Software Countermeasures for Control Flow Integrity of Smart Card C Codes

  • Jean-François Lalande
  • Karine Heydemann
  • Pascal Berthomé
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8713)


Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. Among all possible attacks, control flow attacks aim at disrupting the normal execution flow. Identifying harmful control flow attacks as well as designing countermeasures at software level are tedious and tricky for developers. In this paper, we propose a methodology to detect harmful intra-procedural jump attacks at source code level and to automatically inject formally-proven countermeasures. The proposed software countermeasures defeat 100% of attacks that jump over at least two C source code statements or beyond. Experiments show that the resulting code is also hardened against unexpected function calls and jump attacks at assembly level.


control flow integrity fault attacks smart card source level 


  1. 1.
    Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Atluri, V., Meadows, C., Juels, A. (eds.) 12th ACM Conference on Computer and Communications Security, pp. 340–353. ACM Press, Alexandria (2005)Google Scholar
  2. 2.
    Balasch, J., Gierlichs, B., Verbauwhede, I.: An in-depth and black-box characterization of the effects of clock glitches on 8-bit MCUs. In: Breveglieri, L., Guilley, S., Koren, I., Naccache, D., Takahashi, J. (eds.) The 8th Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 105–114. IEEE Computer Society Press, Nara (2011)Google Scholar
  3. 3.
    Barbu, G., Duc, G., Hoogvorst, P.: Java card operand stack: fault attacks, combined attacks and countermeasures. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 297–313. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  4. 4.
    Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on java card 3.0 combining fault and logical attacks. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 148–163. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Barenghi, A., Breveglieri, L., Koren, I., Naccache, D.: Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures. Proceedings of the IEEE 100(11), 3056–3076 (2012)CrossRefGoogle Scholar
  6. 6.
    Barenghi, A., Trichina, E.: Fault attacks on stream ciphers. In: Joye, M., Tunstall, M. (eds.) Fault Analysis in Cryptography. Information Security and Cryptography, pp. 239–255. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  7. 7.
    Berthomé, P., Heydemann, K., Kauffmann-Tourkestansky, X., Lalande, J.F.: High level model of control flow attacks for smart card functional security. In: 7th International Conference on Availability, Reliability and Security, AReS 2012, pp. 224–229. IEEE Computer Society, Prague (2012)CrossRefGoogle Scholar
  8. 8.
    Bletsch, T., Jiang, X., Freeh, V.: Mitigating code-reuse attacks with control-flow locking. In: Zakon, R.H., McDermott, J.P., Locasto, M.E. (eds.) 27th Annual Computer Security Applications Conference, pp. 353–362. ACM Press, Orlando (2011)Google Scholar
  9. 9.
    Bouffard, G., Iguchi-Cartigny, J., Lanet, J.L.: Combined software and hardware attacks on the java card control flow. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 283–296. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  10. 10.
    Bouffard, G., Thampi, B.N., Lanet, J.-L.: Detecting laser fault injection for smart cards using security automata. In: Thampi, S.M., Atrey, P.K., Fan, C.-I., Perez, G.M. (eds.) SSCC 2013. CCIS, vol. 377, pp. 18–29. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  11. 11.
    Brayton, R., et al.: Vis: A system for verification and synthesis. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 428–432. Springer, Heidelberg (1996), CrossRefGoogle Scholar
  12. 12.
    Ceara, D.: Detecting Software Vulnerabilities - Static Taint Analysis. Bsc thesis, Universitatea Politehnica Bucuresti, Verimag (2009)Google Scholar
  13. 13.
