java card platform security and performance

1 Copyright © 2011, Oracle and/or its affiliates. All rights

reserved.

Insert Information Protection Policy Classification from Slide 8

Java Card Platform Security

Eric VETILLARD

Sr. Principal Product Manager, Java Card


reserved.


Program Agenda

• Security? What security?

• Some Threats to Consider

• Protecting your Assets

• Protecting GlobalPlatform

• Protecting the Virtual Machine

• Protecting your Applications


reserved.


Java Card is about Security

• Java Card targets secure microcontrollers

– Typically used as security tokens

– Very often containing sensitive and confidential data

– Very often controlling access to sensitive/valuable assets

• Security depends greatly on the implementation

– The Java Card Specification defines principles

– A robust and bug-free implementation is required

– In addition, security certifications are common requirements


reserved.


Purpose of this Presentation

• Identify some key security requirements for Java Card

– Threats that are likely to be encountered

– Mechanisms that require protection

• Propose a few mechanisms/solutions

– To enhance the security of a platform

– To increase the platform developers’ awareness of security


reserved.


Program Agenda








reserved.


Hardware Attacks

• Power analysis

– Leaking data by analyzing the execution

– Many ways to exploit power analysis today

• Following bytecode execution, attacking comparisons, etc.

• Fault induction

– Modifying the behavior of the platform

– Becoming very accurate, better than hardware countermeasures

• Not considering crypto attacks here


reserved.


Software Attacks

• Typical process

– Loading a malicious application

– Run the malicious application to perform attack

• Systematically used in attack preparation

– Attackers is a developer; possesses card management keys

– Unverified applications can be freely loaded

• Very uncommon in actual attacks

– Attackers don’t have the real card management keys

Attacking the Virtual Machine


reserved.


Quotation of Attacks

• A standard scale is used to quote the attacks

• The scale is a combination of criteria

– Criteria are applied on identification and exploitation

From Common Criteria

Elapsed time Hour, day, week, month, more, too much

Expertise Layman, professional, expert

Knowledge of target Public, restricted, sensitive, critical

Access to target <10, <100, >100, too much

Equipment None, standard, specialized, bespoke


reserved.


Attacks to Consider Possible

• Full flash/EEPROM memory dump

– Very useful to analyze the platform and select attacks

– Should NOT reveal any secret of any kind

• Execution of illegal code in attacker’s context

– A rogue application executing in its own context

– But, it could exploit any default in your firewall

• If that happens, other applications’ assets can be endangered

• Basic SPA/SPA/fault induction attacks

– Include enough redundancy and checks

And to defend against


reserved.


Program Agenda








reserved.


Remember the Objectives of Attacks

• Disclosures are often considered the worst thing

– Disclosure of a secret key

– Disclosure of a PIN

• Unauthorized modification is not good either

– Modification of a PIN

– Modification of a public key

• Some other things may also be problematic

– Accepting a wrong signature

– Disabling a security counter

What vulnerabilities are critical?


reserved.


Protecting Assets is Essential

• Instances of key API classes

– OwnerPIN

– All keys

• Application data

– Security counters

• System data

– Global encryption keys

– Applet table and other meta-data

What assets to protect?


reserved.


Protecting a PIN Unprotected storage

OwnerPIN 02 03 ref ref

boolean[1] ptr F

byte[4]] 01 02 03 04

PIN Try Counter

PIN Try Limit

Presentation flag (in RAM)

PIN value (cleartext)


reserved.


Protecting a PIN Protected storage

OwnerPIN FD02 FC03 ref ref

byte[1] ptr A5

byte[4]] 3E 82 47 8B

PIN Try Counter (redundant)

PIN Try Limit (redundant)

Presentation flag (redundant)

PIN value (encrypted) 01 76 46 F8


reserved.


Protecting a PIN

• Very bad: Obvious comparison

– Compare byte per byte, fail on first difference

– 20 tries on average to get to the correct 4-digit PIN

• Bad: Full comparison

– Compare byte per byte, always do full compare

– Any visible trace of failure brings back to previous case

• Better: Encrypted comparison

– Encrypt proposed value, compare to reference

– Then, any comparison will do: no leak on the value

PIN comparison


reserved.


Protecting a PIN

• Protecting the PIN counter

– Attackers will try to get more tries

– Always decrement the PIN counter first

– Be very careful about fault induction

• Protecting against fault induction

– Always verify the checksum

– Read only once from memory

– Valid for all data (PIN value, counters, flags)

Everything else


reserved.


