Quarkslab's blog
  • Archives

How a Security Anomaly was Accidentally Found in an EAL6+ JavaCard

Date Tue 12 May 2020 By Philippe Teuwen Category Hardware Tags Java Card timing attack ISO7816 hardware 2020

In the context of the Inter-CESTI 2019 challenge, we "accidentally" found a timing difference disclosing the length of a PIN handled via the standard OwnerPIN.check JavaCard API. Here is the story.

more ...

  • Quarkslab's Website

  • SOCIAL

    • twitter
    • mastodon
    • github

  • CATEGORIES

    • •Android
    • •Automotive
    • •Blockchain
    • •Challenge
    • •Containers
    • •Cryptography
    • •Exploitation
    • •File Formats
    • •Fuzzing
    • •Hardware
    • •Kernel Debugging
    • •Life at Quarkslab
    • •Math
    • •Pentest
    • •Program Analysis
    • •Programming
    • •Reverse-Engineering
    • •Software
    • •Vulnerability
© 2020 Quarkslab · Powered by pelican-bootstrap3, Pelican, Bootstrap

Back to top