TPR 3211 Project 1 - PowerPoint PPT Presentation

1 / 46
About This Presentation
Title:

TPR 3211 Project 1

Description:

'The number of transistors that can fit in a specific area doubles every 18 months. ... Javacard API is deprecated from Java API ... – PowerPoint PPT presentation

Number of Views:67
Avg rating:3.0/5.0
Slides: 47
Provided by: andre235
Category:

less

Transcript and Presenter's Notes

Title: TPR 3211 Project 1


1
TPR 3211 Project 1
  • Project Title AES in Javacard
  • Project ID 221
  • Supervisor Mr. Safi Uddin
  • Moderator Mr. Murugadoss

2
Introduction
3
Introduction
4
Introduction
5
Introduction
  • One word
  • CHANGE

6
Introduction
  • Moores Law
  • The number of transistors that can fit in a
    specific area doubles every 18 months.

7
Introduction
  • DES (Data Encryption Standard)
  • First cracked in 1997
  • Record held at present is 22 hours
  • Replaced by AES (Advanced Encryption Standard) in
    2001

8
AES
  • Advanced Encryption Standard
  • Originally called Rijndael
  • Symmetric block cipher that encrypts and decrypts
    data in blocks of 128 bits
  • Specifies 3 key sizes 128, 196 and 256 bits

9
AES
  • In decimal terms, this means that there are
    approximately
  • 3.4 x 1038 possible 128-bit keys6.2 x 1057
    possible 192-bit keys and1.1 x 1077 possible
    256-bit keys.

10
AES
  • DES key are 56 bits long
  • There are approximately 7.2 x 1016 possible DES
    keys
  • There are on the order of 1021 times more AES
    128-bit keys than DES 56-bit keys

11
AES - Cipher
  • Pseudocode for cipher
  • Cipher(byte in4 Nb, byte out4 Nb, word
    wNb (Nr 1))
  • begin
  • byte state4,Nb
  • state in
  • AddRoundKey(state, w)
  • for round 1 step 1 to Nr 1
  • SubBytes(state)
  • ShiftRows(state)
  • MixColumns(state)
  • AddRoundKey(state, w round Nb)
  • end for
  • SubBytes(state)
  • ShiftRows(state)
  • AddRoundKey(state, w Nr Nb)
  • out state
  • end

12
AES SubBytes(state)
  • Non linear byte substitution

13
AES SubBytes(state)
  • For example, if s1,1 53, s1,1 ed

14
AES ShiftRows(state)
  • Cyclic shift of bytes in rows

15
AES MixColumns(state)
  • Columns are treated as 4 term polynomial
  • Matrix multiplication with a fixed polynomial

16
AES Inverse Cipher
  • Pseudocode for inverse cipher
  • InvCipher(byte in4 Nb, byte out4 Nb, word
    wNb (Nr 1))
  • begin
  • byte state4,Nb
  • state in
  • AddRoundKey(state, w Nr Nb) // See Sec.
    5.1.4
  • for round Nr - 1 step -1 to 1
  • InvShiftRows(state) // See Sec. 5.3.1
  • InvSubBytes(state) // See Sec. 5.3.2
  • AddRoundKey(state, w round Nb)
  • InvMixColumns(state) // See Sec. 5.3.3
  • end for
  • InvShiftRows(state)
  • InvSubBytes(state)
  • AddRoundKey(state, w)
  • out state
  • end

17
AES InvShiftRows(state)
  • Cyclic shift of bytes in rows

18
AES InvSubBytes(state)
  • Non linear byte substitution

19
AES InvMixColumns(state)
  • Columns are treated as 4 term polynomial
  • Matrix multiplication with a fixed polynomial

20
Smartcard vs Javacard
  • A smartcard is a credit card with a brain in
    it
  • Must communicate with a device to gain access to
    a display device or network
  • Can be plugged into a reader (card terminal) or
    operate using radio frequencies

21
Smartcard vs Javacard
  • A Javacard is a smartcard,
  • a smartcard is not a Javacard

22
Javacard
  • There is an estimated 3 billion smartcards in the
    world at the present moment, and all the major
    smartcard players have licensed Javacard
  • Javacard is a smart card that is capable of
    running programs written in Java
  • It is designed to run on 8-bit microprocessors
    with as little as 256 bytes of RAM (no, I didnt
    leave out the K!) and 14 kilobytes of ROM
  • It enables the first true multi-application
    cards, it speeds and simplifies application
    development in very small memory environments

