期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2015
卷号:9
期号:11
页码:347-356
DOI:10.14257/ijsia.2015.9.11.32
出版社:SERSC
摘要:Side-channel Analysis (SCA) has become a reliable method for cryptanalysts to break cryptographic algorithms. Recently, SCA is used to reverse engineer the applet bytecodes on Java based smart cards. In addition of Power Analysis, other techniques of SCA exist, such as Electromagnetic Analysis (EMA). EMA of smart cards is a powerful technique that allows extracting information about the executed bytecode as well as about the processed data. In our work, we study the possibility to apply reverse engineering upon a Java Card applet in which the virtual machine is obfuscated by using SCA techniques. Even if this process of bytecode obfuscation is an effective way to prevent execution of an arbitrary and malicious bytecode, we believe that it can be systematically bypassed regardless the level of the platform encryption under the reverse engineering trails. In this paper, we present a methodology that could be used to find out the encryption key of the obfuscation process using the reverse engineering process through SCA. To perform reverse engineering, a white box approach providing access to the Java Card is needed in a learning stage, and then the technique used can be used on a black box approach where the code of applications is not accessible at the matching stage.
