Table Of ContentStefan Mangard (Ed.)
1
7
7
Smart Card Research
7
S
C
and Advanced Applications
N
L
11th International Conference, CARDIS 2012
Graz, Austria, November 2012
Revised Selected Papers
123
Lecture Notes in Computer Science 7771
CommencedPublicationin1973
FoundingandFormerSeriesEditors:
GerhardGoos,JurisHartmanis,andJanvanLeeuwen
EditorialBoard
DavidHutchison
LancasterUniversity,UK
TakeoKanade
CarnegieMellonUniversity,Pittsburgh,PA,USA
JosefKittler
UniversityofSurrey,Guildford,UK
JonM.Kleinberg
CornellUniversity,Ithaca,NY,USA
AlfredKobsa
UniversityofCalifornia,Irvine,CA,USA
FriedemannMattern
ETHZurich,Switzerland
JohnC.Mitchell
StanfordUniversity,CA,USA
MoniNaor
WeizmannInstituteofScience,Rehovot,Israel
OscarNierstrasz
UniversityofBern,Switzerland
C.PanduRangan
IndianInstituteofTechnology,Madras,India
BernhardSteffen
TUDortmundUniversity,Germany
MadhuSudan
MicrosoftResearch,Cambridge,MA,USA
DemetriTerzopoulos
UniversityofCalifornia,LosAngeles,CA,USA
DougTygar
UniversityofCalifornia,Berkeley,CA,USA
GerhardWeikum
MaxPlanckInstituteforInformatics,Saarbruecken,Germany
Stefan Mangard (Ed.)
Smart Card Research
and Advanced Applications
11th International Conference, CARDIS 2012
Graz, Austria, November 28-30, 2012
Revised Selected Papers
1 3
VolumeEditor
StefanMangard
InfineonTechnologiesAG
AmCampeon1-12,85579,Neubiberg,Germany
E-mail:stefan.mangard@infineon.com
ISSN0302-9743 e-ISSN1611-3349
ISBN978-3-642-37287-2 e-ISBN978-3-642-37288-9
DOI10.1007/978-3-642-37288-9
SpringerHeidelbergDordrechtLondonNewYork
LibraryofCongressControlNumber:2013933707
CRSubjectClassification(1998):E.3,C.2,K.6.5,D.4.6,C.3,D.2
LNCSSublibrary:SL4–SecurityandCryptology
©Springer-VerlagBerlinHeidelberg2013
Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis
concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting,
reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication
orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965,
inistcurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsareliable
toprosecutionundertheGermanCopyrightLaw.
Theuseofgeneraldescriptivenames,registerednames,trademarks,etc.inthispublicationdoesnotimply,
evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevantprotectivelaws
andregulationsandthereforefreeforgeneraluse.
Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India
Printedonacid-freepaper
SpringerispartofSpringerScience+BusinessMedia(www.springer.com)
Preface
This volume contains the papers that were selected for the 11th Conference on
Smart Card Research and Applications (CARDIS 2012). Since 1994, CARDIS
hasbeentheforemostinternationalconferencededicatedtothesecurityofsmart
cards and embedded systems. The conference was held every two years until
2010. Since then, the conference has been taking place every year owing to the
fast evolution of the security research on smart cards and embedded systems.
The conference brings together people from academia and industry to present
anddiscussnewresultsonawide rangeofsecuritytopics thatinclude hardware
architectures,operatingsystems,cryptography,applicationdevelopmentas well
as all kinds of physical attacks and corresponding countermeasures.
Thisyear,CARDISwasheldduringNovember28-30,2012,inGraz,Austria.
It was organizedby the Institute for Applied Information Processing and Com-
munications (IAIK)of GrazUniversityof Technology.The ProgramCommittee
with its 30 members selected 18 papers out of 48 submissions for presentation
at the conference and for inclusion in these proceedings. Each submission was
reviewed by at least three reviewers.
Inadditiontothepresentationsofthepapers,thereweretwoinvitedtalksat
the conference. The first talk was given by N. Asokan and was entitled “Mobile
PlatformSecurity.”Thetalkcompareddifferentapproachesforplatformsecurity
architectures as they are used in today’s smart phones. The second talk, “De-
fensive LeakageCamouflage,”was given by DavidNaccache.A paper versionof
this talk is also part of this volume.
