Research on On-card Bytecode Verifier for Java Cards

The bytecode verification is a key point of the security chain of the Java Platform. This feature is optional in many embedded devices since the memory requirements of the verification process and the process capability of hardware are too high. In this paper we propose a verifier that utilizes the logical flow graph based cache policy and an improved non stressing type coding method, for the bytecode verification on the Java card, which remarkably reduces the use of the memory by the scheduling algorithm of the bytecode verifier. Off-card pre-processing is unnecessary for the bytecode, hence it is possible to be implemented on card and to prevent any bytecode, which is correct yet not pre-processed, from being refused by the oncard verifier. This algorithm also features strong transportability and feasibility with a perfect verification process based on traditional bytecode verification. The results of the experiments show that this bytecode verification can be performed directly on small memory systems.