23
Javacard
24
Javacard
  • Javacard Virtual Machine
  • Due to limited memory resources, it is not
    possible to fit the JVM into Javacard
  • 3 strategies
  • Small JVM is introduced
  • Javacard API is deprecated from Java API
  • No threads, security manager, synchronization,
    multi-dimensional arrays, large primitive data
    types
  • Split architecture
  • Bytecode at both ends card terminal end and
    Javacard end

25
Javacard
  • Communication with the outside world
  • Application Protocol Data Unit
  • Data package (maximum size is 255 bytes)
  • A Javacard always waits for Command APDU from
    the reader (card terminal software)
  • Responds with Response APDU

26
Javacard
  • Javacard Runtime Environment
  • Contains API classes and the JVM
  • Responsible for
  • applet installation and initialisation
  • selection and deselection
  • APDU dispatching
  • transaction management
  • catching unchecked exceptions
  • assigns AID for each applet

27
Javacard
  • How does it work?
  • Java data is compiled into bytecode and sent to
    card reader (card terminal driver)
  • Reader converts bytecode into card bytecode
  • Wraps card bytecode into data package Select
    APDU to tell the Javacard to let go of current
    active applet and select the new current applet
  • JCRE in Javacard will assign new applet AID
  • Communication by Command APDU and Response
    APDU

28
AES in Javacard
  • Why Javacard?
  • Smart cards provide a secure, portable platform
    for "any time, anywhere" computing that can carry
    and manipulate substantial amounts of data,
    especially an individual's personal digital
    identity
  • The Java Card API allows applications written for
    one card to be downloaded "in place" into any
    other card
  • The Java Card thus allows smart cards to become a
    general-purpose computing platform and creates a
    potentially huge market for application software
    and development -- especially for financial,
    telecommunications, television, and security
    applications

29
AES in Javacard
  • Why AES in Javacard?
  • Increasingly, physical keys are being replaced by
    cryptographic keys, which are typically a
    thousand bits in size
  • Modern smart cards are the ideal carriers for
    such keys, because they have enough computing
    power to do the necessary encryption or
    decryption on-card, so that the secret key never
    has to leave the card
  • One of the reasons Rijndael was chosen as AES was
    because of its efficiency in low memory
    environments

30
AES in Javacard
  • Hardware Specifications

31
AES in Javacard
  • Hardware Specifications
  • GemPC-410 card reader
  • GemXpresso RAD III PK IS Javacard
  • USB to Serial converter

32
AES in Javacard
GUI Card Terminal Application
Gemplus GemPC-410 Card Terminal Driver
Gemplus GemXpresso RAD III PK IS Kernel
Ocean SDK (optional)
AES Javacard applet
Windows 98 JDK 1.2.2 Inprise JBuilder 3.5 Card
Terminal Application
33
AES in Javacard
  • Software Specifications
  • Windows 98
  • JDK1.2.2
  • Inprise JBuilder 3.5
  • Gemplus GemXpresso RAD III PK IS Kernel
  • Gemplus GemPC-410 Card terminal driver (OCF with
    PC/SC bridge)

34
AES in Javacard
  • Solution methods
  • Research into the protocols, standards involved
    in project
  • Implementation of an AES applet model on a Java
    platform
  • Design and coding of a Javacard applet, test run
    on a simulation environment (Gemplus Simulation
    Environment)
  • Design and coding of card terminal application
  • Test run both Javacard applet and card terminal
    application

35
AES in Javacard
  • Prototype development phase 1
  • Tested applet security sandbox with an applet to
    read c\autoexec.bat

36
AES in Javacard
  • After creating keystore, signing applet and
    specifying permission in policy file, applet can
    be run

37
AES in Javacard
  • Prototype development phase II

Figure splash screen of prototype
38
AES in Javacard
Figure encryption screen 1 of prototype
39
AES in Javacard
Figure encryption screen 2 of prototype
40
AES in Javacard
Figure decryption screen 1 of prototype
41
AES in Javacard
Figure decryption screen 2 of prototype
42
AES in Javacard
  • Prototype behaviour
  • Encryption longer than decryption

43
AES in Javacard
  • Implementation plan for coming trimester
  • Choose between OCF and PC/SC
  • Develop Javacard applet
  • Run Javacard applet using GSE (Gemplus Simulation
    Environment) simulator to determine memory
    requirement, implementation errors, flow of
    communication, etc.
  • Develop Card Terminal Application using OCF or
    PC/SC platform.

44
AES in Javacard
  • Conclusion
  • AES in Javacard is a new platform, a new method,
    a new thinking.

45
AES in Javacard
46
THE END
  • Thank you for your attention
Write a Comment
User Comments (0)
About PowerShow.com