-126, 1978. ,
DOI : 10.1145/359340.359342
Optical Fault Induction Attacks, In B.S ,
DOI : 10.1007/3-540-36400-5_2
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.9.5680
Sécurité et Vérification d'Applications Embarquées en Environnement Java Card, 2001. ,
Étude et Réalisation d'un Environnement d'Expérimentation et de Modélisation pour la Technologie Java Card. Applications à la Sécurité, 2004. ,
Automatic Generation of Vulnerability Tests for the Java Card Byte Code Verifier. Accepted Talk at e-Smart, 2011. ,
Electromagnetic radiations of fpgas: High spatial resolution cartography and attack on a cryptographic module ,
Protecting Smart Cards from Passive Power Analysis with Detached Power Supplies, Cryptographic Hardware and Embedded Systems (CHES2000), pp.71-77, 1965. ,
DOI : 10.1007/3-540-44499-8_5
Automatic Detection of Fault Attack and Countermeasures, Proceedings of the 4th Workshop on Embedded Systems Security ? WESS'09, pp.1-7, 2009. ,
Checking the Paths to Identify Mutant Application on Embedded Systems, Proceedings of the International Conference on Security Technology ? SecTech'10, pp.459-468, 2010. ,
Evaluation of Countermeasures Against Fault Attacks on Smart Cards, International Journal of Security and Its Applications, vol.5, issue.2, pp.49-61, 2011. ,
Validating fault tolerant designs using laser fault injection (LFI), 1997 IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, pp.175-183, 1997. ,
DOI : 10.1109/DFTVS.1997.628323
Electrooptical effects in silicon, IEEE Journal of Quantum Electronics, vol.23, issue.1, pp.123-129, 1987. ,
DOI : 10.1109/JQE.1987.1073206
High Order Masking of the AES, CT-RSA'06, pp.208-225, 2006. ,
Acoustic cryptanalysis: On nosy people and noisy machines, Rump Session, 2004. ,
Application Programming Interface Specification, Java Card?Platform, Version 3.0.1, Classic Edition, 2009. ,
Application Programming Interface Specification, Java Card?Platform, Version 3, 2009. ,
Java Card?Protection Profile Collection, Version 1, 2006. ,
Support d'information portatif muni d'un microprocesseur et d'une mémoire morte programmable. French patent FR2401459, 1977. ,
Reverse Engineering Java Card Applets Using Power Analysis, 2006. ,
DOI : 10.1109/TC.2002.1004593
Java Type Confusion and Fault Attacks, Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography ? FDTC'06, pp.237-251, 2006. ,
DOI : 10.1007/11889700_21
The fault attack jungle -yet another concern for the designer (invited) IEEE International Workshop on Fault Diagnosis and Tolerance in Cryptography, 2011. ,
Combined Attacks and Coutermeasures, Smart Card Research and Advanced Application Conference ? CARDIS 2010, pp.133-147, 2010. ,
Reverse Engineering Java Card Applets Using Power Analysis, Proceedings of the 1st Workshop on Information Security Theory and Practice, pp.138-149, 2007. ,
DOI : 10.1109/TC.2002.1004593
Spy Catcher: The Candid Autobiography of a Senior Intelligence Officer, 1987. ,
Checking before Output may not be enough against Fault-based Cryptanalysis, pp.967-970, 2000. ,