The Validy technology runtime handles the communication between the transformed Java application running inside the host VM and the token VM running inside the secure coprocessor. Its implementation is split into a Java library on the host side and part of the firmware on the coprocessor side. The high level functions let the application perform the following operations:
-
Send data to the token (
out). -
Send ciphered instructions to the token for execution (
exe). -
Retrieve data computed by the token (
in).
The translator inserts calls to these functions into the bytecode of the application automatically as it transforms it. The transformed application thus depends on the Java part of the runtime library.
The runtime performs the following actions to ensure that the execution of the protected application is faithful to that of the original one and as efficient as possible.
-
The runtime serializes instructions from different threads to respect the Java memory model.
-
The runtime buffers the flow of data and ciphered instructions.
-
The runtime caches recently executed instructions to decrease the cost of transmitting them several times to the coprocessor.
Tampering with the runtime to modify the dataflow to the token is not of any help to an attacker, if the program remains semanticaly correct it continues to work, but if it is modified, the token notices it very rapidely and retaliates.