, Instruction Randomization, or When the Attacker Gets Lost in Translation. Accepted Talk at Chip-to-Cloud'12 Security Forum, 2012.
, Fault Attacks on Java Card 3 Virtual Machine. Accepted Talk at e-Smart'09, 2009.
, Combined Attacks on Java Card 3 -Type Confusion Issues. Accepted Talk at e-Smart'10, 2010.
, Java Card Operand Stack:??Fault Attacks, Combined Attacks and Countermeasures, Smart Card Research and Advanced Applications, 10th International Conference ? CARDIS 2011, pp.297-313, 2011.
DOI : 10.1007/978-3-642-27257-8_19
URL : https://hal.archives-ouvertes.fr/hal-00692171
, Procédé et Système de Sécurisation d'une Application Logicielle comprenant une Instruction Conditionnelle basée sur une Variable Booléenne, 2011.
, Embedded Eavesdropping on Java Card, Proceedings of the IFIP International Information Security and Privacy Conference 2012 ? SEC 2012, 2012.
DOI : 10.1007/978-3-642-30436-1_4
URL : https://hal.archives-ouvertes.fr/hal-00706186
, Application-Replay on Java Card 3, When the Garbage Collector Gets confused. Accepted Talk at e-Smart, 2011.
, Application-Replay Attack on Java Cards: When the Garbage Collector Gets Confused, Proceedings of the International Symposium on Engineering Secure Software and Systems ? ESSoS 2012, pp.1-13, 2012.
DOI : 10.1007/978-3-642-28166-2_1
URL : https://hal.archives-ouvertes.fr/hal-00692173
, Tampering with Java Card Exception -The Exception Proves the Rule, Proceedings of the International Conference on Security and Cryptography ? SECRYPT'12. SciTePress Digital Library, 2012.
, Synchronized Attacks on Multithreaded Systems - Application to Java Card 3.0 -, Smart Card Research and Advanced Applications , 10th International Conference ? CARDIS 2011, pp.18-33, 2011.
DOI : 10.1007/978-3-642-27257-8_2
URL : https://hal.archives-ouvertes.fr/hal-00692172
, Attacks on Java Card 3.0 Combining Fault and Logical Attacks, Smart Card Research and Advanced Application Conference ? CARDIS 2010, pp.148-163, 2010.
DOI : 10.1007/978-3-642-12510-2_11
URL : https://hal.archives-ouvertes.fr/hal-00692165
, Power Analysis for Secret Recovering and Reverse Engineering of Public Key Algorithms, LNCS, vol.4876, pp.110-125, 2007.
DOI : 10.1007/978-3-540-77360-3_8
, An Implementation of DES and AES, Secure against Some Attacks, Koç et al. [KNP01], pp.309-318
DOI : 10.1007/3-540-44709-1_26
, Man-in-the-middle in tunnelled authentication protocols, Security Protocols, pp.28-41, 2005.
, Fuzzing on the http protocol implementation in mobile embedded web server, pp.14-27, 2011.
, Correlation Power Analysis with a Leakage Model, LNCS, vol.3156, pp.16-29, 2004.
DOI : 10.1007/978-3-540-28632-5_2
, A Tool-Assisted Framework for??Certified??Bytecode??Verification, Lecture Notes in Computer Science, vol.2984, pp.99-113, 2004.
DOI : 10.1007/978-3-540-24721-0_7
, On the Importance of Checking Cryptographic Protocols for Faults, Advances in Cryptology -EUROCRYPT'97, pp.37-51, 1997.
DOI : 10.1007/3-540-69053-0_4
, The Sorcerer's Apprentice Guide to Fault Attacks, IEEE, vol.94, issue.2, pp.370-382, 2006.
, The Sorcerer's Apprentice Guide to Fault Attacks, Proceedings of the IEEE, pp.370-382, 2006.
, New Threat Model Breaks Crypto Codes. Press Release, 1996.
, Combined Software and Hardware Attacks on the Java Card Control Flow, Smart Card Research and Advanced Applications, 10th International Conference ? CARDIS 2011, 2011.
