Category Archives: Java Card 2.x

Information about the current generation of Java Card. The posts could be tricks, tips, blogs, or just about anything useful about the existing Java Card specs.

Designing chips against fault induction

e-Smart, day 1. The title of the talk by ST’s Christophe Tremlet was very appealing [Tre06]; the talk was interesting, but a bit under my expectations (the problem is not completely solved). Nevertheless, Christophe gave a very nice and interesting presentation of fault induction attacks, showing the different parameters that can be acted upon at […]

September 22, 2006 – 22:03 | By Eric Vétillard | Posted in News, Research, Security | Comments (0)

e-passport security

There have been several posts on Bruce Schneier’s blog about e-passports, including a recent one. Bruce’s views are interesting, and he raises interesting issues about RFID on passports. On the other hand, the comments posted on this post and related ones, show that there are lots of misunderstandings about the technology. Of course, this is […]

September 19, 2006 – 13:18 | By Eric Vétillard | Posted in Applications, Identity, News, Open issues, Security | Comments (1)

Java Card platform performance measurement

Java Card performance has always been a contentious issue: first, between the Java Card vendors; then, between the Java Card supporters and the native card supporters. The issue is sensitive, because it is a commercial argument, which has been used and misused across the years.

September 9, 2006 – 21:38 | By Eric Vétillard | Posted in Java Card 2.x, Research | Comments (0)

Exception handling in install

The JCRE specification does not describe how the exceptions thrown from the install command should be handled. The reason for this is that these exceptions are supposed to be handled by an installer application, and the JCRE specification (¶11.1.5)explicitly states: Java Card RE implementers shall also define other behaviors of their Installer, including (…) what […]

September 5, 2006 – 22:25 | By Eric Vétillard | Posted in Framework, Open issues | Comments (0)

Throwing exceptions

Exceptions are a nice feature of the Java language, which is available to Java Card developers. The nice thing about exceptions is that you don’t have to deal with error codes. We here recall a few good practices about the use of exceptions in Java Card applications.

September 4, 2006 – 22:22 | By Eric Vétillard | Posted in Framework | Comments (0)

Java Card cards are less secure than native cards

This argument is often used by Java Card foes, often in conjunction to the “Java Card is slow” argument. The statement is effective, because most people don’t even bother to look deeper into its meaning. Here, we do not look at detailed figures and analyses, but we do look at possible reasons why this statement […]

September 4, 2006 – 15:56 | By Eric Vétillard | Posted in Idées reçues, Security | Comments (1)

Java Card versioning

All releases of Java produced by Sun Microsystems obey the same rules about version numbers. All version numbers are in the form x.y.z, or x.y when z=0. These values change as follows: Major release. x is incremented and y and z reset to 0 when an evolution is not backward compatible with the previous version […]

September 3, 2006 – 22:10 | By Eric Vétillard | Posted in Java Card 2.x | Comments (0)