Many people deserve credit for spending their time and energy to make this
conference such a successful event. I would first like to thank all the members
of the ProgramCommittee and the 74 externalreviewers for their hard work in
evaluating and discussing the submissions. A big thank-you also goes to Jo¨rn-
Marc Schmidt and his team at IAIK, who did a great job in organizing the
conference.Furthermore,IamverygratefultotheCARDISSteeringCommittee
fortheirsupportandforgivingmetheopportunitytoserveasProgramChairat
sucha recognizedconference.The financialsupportofthe goldsponsorInfineon
Technologies,the silver sponsorNXP Semiconductors,the city of Graz,andthe
province of Styria was highly appreciated and allowed us to provide student
stipends. Finally and most importantly, my thanks go to all the authors who
submitted their work to CARDIS 2012 as well as to the invited speakers.
December 2012 Stefan Mangard
Organization
CARDIS 2012 was organized by Graz University of Technology, Austria.
Executive Committee
General Chair
Jo¨rn-Marc Schmidt Graz University of Technology, Austria
Program Chair
Stefan Mangard Infineon Technologies,Germany
Publicity Chair
Jean-Jacques Quisquater Universit´e catholique de Louvain, Belgium
Program Committee
N. Asokan University of Helsinki, Finland
Gildas Avoine Universit´e catholique de Louvain, Belgium
Chetali Boutheina Trusted Labs, France
Josep Domingo-Ferrer Rovari i Virgili University, Catalonia
Hermann Drexler Giesecke & Devrient, Germany
Martin Feldhofer NXP Semiconductors, Austria
Berndt Gammel Infineon Technologies,Germany
Tim Gu¨neysu Ruhr-Universita¨t Bochum, Germany
Helena Handschuh Cryptography Research,USA and KU Leuven,
Belgium
Michael Hutter Graz University of Technology, Austria
Marc Joye Technicolor, France
Ioannis Krontiris Go¨the Universita¨t Frankfurt, Germany
Jean-Louis Lanet Universit´e de Limoges, France
Konstantinos Markantonakis Royal Holloway, UK
Andrew Martin University of Oxford, UK
David Naccache ENS, France
Elisabeth Oswald University of Bristol, UK
Catuscia Palamidessi INRIA, France
Eric Peeters Texas Instruments, USA
Erik Poll RU Nijmegen, The Netherlands
VIII Organization
Bart Preneel KU Leuven, Belgium
Emmanuel Prouff ANSSI, France
Matthieu Rivain CryptoExperts, France
Pankaj Rohatgi Cryptography Research, USA
Ahmad-Reza Sadeghi TU Darmstadt, Germany
Jean-Pierre Seifert TU Berlin, Germany
Sergei Skorobogatov Cambridge University, UK
Franc¸ois-Xavier Standaert Universit´e catholique de Louvain, Belgium
Frederic Stumpf Fraunhofer AISEC, Germany
Marc Witteman Riscure, The Netherlands
External Reviewers
Guido Bertoni Stefan Heyse Roel Peeters
Guillaume Bouffard Johann Heyszl Pedro Peris-Lopez
Cees-Bart Breunesse Jin-Meng Ho Thomas Plos
Ileana Buhan-Dulman Lars Hoffmann Ju¨rgen Pulkus
S´ebastien Canard Eliane Jaulmes Thomas P¨oppelmann
Xavier Carpent Elif Bilge Kavun Prithvi Rao
Pierre-Louis Cayrel Justin King-Lacroix Francesco Regazzoni
Jean-S´ebastienCoron Mario Kirschbaum Alfredo Rial
Joeri De Ruiter Ilya Kizhvatov Thomas Roche
Fabrizio De Santis Miroslav Knezevic Sami Saab
C´ecile Delerabl´ee Franc¸ois Koeune Ahmad Sabouri
Alexandra Dmitrienko Thomas Korak Martin Schla¨ffer
Franc¸ois Durvaux Juliane Kr¨amer Jo¨rn-Marc Schmidt
Ehab Elsalamouny Mario Lamberger Thomas Schneider
Junfeng Fan Marc Le Guin Steffen Schulz
Oriol Farra`s John Lyle Raphael Spreitzer
Matthieu Finiasz Benjamin Martin Rolando Trujillo-Rasua
Wieland Fischer Tania Martin Michael Tunstall
Hamza Fraz Dominik Merli Fabian Van Den Broek
Alpar Gergely Oliver Mischke Ingo von Maurich
Karin Greimel Bruce Murray Christian Wachsmann
Vincent Grosso Dmitry Nedospasov Erich Wenger
Sardaouna Hamadou Ventzi Nikov Carolyn Whitnall
Benedikt Heinz Michael Østergaard
