Information Technology Reference
In-Depth Information
First, the UICC possesses the hardware-based
CCP, the special-purpose hardware built in the
UICC to provide various kinds of cryptographic
algorithms such as RSA, ECC, DH, AES, DES,
etc. Even though it's tiny size, the performance
of CCP is fully fast enough for providing the se-
cure FMC services. We referred to the data sheet
of one IC chip vendor for the data of UICC. We
implemented the sample applet to measure the
performance of UICC for each cryptographic
algorithm. The Table 1 depicts the result of our
experiments. Each crypto algorithm is processed
against one basic block. In the case of RSA key
generation for 1024-bit and 2048-bit, experiments
are performed 100 times and the results of them
are averaged.
Second, the hardware of UICC supports the
resistance to various side channel attacks such as
timing attack, power monitoring attack (Simple
Power Analysis, Differential Power Analysis),
and so forth. Most of UICCs implement the tech-
nologies such as various sensors to detect the
trials of side channel attacks, internal clock and
variation of it to resist to the timing attack, etc.
Third, the UICC has the inherent features
of the secure memory. All entities such as OS,
serial interfaces, hardware-based firewall, etc.
in the UICC are engaged in strictly securing the
memory, the messages via the I/O circuits, etc.
Furthermore, the demanders request the vendors
to make their products be internationally certified
to the security of the hardware components, the
memory management unit (MMU), the secure
crypto libraries, etc. The most commonly used cer-
tification standard is the CC, this is abbreviated as
the Common Criteria for Information Technology
Security Evaluation. The most of UICC products
have been evaluated at more than EAL4+ level.
Fourth, most UICCs implement Java Card
Platform to provide the various services based on
itself. The basic principle of Java Card Platform
includes the context isolation and code isolation,
which means that the platform supports firewall
among all softwares installed upon UICC. Thus,
sharing the resource or information among applets
is impossible in the UICC except for the Shareable
Interface Object, specially defined in Java Card
Platform for sharing information among applets.
Any malicious applet or other softwares cannot
access the information of which legitimate applets.
Fifth, UICC supports the secure remote admin-
istration methods by GlobalPlatform for issuers
Table 1. Cryptographic Performance of UICC
Cryptographic Algorithm
n-bit key (or block)
Performance
RSA key generation
1024
2.5 s
RSA key generation
2048
15 s
SHA-1 / SHA256 / MD5
-
1 ms / 2 ms / 1 ms
AES encrypt / decrypt
256
8 ms / 8 ms
SEED encrypt / decrypt
128
3 ms / 4 ms
DES encrypt / decrypt
64
3 ms / 3 ms
3DES encrypt / decrypt
128
4 ms / 3 ms
3DES encrypt / decrypt
192
5 ms / 4 ms
RSA CRT sign / verify
1024
199 ms / 8 ms
RSA non-CRT sing / verify
1024
277 ms / 9 ms
RSA CRT sign / verify
2048
1110 ms / 21 ms
RSA non-CRT sign / verify
2048
1925 ms / 21 ms
Search WWH ::
Custom Search