Paper 2003/140

Trading-Off Type-Inference Memory Complexity Against Communication

Konstantin Hyppönen, David Naccache, Elena Trichina, and Alexei Tchoulkine

Abstract

While bringing considerable flexibility and extending the horizons of mobile computing, mobile code raises major security issues. Hence, mobile code, such as Java applets, needs to be analyzed before execution. The byte-code verifier checks low-level security properties that ensure that the downloaded code cannot bypass the virtual machine's security mechanisms. One of the statically ensured properties is {\sl type safety}. The type-inference phase is the overwhelming resource-consuming part of the verification process. This paper addresses the RAM bottleneck met while verifying mobile code in memory-constrained environments such as smart-cards. We propose to modify classic type-inference in a way that significantly reduces the memory consumption in the memory-constrained device at the detriment of its distrusted memory-rich environment. The outline of our idea is the following, throughout execution, the memory frames used by the verifier are MAC-ed and exported to the terminal and then retrieved upon request. Hence a distrusted memory-rich terminal can be safely used for convincing the embedded device that the downloaded code is secure. The proposed protocol was implemented on JCOP20 and JCOP30 Java cards using IBM's JCOP development tool.

Metadata
Available format(s)
PDF PS
Category
Applications
Publication info
Published elsewhere. A short version of this paper appeared in ICICS2003
Keywords
MACProtocolType InferenceSmart Cards
Contact author(s)
david naccache @ gemplus com
History
2003-07-20: received
Short URL
https://ia.cr/2003/140
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2003/140,
      author = {Konstantin Hyppönen and David Naccache and Elena Trichina and Alexei Tchoulkine},
      title = {Trading-Off Type-Inference Memory Complexity Against Communication},
      howpublished = {Cryptology ePrint Archive, Paper 2003/140},
      year = {2003},
      note = {\url{https://eprint.iacr.org/2003/140}},
      url = {https://eprint.iacr.org/2003/140}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.