Methodology to reverse engineer a scrambled Java card virtual machine using electromagnetic analysis

Abstract

ElectroMagnetic Analysis (EMA) of smart cards is a powerful technique that allows extracting information about the executed code as well as about the processed data. It's why EMA could be exploited in a side channel attack to retrieve the encryption key. In our current work, we study the possibility to apply reverse engineering upon a java card application in which the virtual machine is scrambled. Even if this process of scrambling is an effective way to prevent execution of an arbitrary code written in any data structure, we believe that it can be systematically bypassed regardless the level of the platform encryption under the reverse engineering trails. In this paper, we present a methodology that could be used to find out the encryption key of the scrambling process.