Protecting your Global Assets

• Some crypto keys are used to encrypt keys and PINs

– These keys are essential for the platform’s security

– Attackers will look for them

• Be very careful with these keys

– Always assume that attackers can get a full memory dump

– Do not store these keys in an obvious way (16-byte chunk)

– Try to diversify whenever possible

Platform encryption keys


reserved.


Program Agenda








reserved.


Why Protect GlobalPlatform?

• GlobalPlatform is used to manage content

• An attacker who breaks GlobalPlatform’s security

– Can load illegal applications

– May be able to modify some application’s data

– May be able to modify some card-level secrets

• The Secure Channel must be well protected

– Especially if the Virtual Machine is not very protected

The Key to your Cards


reserved.


How to Protect GlobalPlatform?

• Content management (in the field) requires integrity

• Make sure that integrity checks can’t be bypassed

• Make sure that CLA tests can’t be bypassed

The Secure Channel is the key

80 E6 04 00 Lc Data 00 … 00

00 E6 04 00 Lc Data


reserved.


Program Agenda








reserved.


Which Protection for the Virtual Machine?

• The Cost vs. Security balance is hard to find

– Any additional check in the interpreter is costly

• Illegal access to local frame is most dangerous

– Especially is system frame data is in the stack

• Alternatives may be possible

– Organize data in alternative ways

– Use the MMU to perform checks


reserved.


Risks in the Local Stack

LV0

LV1

LV2

Return PC

Old TOS

Old LV

Old Context

TOS

TOS

Accessible as LV3

Replaceable after pop

…


reserved.


Program Agenda








reserved.


Enforce the Firewall

• Use the hardware protections when available

– Isolation by MMU

• Very efficient, not always really adapted

• Requires the allocation of memory chunks (quota management)

– Low-level encryption

• With a specific key for each context

• Very good compromise between performance and security

• Make cross-context accesses highly redundant

– Performance impact is minimal, since such accesses are rare

Global system-level protection


reserved.


Clearly Split Responsibilities

• Make sure to follow well-known security guidelines

– For both platforms and applications

– Maintain the guidelines properly

Platform and applications are complementary

Java Card

Application

Developer

Handbook

Test and

Inspection

Process

Interop

and

Security

Guide

Java Card

Platform

Defined by Issuer

Applied by Providers


reserved.


Q&A


reserved.



reserved.


Java Card Platform Performance

Eric VETILLARD

Principal Product Manager, Java Card


reserved.


Program Agenda

• Know your platform(s)

• Optimizing Bytecode Interpretation

• Optimizing Libraries

• Optimizing Application Loading

• Optimizing Your Applications

• Limits of Interoperability

• A Continuous Process


reserved.


Performance is Complicated

• Performs comes from a combination of many factors

– Hardware performance

– System software performance

– Application tuning

• Performance is only one of the parameters

– Also consider security, maintainability, portability, and more

• Learning to identify bottlenecks is a long process

– When performance becomes an issue, it may be too late to start

And often unpredictable


reserved.


Measure Performance

• Performance is an issue or will be someday

– When your platform becomes more complex

– When contactless requirements arrive

• Prepare standard benchmarks

– Using standard use cases

– Using unit benchmarks to measure specific features

• Run benchmarks often

– Compare to competitors or to your older/other platforms

– Monitor the evolution, and compare to your expectations

Benchmarking is part of testing


reserved.


Standard Benchmarks

• Measuring can be challenging on standard machines

– Timing is not precise enough for good measurements

– For proper timing of specific features, use large loops

• Measure the time of the loop minus the time of the empty loop

• Divide by number of loops, and you get micro/millisecond precision

• Check the Mesure Project (http://mesure.gforge.inria.fr/)

– Plenty of tests available, together with a benchmarking platform

http://mesure.gforge.inria.fr/


reserved.


Differential Benchmarking

• Benchmarks can contain measurement errors

– A bug in the benchmark or in its exploitation

• Comparisons are much safer

– Even with measurement errors, comparisons make more sense

• Comparisons are much more useful

– It is normally possible to know what change is expected

• The clock is going twice faster, so should the code

– Comparing with expectations helps understand the possible issue

Comparing is better than just measuring


reserved.


Where is your Bottleneck?

Bytecode; 20%

Native; 10%

Writing; 25%

Crypto; 20%

I/O; 25%

Bytecode interpretation isn’t everything