Jens Hermans Pedersen
Stephan Heuser Andrew Paverd
Table of Contents
Java Card Security
Towards the Hardware Accelerated Defensive Virtual Machine – Type
and Bound Protection ............................................ 1
Michael Lackner, Reinhard Berlach, Johannes Loinig,
Reinhold Weiss, and Christian Steger
Dynamic Fault Injection Countermeasure: A New Conception of Java
Card Security ................................................... 16
Guillaume Barbu, Philippe Andouard, and Christophe Giraud
Java Card Combined Attacks with Localization-Agnostic Fault
Injection........................................................ 31
Julien Lancia
Protocols
Improved (and Practical) Public-Key Authentication for UHF RFID
Tags ........................................................... 46
S´ebastien Canard, Lo¨ıc Ferreira, and Matt Robshaw
Unlinkable Attribute-Based Credentials with Practical Revocation on
Smart-Cards .................................................... 62
Jan Hajny and Lukas Malina
Side-Channel Attacks I
On the Use of Shamir’s Secret Sharing against Side-Channel Analysis... 77
Jean-S´ebastien Coron, Emmanuel Prouff, and Thomas Roche
Secure Multiple SBoxes Implementation with Arithmetically Masked
Input........................................................... 91
Luk Bettale
Low-Cost Countermeasure against RPA............................. 106
Jean-Luc Danger, Sylvain Guilley, Philippe Hoogvorst,
C´edric Murdica, and David Naccache
Efficient Removal of Random Delays from Embedded Software
Implementations Using Hidden Markov Models ...................... 123
Franc¸ois Durvaux, Mathieu Renauld, Franc¸ois-Xavier Standaert,
Lo¨ıc van Oldeneel tot Oldenzeel, and Nicolas Veyrat-Charvillon
X Table of Contents
Implementations
On the Implementation Aspects of Sponge-Based Authenticated
Encryption for Pervasive Devices................................... 141
Tolga Yalc¸ın and Elif Bilge Kavun
Compact Implementation and Performance Evaluation of Hash
Functions in ATtiny Devices....................................... 158
Josep Balasch, Bari¸s Ege, Thomas Eisenbarth, Benoit G´erard,
Zheng Gong, Tim Gu¨neysu, Stefan Heyse, St´ephanie Kerckhof,
Franc¸ois Koeune, Thomas Plos, Thomas Po¨ppelmann,
Francesco Regazzoni, Franc¸ois-Xavier Standaert,
Gilles Van Assche, Ronny Van Keer,
Lo¨ıc van Oldeneel tot Oldenzeel, and
Ingo von Maurich
Putting together What Fits together - GrÆStl ...................... 173
Markus Pelnar, Michael Muehlberghuber, and Michael Hutter
Implementations for Resource-Constrained Devices
Memory Access Pattern Protection for Resource-ConstrainedDevices... 188
Yuto Nakano, Carlos Cid, Shinsaku Kiyomoto, and Yutaka Miyake
Multipurpose Cryptographic Primitive ARMADILLO3 ............... 203
Petr Suˇsil and Serge Vaudenay
Side-Channel Attacks II
Improving Side-Channel Analysis with Optimal Linear Transforms ..... 219
David Oswald and Christof Paar
SCA with Magnitude Squared Coherence ........................... 234
Sebastien Tiran and Philippe Maurine
Strengths and Limitations of High-Resolution Electromagnetic Field
Measurements for Side-Channel Analysis............................ 248
Johann Heyszl, Dominik Merli, Benedikt Heinz,
Fabrizio De Santis, and Georg Sigl
Efficient Template Attacks Based on Probabilistic Multi-class Support
Vector Machines ................................................. 263
Timo Bartkewitz and Kerstin Lemke-Rust
Table of Contents XI
Invited Talk
Defensive Leakage Camouflage..................................... 277
Eric Brier, Fortier Quentin, Roman Korkikian, K.W. Magld,
David Naccache, Guilherme Ozari de Almeida, Adrien Pommellet,
A.H. Ragab, and Jean Vuillemin
Author Index.................................................. 297
