A Fault Attack Emulation Environment to Evaluate Java Card Virtual-Machine Security

Java-enabled smart cards are used in different fields of application, such as access control, electronic banking, and passports. On these cards, a standardized virtual machine runs, which protects the security-critical code and data using a sandbox model. Unfortunately, this sandbox can be circumvented by fault attacks, which corrupt the data on which the virtual machine operates. The fault emulation environment of this work enables the user to configure faults at definable Java applet code locations. The user specifies which Java code she wants to attack but does not need to provide any information on where these data are placed in the memory and when the memory is accessed. To enable this approach, our environment monitors the virtual machine during the applet execution to receive the information which Java code is currently executed and which security-critical memory regions are in use. Then, the faults are injected using a bus saboteur at the correct clock cycle and memory location. This generic high-level approach provides the environment user an abstraction of the internal states of the virtual machine and the emulated hardware. Therefore, our environment enables the recreation of currently known attacks and allows us to study the effects of fault attacks on the virtual-machine behavior. The concept was successfully evaluated by a Java wallet case study. This case study shows a speedup of 6,600 compared to a simulation.