V. Gayoso Martínez

Elliptic curve cryptography: Java implementation issues

Elliptic curve cryptography (ECC) is based in one of the hardest arithmetic problems, the elliptic curve discrete logarithm problem, making ECC a reliable cryptographic technique. In addition to this advantage, ECC requires shorter keys compared to other public key algorithms, which suggests its use in low-end systems such as smart cards because of its efficiency and limited hardware requirements. Currently the leading smart card technology is Java card. Though both Java 2 standard edition (J2SE) 5.0 and Java card (JC) 2.2.1 include classes and interfaces making ECC available to Java programs, they are not complete, making it necessary to use additional, non-standard packages if the programmer wants to use ECC for different operations (digital signature, data encryption and decryption, etc.). In the present work, we provide a complete review of the state of the art of ECC in J2SE and Java card, with a complete list of operations available in both standard implementations and proprietary packages.

A comparison of the standardized versions of ECIES

Elliptic Curve Cryptography (ECC) can be used as a tool for encrypting data, creating digital signatures or performing key exchanges. In relation to encryption, the Elliptic Curve Integrated Encryption Scheme (ECIES) is the best known scheme based on ECC, and as such it has been included in several cryptographic standards. In the present work, we provide an extensive review and comparison of the versions of ECIES included in documents from ANSI, IEEE, ISO/IEC, and SECG, highlighting the main differences between them that can prevent implementations of ECIES from being fully interoperable.

Implementing ECC with Java Standard Edition 7

Elliptic Curve Cryptography is one of the best options for protecting sensitive information. The lastest version of th e Java platform includes a cryptographic provider, named SunEC, that implements some elliptic curve operations and protocols. However, potential users of this provider are limited by the lack of information available. In this work, we present an extensive review of the SunEC provider and, in addition to that, we offer to the reader the complete code of three applications that will allow programmers to generate key pairs, perform key exchanges, and produce digital signatures with elliptic curves in Java.

Security and Practical Considerations When Implementing the Elliptic Curve Integrated Encryption Scheme

Abstract The most popular encryption scheme based on elliptic curves is the Elliptic Curve Integrated Encryption Scheme (ECIES), which is included in ANSI X9.63, IEEE 1363a, ISO/IEC 18033-2, and SECG SEC 1. These standards offer many ECIES options, not always compatible, making it difficult to decide what parameters and cryptographic elements to use in a specific deployment scenario. In this work, the authors show that a secure and practical implementation of ECIES can only be compatible with two of the four previously mentioned standards. They also provide the list of functions and options that must be used in such an implementation. Finally, they present the results obtained when testing this ECIES version implemented as a Java application, which allows them to offer some comments about the performance and feasibility of their proposed solution.The most popular encryption scheme based on elliptic curves is the Elliptic Curve Integrated Encryption Scheme ECIES, which is included in ANSI X9.63, IEEE 1363a, ISO/IEC 18033-2, and SECG SEC 1. These standards offer many ECIES options, not always compatible, making it difficult to decide what parameters and cryptographic elements to use in a specific deployment scenario. In this work, the authors show that a secure and practical implementation of ECIES can only be compatible with two of the four previously mentioned standards. They also provide the list of functions and options that must be used in such an implementation. Finally, they present the results obtained when testing this ECIES version implemented as a Java application, which allows them to offer some comments about the performance and feasibility of their proposed solution.

A comparative study of three Spanish eGoverment smart cards

Smart cards are well-known tamper-resistant devices, and due to their portability and security they represent an excellent platform for implementing strong authentication services. This contribution analyses three Spanish smart card deployments intended to be used for eGoverment services, comparing their respective contents and capabilities. As a result of our analysis, we conclude that the current deployment of smart cards for the electronic prescription service being rolled out throughout Spain could be replaced by the use of the already consolidated Spanish National Identity card.

Using Smart Cards for Authenticating in Public Services: A Comparative Study

Smart cards are well-known tamper-resistant devices, and as such they represent an excellent platform for implementing strong authentication. Many services requesting high levels of security rely on smart cards, which provide a convenient security token due to their portability. This contribution analyses two Spanish smart card deployments intended to be used for accessing eGoverment services, comparing their respective contents and capabilities.

A Comparative Analysis of Hybrid Encryption Schemes Based on Elliptic Curves

Elliptic Curve Cryptography (ECC) can be used as a tool for encrypting data, creating digital signatures, and performing key exchanges. Regarding the encryption capability, the first schemes that appeared were either versions of already existing public-key algorithms (Massey-Omura and ElGamal) or new schemes specified ad hoc (Menezes- Vanstone). However, all the initial elliptic curve encryption schemes had similar problems, and thus were conveniently discarded by the academic community. The encryption schemes currently used are known as hybrid cryptosystems, as they use both symmetric and asymmetric techniques. Among those hybrid cryptosystems based on ECC, the best known ones are the Elliptic Curve Integrated Encryption Scheme (ECIES), the Provably Secure Elliptic Curve encryption scheme (PSEC), and the Advanced Cryptographic Engine (ACE). In this work, we present an extensive review of the basic concepts of elliptic curves, the initial ECC encryption algorithms, and the current ECC hybrid cryptosystems. After that, we provide a comprehensive comparison of ECIES, PSEC, and ACE, highlighting the main differences between them. Finally, we conclude that, with the available data, it can be stated that ECIES is the best ECC encryption scheme from a performance and ease of implementation point of view.

Breaking a Hitag2 Protocol with Low Cost Technology.

Hitag2 is an encryption algorithm designed by NXP Semicondu ctors that is used in electronic vehicle immobilizers and anti-theft devices. Hitag2 uses 48-bit keys fo r authentication and confidentiality, and due to that feature it is considered an insecure cipher. In this contrib ution we present a comparison of low cost technologies able to break a known protocol based on this cipher in a re asonable amount of time. Building on top of these solutions, it is possible to create an environment abl e to obtain Hitag2 keys in almost negligible time. The procedure can be easily expanded in order to consider oth protocols based on the same cipher.

Group Signatures in Practice

Group signature schemes allow a user to sign a message in an anonymous way on behalf of a group. In general, these schemes need the collaboration of a Key Generation Center or a Trusted Third Party, which can disclose the identity of the actual signer if necessary (for example, in order to settle a dispute). This paper presents the results obtained after implementing a group signature scheme using the Integer Factorization Problem and the Subgroup Discrete Logarithm Problem, which has allowed us to check the feasibility of the scheme when using big numbers.

Developing ECC applications in Java Card

Elliptic Curve Cryptography (ECC) is a branch of public-key cryptography based on the arithmetic of elliptic curves. Given its mathematical characteristics, ECC is currently one of the best options for protecting sensitive information. The lastest version of the Java Card platform includes several classes related to elliptic curves. However, potential developers are discouraged by the peculiarities of its programming model and the scarce information available. In this work, we present an up to date and extensive review of the ECC support in Java Card. In addition to that, we offer to the reader the complete code of an application that will allow programmers to understand and test the entire application development process in Java Card.