Information Technology Reference
In-Depth Information
The most important common features of the applets for both platforms are
the following:
-
KA function: DH, where the output of the function is the SHA-1 value of
the shared secret.
-
KDF function: KDF1 [16].
-
ENC algorithm: 3DES with two keys, in CBC mode, and without padding.
-
MAC function: HMAC-SHA-1 [20].
-
HASH function: SHA-1.
As the maximum length for the APDUs transmitted to and from the smart cards
using the T=0 protocol is 255 bytes [21], the plaintexts managed in the tests
performed in this contribution have a maximum size of 160 bytes, so both the
cryptogram provided by the smart card during the encryption process and the
cryptogram sent to the smart card in the decryption process can be inserted in
asingleAPDU.
The application code size in EEPROM is 4940 bytes for the JCOP 41 card
and 4328 bytes in the case of the JCOP J3A card, as informed by Eclipse. The
reason for this difference is that the JCOP 41 implementation manages keys of
4 possible sizes (113, 131, 163, and 193 bits) whilst the JCOP J3A manages
only three types of keys (128, 160, and 192 bits). Regarding the keys of 113
bits available at the JCOP 41 cards, though implemented, we decided not to
use them in this comparison, as that key size does not have a counterpart of a
similar length in the JCOP J3A model.
Finally, it is worth mentioning that the elliptic curves implemented by the
JCOP cards are standard curves published by SECG (sect131r1, sect193r1,
secp128r1, and secp160r1), WAP Forum (c2pnb163v1), and ANSI (P-192).
5 Experimental Results and Conclusions
In order to be able to measure the encryption and decryption time, we developed
a Java application using the Java Smartcard I/O API [22], available since Java
SE 6, and the
System.nanoTime()
method included in that API, which returns
the current value in nanoseconds of the most precise available system timer.
Using that timing function, the starting time has been taken exactly before
sending the command APDU with the encryption/decryption request to the
smart card, while the finishing time for each measurement has been obtained just
after receiving the response APDU with the output of the encryption/decryption
process from the smart card.
All the tests have been performed 20 times for each combination of message
length (64, 96, 128, and 160 bytes) and key length (131, 163, and 193 bits when
using the prime curves of JCOP 41, and 128, 160, and 192 bits in the case of
the prime curves included in JCOP J3A).
The data included in Table 2 show the mean value of the 20 tests performed for
every encryption and decryption combination in JCOP 41 and JCOP J3A cards.
Taking into account all the tests, the maximum standard deviation computed
Search WWH ::
Custom Search