    Chen, Y., Venkatesan, R., Cary, M., Pang, R., Sinha, S., Jakubowski, M.H.: Oblivious hashing: A stealthy software integrity verification primitive. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol. 2578, pp. 400–414. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Dehbaoui, A., Mirbaha, A.-P., Moro, N., Dutertre, J.-M., Tria, A.: Electromagnetic glitch on the AES round counter. In: Prouff, E. (ed.) COSADE 2013. LNCS, vol. 7864, pp. 17–31. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  15. 15.
    Fiskiran, A.M., Lee, R.B.: Runtime execution monitoring (REM) to detect and prevent malicious code execution. In: IEEE International Conference on Computer Design: VLSI in Computers and Processors, pp. 452–457. IEEE Computer Society, San Jose (2004)Google Scholar
  16. 16.
    Goloubeva, O., Rebaudengo, M., Reorda, M.S., Violante, M.: Soft-error detection using control flow assertions. In: 18th International Symposium on Defect and Fault Tolerance in VLSI Systems, pp. 581–588. IEEE Computer Society, Boston (2003)Google Scholar
  17. 17.
    Guthaus, M.R., Ringenberg, J.S., Ernst, D., Austin, T.M., Mudge, T., Brown, R.B.: MiBench: A free, commercially representative embedded benchmark suite. In: 4th Annual Workshop on Workload Characterization, pp. 3–14. IEEE Computer Society, Austin (2001), Google Scholar
  18. 18.
    Iguchi-cartigny, J., Lanet, J.L.: Evaluation of Countermeasures Against Fault Attacks on Smart Cards. International Journal of Security and Its Applications 5(2), 49–60 (2011)Google Scholar
  19. 19.
    Keil: Keil uVision for ARM processors (2012),
  20. 20.
    Lackner, M., Berlach, R., Raschke, W., Weiss, R., Steger, C.: A defensive virtual machine layer to counteract fault attacks on java cards. In: Cavallaro, L., Gollmann, D. (eds.) WISTP 2013. LNCS, vol. 7886, pp. 82–97. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  21. 21.
    Leroy, X.: Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In: Morrisett, J.G., Jones, S.L.P. (eds.) 33rd ACM Symposium on Principles of Programming Languages, pp. 42–54. ACM Press, Charleston (2006)Google Scholar
  22. 22.
    Levin, I.: A byte-oriented AES-256 implementation (2007),
  23. 23.
    Moro, N., Heydemann, K., Encrenaz, E., Robisson, B.: Formal verification of a software countermeasure against instruction skip attacks. Journal of Cryptographic Engineering, 1–12 (2014)Google Scholar
  24. 24.
    Moro, N., Dehbaoui, A., Heydemann, K., Robisson, B., Encrenaz, E.: Electromagnetic Fault Injection: Towards a Fault Model on a 32-bit Microcontroller. In: Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 77–88. IEEE Computer Society, Santa Barbara (2013)Google Scholar
  25. 25.
    Nicolescu, B., Savaria, Y., Velazco, R.: SIED: Software implemented error detection. In: 18th International Symposium on Defect and Fault Tolerance in VLSI Systems, pp. 589–596. IEEE Computer Society, Boston (2003)Google Scholar
  26. 26.
    Oh, N., Shirvani, P., McCluskey, E.: Control-flow checking by software signatures. IEEE Transactions on Reliability 51(1), 111–122 (2002)CrossRefGoogle Scholar
  27. 27.
    Verbauwhede, I., Karaklajić, D., Schmidt, J.M.: The fault attack jungle - a classification model to guide you. In: Breveglieri, L., Guilley, S., Koren, I., Naccache, D., Takahashi, J. (eds.) 8th Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 3–8. IEEE Computer Society, Nara (2011)Google Scholar
  28. 28.
    Xia, Y., Liu, Y., Chen, H., Zang, B.: CFIMon: Detecting violation of control flow integrity using performance counters. In: Swarz, R.S., Koopman, P., Cukier, M. (eds.) IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 1–12. IEEE Computer Society, Boston (2012)Google Scholar
  29. 29.
    Yamaguchi, F., Wressnegger, C., Gascon, H., Rieck, K.: Chucky: exposing missing checks in source code for vulnerability discovery. In: Sadeghi, A.R., Gligor, V.D., Yung, M. (eds.) ACM Conference on Computer and Communications Security, Berlin, Germany, pp. 499–510 (November 2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Jean-François Lalande
    • 1
    • 3
  • Karine Heydemann
    • 2
  • Pascal Berthomé
    • 3
  1. 1.Inria, Supélec, CNRS, Univ. Rennes 1, IRISA, UMR 6074Cesson-SévignéFrance
  2. 2.Sorbonne Universités, UPMC, Univ. Paris 06, CNRS, LIP6, UMR 7606ParisFrance
  3. 3.INSA Centre Val de Loire, Univ. Orléans, LIFO, EA 4022BourgesFrance

Personalised recommendations