@inproceedings{bd3aed5862464775bf82fdd6288ffedb,
title = "Tampering with Java Card exceptions: The exception proves the rule",
abstract = "Many publications have studied the various issues concerning Java Cards security regarding software and/or hardware attacks. However, it is surprising to notice that the particular case of exception-related mechanisms has not been tackled yet in the literature. In this article, we fill this gap by proposing several attacks against Java Card platforms based on both exception handling and exception throwing. In addition, this study allows us to point out that a weakness known by the web-oriented Java community for more than a decade still passes the different steps of the state-of-the-art Java Card application deployment process (namely conversion and verification). This appears all the more important as the Java Card 3 Connected Edition specifications have started to bridge the gap between the two worlds that are Java Cards and Java web services.",
keywords = "Combined attacks, Fault attacks, Java card, Java exceptions, Software attacks",
author = "Guillaume Barbu and Philippe Hoogvorst and Guillaume Duc",
year = "2012",
month = oct,
day = "24",
language = "English",
isbn = "9789898565242",
series = "SECRYPT 2012 - Proceedings of the International Conference on Security and Cryptography",
pages = "55--63",
booktitle = "SECRYPT 2012 - Proceedings of the International Conference on Security and Cryptography",
note = "International Conference on Security and Cryptography, SECRYPT 2012 ; Conference date: 24-07-2012 Through 27-07-2012",
}