Paper Info
Title
Towards Low-level Cryptographic Primitives for JavaCards.
Abstract
JavaCard is a multi-application security platform deployed to over twenty billion smartcards, used in applications ranging from secure payments to telecommunications. While the platform is a popular choice for established commercial use cases (e.g., SIM cards in telecommunication networks), it has notably low adoption rates in: 1) application scenarios requiring recently-standardized cryptographic algorithms, 2) research projects, and 3) open source initiatives. We attribute this to the restricted access to low-level cryptographic primitives (e.g., elliptic curve operations) and the lack of essential data types (e.g., Integers). While the underlying hardware has those capabilities, the JavaCard API does not provide calls for the corresponding functionality. Until now, the only available workaround was manufacturer-specific proprietary APIs that come with very restrictive non-disclosure agreements. In this paper, we introduce a methodology to efficiently derive essential data types and low-level cryptographic primitives from high-level operations. Our techniques are ideal for resource-constrained platforms, and make optimal use of the underlying hardware, while having a small memory footprint. We also introduce JCMathLib, which, to the best of our knowledge, is the first generic library for low-level cryptographic operations in JavaCards that does not rely on a proprietary API. Without any disclosure limitations, JCMathLib enables open code sharing, release of research prototypes and public and third-party code audits.
Year
Venue
Field
2018
arXiv: Cryptography and Security
Workaround,Computer science,Cryptography,Computer security,Smart card,Cryptographic primitive,Data type,Java Card,Memory footprint,Subscriber identity module
DocType
Volume
Citations 
Journal
abs/1810.01662
0
PageRank 
References 
Authors
0.34
0
2
Name
Order
Citations
PageRank
Vasilios Mavroudis132.17
Petr Svenda27314.22