DOI : 10.1007/978-3-642-27257-8_18
URL : https://hal.archives-ouvertes.fr/hal-00684616
, The Next Smart Card Nightmare, Logical Attacks, Combined Attacks, Mutant Applications and Other Funny Things, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00684662
, RFC 1738: Uniform Resource Locators (URL). The Internet Engineering Task Force, 1994.
DOI : 10.17487/rfc1738
, Differential fault analysis of secret key cryptosystems, LNCS, vol.1294, pp.513-525, 1997.
DOI : 10.1007/BFb0052259
, An analysis of the vulnerabilities introduced with the java card 3 connected edition, 2012.
, Formal development of an embedded verifier for Java Card byte code, Proceedings International Conference on Dependable Systems and Networks, 2002.
DOI : 10.1109/DSN.2002.1028886
, Java Card Technology for Smart Cards, Architecture and Programmer's Guide, 2000.
, JCAT: An Environment for Attack and Test on Java Card, pp.270-275, 2003.
, The Evolution of the Java Security Model, Proceedings of the International Conference on Computer Systems and Technologies (CompSysTech'2005), 2005.
, Side Channel Cryptanalysis of a Higher Order Masking Scheme, Cryptographic Hardware and Embedded Systems ? CHES 2007, pp.28-44, 2007.
DOI : 10.1007/978-3-540-74735-2_3
, An Efficient and Simple Way to Test the Security of Java Card, Proceedings of WOSIS'05, pp.331-341, 2005.
, Reflections on MOP s, Components, and Java Security, Proceedings of the Engineering C of Object-Oriented Programs (ECOOP), volume 2072 of LNCS, 2001.
DOI : 10.1007/3-540-45337-7_14
, Personal History of the Java Card, 2012. French version originally published in MISC magazine, 2008.
, Java security: from HotJava to Netscape and beyond, Proceedings 1996 IEEE Symposium on Security and Privacy, 1996.
DOI : 10.1109/SECPRI.1996.502681
, Differential Fault Analysis on AES, LNCS, vol.2846, pp.293-306, 2003.
, Univariate side channel attacks and leakage modeling, Journal of Cryptographic Engineering, vol.34, issue.9, pp.123-144, 2011.
DOI : 10.1007/s13389-011-0010-2
, RFC 4346: The Transport Layer Security (TLS) Protocol Version 1.1. The Internet Engineering Task Force (IETF), 2006.
, RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2. The Internet Engineering Task Force (IETF), 2008.
, Integrated Circuit Card Specifications for Payment Systems, 2011.
, Building a Side Channel Based Disassembler, In Transactions on Computational Science X LNCS, vol.6340, pp.78-99, 2010.
DOI : 10.1007/978-3-642-17499-5_4
, RFC 6101: The Secure Sockets Layer (SSL) Protocol Version 3.0. The Internet Engineering Task Force, 2011.
, How to hoax an off-card verifier. Accepted Talk at e-Smart'10, 2010.
, Using memory errors to attack a virtual machine, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405), p.154, 2003.
DOI : 10.1109/SECPRI.2003.1199334
, Fault Attacks on Java Card : An Overview of the Vulnerabilities of Java Card Enabled Smartcards against Fault Attacks, 2005.
, Einrichtung zur Durchführung von Bearbeitungsvorgängen mit wenigstens einem Identifikanden und einer Vorrichtung, 1982.
, Introduction to Focused Ion Beam -Instrumentation, Theory, Techniques and Practice, 2004.
, The Java Language Specification, 2005.
, The Java?Language Specification, 2005.
, GlobalPlatform Card Technology Secure Channel Protocol 03 Card Specification v2.2 -Amendment D, Version 1, 2009.
, GlobalPlatform Card Technology Contactless Services Card Specification v 2.2 -Amendment C, Version 1.01, 2012.
, GlobalPlatform Card Technology Java Card Contactless API and Export File for Card Specification v2.2.1 (org.globalplatform.contactless) v1.1, 2012.
, Hold Your Sessions: An Attack on Java Session-Id Generation, Proceedings of the Cryptographer's Track at the RSA Conference (CT-RSA), 2005.
