0

I am suffering of a massive lack of speed when it comes to mutual authenticate with the card. This takes about 13 to 20 seconds which seems at least 10 times to much.

The slowest part is the "Get-Challenge" and I think it might be because of my construction of a non-leaking map and the seperate "rotate-left"

public static byte[] NLM (byte[] x, byte[] y) {
  final byte[] f1 = new byte[] {(byte) 0x35, (byte) 0xB0,(byte) 0x88,(byte) 0xCC,(byte) 0xE1,(byte) 0x73}; //48-bit unsigned integer
  final byte[] constant = new byte[] {(byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01}; //constant
  byte[] Y = new byte[6]; //48-bit unsigned integer
  byte[] Y1 = new byte[6]; //48-bit unsigned integer
  byte[] R = new byte[6]; //48-bit unsigned integer
  byte[] R1 = new byte[6]; //48-bit unsigned integer
  short size = 6;
  JCArrayInt[] Red = new JCArrayInt[2]; // array of 48-bit unsigned integers
  JCArrayInt[] Mul = new JCArrayInt[2]; // array of 48-bit unsigned integers

  byte k = 48;

  Red[0] = new JCArrayInt(size);
  Mul[0] = new JCArrayInt(size);
  Red[1] = new JCArrayInt(size);
  Mul[1] = new JCArrayInt(size);
  Red[1].jcint = Utils.XOR(f1, constant);
  Mul[1].jcint = x;
  Y = y;

  for (short i = 0; i < 48; i++) {
    R  = rotateLeft48(R);
    R1 = Utils.AND(R, constant);
    R  = Utils.XOR(R, Red[R1[5]].jcint);
    Y  = rotateLeft48(Y);
    Y1 = Utils.AND(Y, constant);
    R  = Utils.XOR(R, Mul[Y1[5]].jcint);       
  }   
  return R;
}

public static byte[] rotateLeft48 (byte[] data) {
  byte t = (byte)((data[0] >>> 7) & 0x001);
  short l = (short) (data.length - 1);
  for (short i = 0; i < l; ++i) {
    data[i] = (byte)(((data[i] << 1) & 0x0FE) | ((data[i + 1] >>> 7) & 0x001));
  }
  data[l] = (byte)(((data[l] << 1) & 0x0FE) | t);
  return data;
}

I can live with it taking a little longer due to this overhead besides doing some XOR, AND, rotation and all they key generation and actual encrypting (done with AES-128). should I use transient arrays (would that make that big of a difference)?

Using JCOP for all that!

achiever
  • 309
  • 1
  • 16
  • 2
    Pretty please, do read a book about Java Card and do a few tutorials. Know the difference between persistent and transient memory. Only then should you be even *allowed to touch the keyboard*. What's wrong with using `RandomData`? – Maarten Bodewes Jun 10 '14 at 18:06
  • well, I know the difference! I am just wondering if writing to the RAM instead of EEPROM can be that much slower. All the variables I used don't need to be persistent, session key is transient anyways, so in case of not wasting to much space/speeding up the whole thing this might be a good option. RandomData works well, the code does what it needs to! – achiever Jun 11 '14 at 12:27
  • No, you *don't* know the difference, that's the problem. You *think* you know the difference. – Maarten Bodewes Jun 11 '14 at 12:57
  • ok, I _think_ I know it! The thing is that the encryption does what it has to, but is very slow - as I said 13 to 20 seconds for the mutual authentication. And I cannot imagine this as being practical in any way and there must be ways to speed things up. Using a transient byte array stack might be one option, isn't it? – achiever Jun 11 '14 at 13:23
  • 2
    And not using `new` would be another yes. But again, you should not just apply this bit of knowledge, you should go deeper into the platform. – Maarten Bodewes Jun 11 '14 at 13:38
  • the thing is, no matter what operation I did so far it took 2 seconds tops, it is only this part that is way slower than everything else! yet again, it did speed up about 2 to 4 seconds using transient arrays, so it takes about 12 seconds now on average – achiever Jun 11 '14 at 14:42
  • Two seconds is a very long time, unless it is about reading large files or performing asymmetric (RSA private key) operations. – Maarten Bodewes Jun 11 '14 at 16:27
  • indeed, I did check the exact numbers and it is between 0.023 to 0.597 seconds depending on what is done! except the "get-challenge" of the mutual authentication that takes 12 seconds. And in this I have to call this NLM algorithm twice what made me think this might be the bottleneck. – achiever Jun 12 '14 at 13:28
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/55513/discussion-between-owlstead-and-achiever). – Maarten Bodewes Jun 12 '14 at 14:43
  • Is this question answered? Is the problem solved? – vojta May 15 '15 at 06:47

0 Answers0