0

I'm new to Smart Cards and Java Card. I'm planning to implement a variation of the ElGamal key generation algorithm. It's not easy to find information, so is it possible to calculate this steps on a Java Card?

  1. Find smallest prime number greater than a number x (about 2048 bit)
  2. Determine if a number g is a primitive root mod p
  3. Modular exponentation, arithmetic on big numbers (about 2048 bit)

I know that the RSA key generation is possible on a Smart Card, but are the individual steps of the generation (like finding a prime number) also possible? If not, are there other kinds of security tokens that can do this? I'm planning to use the NXP J3D081 Card.

P. Sherman
  • 135
  • 1
  • 7
  • Could you tell me how to get such a prime number for example? I couldn't find anything. – P. Sherman Aug 23 '15 at 10:23
  • Point 1 is a suboptimal (read: bad) approach; the likelihood of a prime is here proportional to the size of the non-prime gap before. Point 3 is a normal RSA (e.g. encryption) calculation, of course it is possible. – guidot Aug 24 '15 at 15:49

2 Answers2

3

Probably all you have is the javacard's RSA implementation (including the CRT variant). This way you can generate some large primes (as components of CRT private key) and do some modular arithmetic (see this recent question and the RSAPrivateCrtKey class).

Your platform might have some restrictions which could complicate things a bit.

Manual implementation of anything will probably be slow (even if you had the signed 32-bit integer type supported by the card).

Desclaimer: I never did this sort of computations so please do verify my thoughts.

EDIT>

The OV chip 2.0 project contains a Bignat library which offers arithmetic on big numbers (download here).

EDIT2>

OpenCrypto project provides JCMathLib which implements mathematical operations with big numbers and elliptic curve points.

vlp
  • 7,811
  • 2
  • 23
  • 51
  • Do you mean that the only way to get primes is to compute the RSA key pair and extract p and q? That wouldn't be sufficient for me, i need to get the next prime for a specific number. – P. Sherman Aug 23 '15 at 10:29
  • The only one pure java card way I know (except generating a DSA key pair). You might want to consider using the 'secure box' feature which this chip should support (I have no experience with that, but it allows you to run native code. Maybe someone else helps you...). – vlp Aug 24 '15 at 18:15
  • 1
    The SecureBox feature is nothing that you can run simply on your own. Its complicated and involves NXP writing your native code into the ROM mask and send you special manfactured cards – Paul Bastian Aug 25 '15 at 14:06
0

The El gamal algorithm itself is not implemented on any card as far as i know. The requiured cryptographic primitives are not available in java card. Manual implementations are too slow as well

Paul Bastian
  • 2,597
  • 11
  • 26
  • The computations of ElGamal are very similar to RSA. Isn't it possible to use the RSA hardware to implement ElGamal? – P. Sherman Aug 23 '15 at 10:26
  • Well having a quick look I think that the multiplication step is a very difficult part. there is some hack around it using RSA. I can have a look in old projects and could give more information on tuesday – Paul Bastian Aug 23 '15 at 10:34
  • does your card support DH? – Paul Bastian Aug 23 '15 at 10:39
  • I didn't bought the card yet. I couldn't find much information for it, here is a [short datasheet](http://www.motechno.com/uploads/media/J3D081-JCOP2.4.2.pdf). It says nothing about Diffie Hellman. If you think the other steps i mentioned are not possible, you don't need to bother. Otherwise thanks. – P. Sherman Aug 23 '15 at 11:20
  • Well, the mentioned card does support DH to my knowledge. I'm not very sure what you actually want to build but if you have no prior knowledge in this field it is definitly going to be difficult. Just remember that very basic cryptosteps are not available per se and everything is kind of "hacking" functions from other crypto facilities. – Paul Bastian Aug 23 '15 at 11:27
  • I want to implement an algorithm for my thesis. It's a variation of the ElGamal key generation as i said. It's main steps are to compute a prime number p, to generate a primitive root g mod p and calculations like x*y^e mod p. I have no prior knowledge in programming smart cards, but i already assumed that this would be hard to implement. You don't know by chance a security token with can accomplish this? – P. Sherman Aug 23 '15 at 11:47
  • I dont think it is feasible in javacard with any reasonable efforts. any one voting down please prove me wrong.. – Paul Bastian Aug 25 '15 at 14:10
  • I did now manage to implement a part of my algorithm on a card (without the prime generation and finding of a primitive root). Calculating x^e mod n works fine with the RSA methods. You said there is a hack to implement multiplication (mod n). I'm would now need this, could you give me more information about it? – P. Sherman Sep 29 '15 at 12:54
  • 1
    if i remember correctly using a binmoial formula works, because you can square fast with RSA, dividing by 2 is trivial, so you just need some byte array adding. no guarantees given – Paul Bastian Sep 30 '15 at 09:33
  • Thanks for the hint. Sounds like a good idea, i will try this. – P. Sherman Sep 30 '15 at 11:42