Skip to main content
SpringerLink
Log in

When time meets test

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

One of the main challenges in system’s development is to give a proof of evidence that its functionalities are correctly implemented. This objective is mostly achieved via testing techniques, which include software testing to check whether a system meets its functionalities, or security testing to express what should not happen. For the latter case, fuzzing is considered as first class citizen. It consists in exercising the system with (randomly) generated and eventually modified inputs in order to test its resistance. While fuzzing is definitively the fastest and the easiest way for testing applications, it suffers from severe limitations. Indeed, the precision of the model used for input generation: a random and/or simple model cannot reach all states and significant values. Moreover, a higher model precision can result in a combinatorial explosion of test cases. In this paper, we suggest a new approach whose main ingredient is to combine timing attacks with fuzzing techniques. This new approach, which is dedicated to work on Java Card, allows not only reducing the test space explosion, but also to simplify the fuzzing process configuration. The technique has been implemented, and we present the results obtained on two applets loaded in a Java Card.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Jorgensen, P.C.: Software Testing: A Craftsman’s Approach. CRC press, Boca Raton (2013)

    MATH  Google Scholar 

  2. Myers, G.J., Sandler, C., Badgett, T.: The Art of Software Testing. Wiley, New York (2011)

    Google Scholar 

  3. Baresel, A., Pohlheim, H., Sadeghipour, S.: Structural and functional sequence test of dynamic and state-based software with evolutionary algorithms. In: Genetic and Evolutionary Computation–GECCO 2003, pp. 2428–2441. Springer, Berlin (2003)

  4. Utting, M., Legeard, B.: Practical Model-Based Testing: A Tools Approach. Morgan Kaufmann Publishers Inc., San Francisco (2007)

    Google Scholar 

  5. Amoroso, E.G.: Fundamentals of Computer Security Technology. Prentice-Hall Inc, Upper Saddle River (1994)

    MATH  Google Scholar 

  6. Robling, D., Dorothy, E.: Cryptography and Data Security. Addison-Wesley Longman Publishing Co., Inc, Boston (1982)

    MATH  Google Scholar 

  7. Bishop, M., Bailey, D.: A critical analysis of vulnerability taxonomies. Technical report, DTIC Document (1996)

  8. Takanen, A., DeMott, J., Miller, C.: Fuzzing for Software Security Testing and Quality Assurance, 1st edn. Artech House Inc, Norwood (2008)

    MATH  Google Scholar 

  9. Takanen, A.: Fuzzing: the past, the present and the future. SSTIC (2009)

  10. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards, vol. 31. Springer, Berlin (2008)

    MATH  Google Scholar 

  11. Mangard, S.: A simple power-analysis (SPA) attack on implementations of the AES key expansion. In: Information Security and Cryptology–ICISC 2002, pp. 343–358. Springer, Berlin (2003)

  12. Quisquater, J-J., Samyde, D.: Electromagnetic analysis (EMA): measures and counter-measures for smart cards. In: Smart Card Programming and Security, pp. 200–210. Springer, Berlin (2001)

  13. Kocher, P.C..: Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’96, pp. 104–113, London, UK. Springer, Berlin (1996)

  14. Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the timing attack. In: International Conference on Smart Card Research and Advanced Applications, pp. 167–182. Springer, Berlin (1998)

  15. Foo Kune, D., Kim, Y.: Timing attacks on pin input devices. In: Proceedings of the 17th ACM conference on Computer and communications security, pp. 678–680. ACM (2010)

  16. Brumley, D., Boneh, D.: Remote timing attacks are practical. In Proceedings of the 12th USENIX Security Symposium, pp. 1–14 (2003)

  17. Bernstein, D.J.: Cache-timing attacks on AES (2005)

  18. Felten, E.W., Schneider, M.A.: Timing attacks on web privacy. In: Proceedings of the 7th ACM Conference on Computer and Communications Security. CCS ’00, pp. 25–32. NY, USA, ACM, New York (2000)

  19. Putt, B., Putt, E., Lanet, J.-L.: Using side channel information for improving data partitioning strategy to test smart cards. In: SAR-SSI conference (2014)

  20. Common Criteria. Common Criteria for Information Technology Security Evaluation-version 3.0 Rev. 2 (2005)

  21. Integrated circuit card specifications for payment systems, book 3 : application specification, version 4.3 ed., emvco. https://www.emvco.com/specifications.aspx

  22. Haller, I., Slowinska, A., Neugschwandtner, M., Bos, H.: Dowsing for overflows: a guided fuzzer to find buffer boundary violations. In: Proceedings of the 22Nd USENIX Conference on Security, SEC’13, pp. 49–64 (2013)

  23. Eddington, M.: Peach fuzzing platform 3 (2004). http://peachfuzzer.com/

  24. Amini, P.: Sulley fuzzing platform (2004). https://github.com/openrce/sulley

  25. Barreaud, M., Bouffard, G., Kamel, N., Lanet, J.-L.: Fuzzing on the http protocol implementation in mobile embedded web server. In: Caesar (2011)

  26. Lancia, J.: Un framework de fuzzing pour cartes a puce: application aux protocoles. SSTIC (2011)

  27. Guyot, V.: Smart card the invisible bullet. In: Proceeding of the 9th European Conference on Information Warfare and Security (2010)

  28. Alimi, V.: Contribution au déploiement des services mobiles et à l’analyse de la sécurité des transactions. Ph.D. thesis, University of Caen, France (2012)

  29. Richardson, D.J., Clarke, L.A.: Partition analysis: a method combining testing and verification. IEEE Trans. Softw. Eng. 11(12), 1477–1490 (1985)

    Article  Google Scholar 

  30. Ostrand, T.J., Balcer, M.J.: The category-partition method for specifying and generating functional tests. Commun. ACM 31(6), 676–686 (1988)

    Article  Google Scholar 

  31. Martignoni, L., Paleari, R., Roglia, G.F., Bruschi, D.: Testing cpu emulators. In: Proceedings of the eighteenth International Symposium on Software testing and analysis, pp. 261–272. ACM (2009)

  32. Yang, X., Chen, Y., Eide, E., Regehr, J.: Finding and understanding bugs in c compilers. In: Mary, W.H., David, A.P. (eds.) PLDI, pp. 283–294. ACM, New York (2011)

    Google Scholar 

  33. Gauthier, A., Mazin, C., Iguchi-Cartigny, J., Lanet, J.-L.: Enhancing fuzzing technique for okl4 syscalls testing. In: ARES, pp. 728–733. IEEE (2011)

  34. Kasmi, M.A., Azizi, M., Lanet, J.-L.: Reversing bytecode of obfuscated java based smart card using side chanel analysis. Int J Secur Appl 9(11), 347–356 (2015)

    Google Scholar 

  35. Jacoco java code coverage. http://eclemma.org/jacoco/

Download references

Author information

Authors and Affiliations

  1. INRIA-RBA, LHS-PEC, Campus de Beaulieu, 263 Avenue du Général Leclerc, 35042, Rennes, France

    Jean-Louis Lanet, Hélène Le Bouder & Axel Legay

  2. Laboratoire LARIT, Université Ibn Tofail, Kenitra, Morocco

    Mohammed Benattou

Authors
  1. Jean-Louis Lanet
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hélène Le Bouder
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohammed Benattou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Axel Legay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jean-Louis Lanet.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lanet, JL., Le Bouder, H., Benattou, M. et al. When time meets test. Int. J. Inf. Secur. 17, 395–409 (2018). https://doi.org/10.1007/s10207-017-0371-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-017-0371-3

Keywords

Search

Navigation