DOI : 10.1007/978-3-540-30574-3_5
, Electromagnetic Analysis: Concrete Results, Koç et al. [KNP01], pp.251-261
DOI : 10.1007/3-540-44709-1_21
, DES and Differential Power Analysis The ???Duplication??? Method, Cryptographic Hardware and Embedded Systems ? CHES '99, pp.158-172, 1999.
DOI : 10.1007/3-540-48059-5_15
, Measuring the performance of the Java Card Platform, Java One, 2006.
, Julien Micolod, Denis Réal, and Frédéric Valette. Defeating any Secret Cryptography with SCARE Attacks, LNCS, vol.6212, pp.273-293, 2010.
, A Survey on Fault Attacks, Smart Card Research and Advanced Application Conference (CARDIS04), pp.159-176, 2004.
DOI : 10.1007/1-4020-8147-2_11
, The Use of Lasers to Simulate Radiation-Induced Transients in Semicondictor Devices and Circuits, IEEE Transactions on Nuclear Science, vol.12, pp.91-100, 1965.
, Enforcing Secure Object Initialization in Java, Proceedings of the European Symposium on Research in Computer Securiy, ESORICS'10, pp.101-115, 2010.
DOI : 10.1007/978-3-642-15497-3_7
URL : https://hal.archives-ouvertes.fr/inria-00503953
, Full memory read attack on a java card, 4th Benelux Workshop on Information and System Security Proceedings (WIS- SEC'09), 2009.
, RFC 4732 : Internet Denial-of-Service Considerations. The Internet Engineering Task Force (IETF), 2006.
, Use of Cryptographic Codes for Bytecode Verification in Smartcard Environment, 2003.
, Developping a Trojan Applet in a Smart Card, Journal in Computer Virology, 2010.
, Chinese Remaindering Based Cryptosystems in the Presence of Faults, Journal of Cryptology, vol.12, issue.4, pp.241-245, 1999.
DOI : 10.1007/s001459900055
, Observability Analysis - Detecting When Improved Cryptosystems Fail -, LNCS, vol.2271, pp.17-29, 2002.
DOI : 10.1007/3-540-45760-7_2
, The Codebreakers: The Story of Secret Writing, 1996.
, Introduction to differential power analysis and related attacks, 1998.
, Introduction to differential power analysis, Journal of Cryptographic Engineering, vol.1, issue.3, pp.5-27, 2011.
DOI : 10.1007/s13389-011-0006-y
, The art of computer programming): seminumerical algorithms, Cryptographic Hardware and Embedded Systems ? CHES 2001, 1997.
, Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '96, pp.104-113, 1996.
, When Java was One: Threats from Hostile Bytecode, Proceedings of the 20th National Information Systems Security Conference, pp.104-115, 1997.
, Java byte-code verification: an overview, pp.265-285, 2001.
, Bytecode verification on java smart cards. Software Practive & Experience, pp.319-340, 2002.
URL : https://hal.archives-ouvertes.fr/hal-01499944
, Finding Security Vulnerabilities in Java Applications with Static Analysis, 2005.
, The Java?Virtual Machine Specification, 1999.
, Getting Down to Business with Mobile Code, 2000.
, Protection Circuit against Differential Power Analysis Attacks for Smart Cards, IEEE Transactions on Computers, vol.57, issue.11, pp.1540-1549, 2008.
DOI : 10.1109/TC.2008.107
, Applet Verification Strategies for RAM-Constrained Devices, pp.118-137, 2002.
DOI : 10.1007/3-540-36552-4_9
, Procédé et dispositif de commande électronique. French patent FR2266222, 1974.
, Testing the Java Card Applet Firewall Available at https, 2007.
, Malicious Code on Java Card Smartcards: Attacks and Countermeasures, Smart Card Research and Advanced Application Conference ? CARDIS 2008, pp.1-16, 2008.
DOI : 10.1007/978-3-540-30569-9_7
, Expanding and Extending the Security Features of Java, Proceedings of the 7th USENIX Security Symposium, 1998.
, Proof-carrying code, pp.106-119, 1997.
