Cryptology ePrint Archive: Report 2003/140

Trading-Off Type-Inference Memory Complexity Against Communication

Konstantin Hypp\"onen and David Naccache and Elena Trichina and Alexei Tchoulkine

Abstract: While bringing considerable flexibility and extending the horizons of mobile computing, mobile code raises major security issues. Hence, mobile code, such as Java applets, needs to be analyzed before execution. The byte-code verifier checks low-level security properties that ensure that the downloaded code cannot bypass the virtual machine's security mechanisms. One of the statically ensured properties is {\sl type safety}. The type-inference phase is the overwhelming resource-consuming part of the verification process.

This paper addresses the RAM bottleneck met while verifying mobile code in memory-constrained environments such as smart-cards. We propose to modify classic type-inference in a way that significantly reduces the memory consumption in the memory-constrained device at the detriment of its distrusted memory-rich environment.

The outline of our idea is the following, throughout execution, the memory frames used by the verifier are MAC-ed and exported to the terminal and then retrieved upon request. Hence a distrusted memory-rich terminal can be safely used for convincing the embedded device that the downloaded code is secure.

The proposed protocol was implemented on JCOP20 and JCOP30 Java cards using IBM's JCOP development tool.

Category / Keywords: applications / MAC, Protocol, Type Inference, Smart Cards

Publication Info: A short version of this paper appeared in ICICS2003

Date: received 18 Jul 2003

Contact author: david naccache at gemplus com

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20030720:194813 (All versions of this report)

Discussion forum: Show discussion | Start new discussion