A User Centric Security Model for Tamper-Resistant Devices

8.3 Runtime Protection Mechanism
idea of operand stack integrity. They dene a variable α, and all values that are pushed on
or popped from the operand stack are XORed with the α. Therefore, α is the summation
of all the values that are on the operand stack at any point of an application execution. For
example, if values o 1 , o 2 , o 3 , and o 4 are on a stack then the α will be α = o 1 ⊕ o 2 ⊕ o 3 ⊕ o 4 ,
which can be written as α = Σ n i=1 o i where n=4.
According to Barbu et al. [217] on every jump instruction beyond the scope of the current
frame (method), the runtime environment XORs all the values stored on the operand and
compares the result with α. If they match then the integrity of the operand stack is veried.
Their proposal does not measure the integrity of the operand stack on instructions like ifelse
or loops, which could be the target of the malicious user. In fact, Barbu et al. [217]
detail an attack that targets the conditional statement (e.g. if-else) and showed how a
malicious user can circumvent the PIN verication in their example application. However,
the second-rened method do not protect against such attacks. In their proposed countermeasures
they sacriced security and (to some extent) performance for the sake of memory
use, whereas our proposal focuses on security rather than saving the memory. A point to
note is that in a traditional smart card (in ICOM) memory is crucial as to keep the cost
of the smart card in a reasonable range; however, in the UCOM we focus on the security
- sacricing the (crucial) cost of the nal product (e.g. UCTD).
1 // Executed by runtime s e c u r i t y manager when a v a l u e i s pushed onto an
i n t e g r i t y s t a c k .
2 On_Stack_Push ( pushedValue ) {
3 push ( InS [ top ] XOR pushedValue ) ;
4 }
5 // Executed by runtime s e c u r i t y manager when a v a l u e i s popped from an
operand s t a c k .
6 On_Stack_Pop( poppedValue ) {
7 i f ( pop ( InS ) XOR poppedValue := InS [ top ] ) {
8 } else {
9 terminateExecution ( ) ;
10 }
11 }
Listing 8.2: Operand stack integrity operations.
In our proposal, we use a Last In First Out (LIFO) stack referred as integrity stack that
can store values of a word size, which is the most elementary data structure dened in a
JCVM. As already mentioned, the actual size of the word is platform dependent and it is left
to the discretion of platform implementers. One thing to note is that JCVM knows the size
of the operand stack when it loads a frame (section 8.2.1); therefore, the runtime security
manager just creates an integrity stack of the size n where n is the size of the respective
operand stack (created by the JCVM). We refer to the integrity stack as InS in listing 8.2.
When a frame is loaded, the JCVM and runtime security manager will create an operand
201