, A Differential Fault Attack Technique against SPN Structures, with Application to the AES and Khazad, Cryptographic Hardware and Embedded Systems ? CHES 2003, pp.77-88, 2003.
DOI : 10.1007/978-3-540-45238-6_7
, ElectroMagnetic Analysis (EMA): Measures and Counter-measures for Smart Cards, pp.200-210, 2001.
DOI : 10.1007/3-540-45418-7_17
, Eddy Current for Magnetic Analysis with Active Sensor, 2002.
, Smart Card Handbook, 2003.
, RFC 2818: HTTP over TLS. The Internet Engineering Task Force, 2000.
, Lightweight Bytecode Verification, Journal of Automated Reasoning, vol.31, issue.3/4, 1998.
DOI : 10.1023/B:JARS.0000021015.15794.82
, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol.21, issue.2, pp.120-126, 1978.
DOI : 10.1145/359340.359342
, Optical Fault Induction Attacks, In B.S
DOI : 10.1007/3-540-36400-5_2
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.9.5680
, Sécurité et Vérification d'Applications Embarquées en Environnement Java Card, 2001.
, Étude et Réalisation d'un Environnement d'Expérimentation et de Modélisation pour la Technologie Java Card. Applications à la Sécurité, 2004.
, Automatic Generation of Vulnerability Tests for the Java Card Byte Code Verifier. Accepted Talk at e-Smart, 2011.
, Electromagnetic radiations of fpgas: High spatial resolution cartography and attack on a cryptographic module
, Protecting Smart Cards from Passive Power Analysis with Detached Power Supplies, Cryptographic Hardware and Embedded Systems (CHES2000), pp.71-77, 1965.
DOI : 10.1007/3-540-44499-8_5
, Automatic Detection of Fault Attack and Countermeasures, Proceedings of the 4th Workshop on Embedded Systems Security ? WESS'09, pp.1-7, 2009.
, Checking the Paths to Identify Mutant Application on Embedded Systems, Proceedings of the International Conference on Security Technology ? SecTech'10, pp.459-468, 2010.
, Evaluation of Countermeasures Against Fault Attacks on Smart Cards, International Journal of Security and Its Applications, vol.5, issue.2, pp.49-61, 2011.
, Validating fault tolerant designs using laser fault injection (LFI), 1997 IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, pp.175-183, 1997.
DOI : 10.1109/DFTVS.1997.628323
, Electrooptical effects in silicon, IEEE Journal of Quantum Electronics, vol.23, issue.1, pp.123-129, 1987.
DOI : 10.1109/JQE.1987.1073206
, High Order Masking of the AES, CT-RSA'06, pp.208-225, 2006.
, Acoustic cryptanalysis: On nosy people and noisy machines, Rump Session, 2004.
, Application Programming Interface Specification, Java Card?Platform, Version 3.0.1, Classic Edition, 2009.
, Application Programming Interface Specification, Java Card?Platform, Version 3, 2009.
, Java Card?Protection Profile Collection, Version 1, 2006.
, Support d'information portatif muni d'un microprocesseur et d'une mémoire morte programmable. French patent FR2401459, 1977.
, Reverse Engineering Java Card Applets Using Power Analysis, 2006.
DOI : 10.1109/TC.2002.1004593
, Java Type Confusion and Fault Attacks, Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography ? FDTC'06, pp.237-251, 2006.
DOI : 10.1007/11889700_21
, The fault attack jungle -yet another concern for the designer (invited) IEEE International Workshop on Fault Diagnosis and Tolerance in Cryptography, 2011.
, Combined Attacks and Coutermeasures, Smart Card Research and Advanced Application Conference ? CARDIS 2010, pp.133-147, 2010.
, Reverse Engineering Java Card Applets Using Power Analysis, Proceedings of the 1st Workshop on Information Security Theory and Practice, pp.138-149, 2007.
DOI : 10.1109/TC.2002.1004593
, Spy Catcher: The Candid Autobiography of a Senior Intelligence Officer, 1987.
, Checking before Output may not be enough against Fault-based Cryptanalysis, pp.967-970, 2000.