Presentation is loading. Please wait.

Presentation is loading. Please wait.

TPR 3211 Project 1 Project Title: AES in Javacard Project ID: 221 Supervisor: Mr. Safi Uddin Moderator: Mr. Murugadoss.

Published byOswald Barnett Modified over 8 years ago

Similar presentations

Presentation on theme: "TPR 3211 Project 1 Project Title: AES in Javacard Project ID: 221 Supervisor: Mr. Safi Uddin Moderator: Mr. Murugadoss."— Presentation transcript:

1 TPR 3211 Project 1 Project Title: AES in Javacard Project ID: 221 Supervisor: Mr. Safi Uddin Moderator: Mr. Murugadoss

2 Introduction

3

4

5 One word:CHANGE

6 Introduction Moore’s Law: “The number of transistors that can fit in a specific area doubles every 18 months.”

7 Introduction DES (Data Encryption Standard) First cracked in 1997 Record held at present is 22 hours Replaced by AES (Advanced Encryption Standard) in 2001

8 AES Advanced Encryption Standard Originally called Rijndael Symmetric block cipher that encrypts and decrypts data in blocks of 128 bits Specifies 3 key sizes: 128, 196 and 256 bits

9 AES In decimal terms, this means that there are approximately: 3.4 x 10 38 possible 128-bit keys; 6.2 x 10 57 possible 192-bit keys; and 1.1 x 10 77 possible 256-bit keys.

10 AES DES key are 56 bits long There are approximately 7.2 x 10 16 possible DES keys There are on the order of 10 21 times more AES 128-bit keys than DES 56-bit keys

11 AES - Cipher Pseudocode for cipher : Cipher(byte in[4 * Nb], byte out[4 * Nb], word w[Nb * (Nr + 1)]) begin bytestate[4,Nb] state =in AddRoundKey(state, w) for round = 1 step 1 to Nr – 1 SubBytes(state) ShiftRows(state) MixColumns(state) AddRoundKey(state, w + round * Nb) end for SubBytes(state) ShiftRows(state) AddRoundKey(state, w + Nr * Nb) out = state end

12 AES – SubBytes(state) Non linear byte substitution S-Box

13 AES – SubBytes(state) For example, if s 1,1 = {53}, s’ 1,1 = {ed}

14 AES – ShiftRows(state) Cyclic shift of bytes in rows

15 AES – MixColumns(state) Columns are treated as 4 term polynomial Matrix multiplication with a fixed polynomial

16 AES – Inverse Cipher Pseudocode for inverse cipher : InvCipher(byte in[4 * Nb], byte out[4 * Nb], word w[Nb * (Nr + 1)]) begin bytestate[4,Nb] state = in AddRoundKey(state, w + Nr * Nb)// See Sec. 5.1.4 for round = Nr - 1 step -1 to 1 InvShiftRows(state)// See Sec. 5.3.1 InvSubBytes(state)// See Sec. 5.3.2 AddRoundKey(state, w + round * Nb) InvMixColumns(state)// See Sec. 5.3.3 end for InvShiftRows(state) InvSubBytes(state) AddRoundKey(state, w) out = state end

17 AES – InvShiftRows(state) Cyclic shift of bytes in rows

18 AES – InvSubBytes(state) Non linear byte substitution S-Box

19 AES – InvMixColumns(state) Columns are treated as 4 term polynomial Matrix multiplication with a fixed polynomial

20 Smartcard vs Javacard Must communicate with a device to gain access to a display device or network Can be plugged into a reader (card terminal) or operate using radio frequencies A smartcard is a “credit card” with a “brain” in it

21 Smartcard vs Javacard A Javacard is a smartcard, a smartcard is not a Javacard

22 Javacard There is an estimated 3 billion smartcards in the world at the present moment, and all the major smartcard players have licensed Javacard Javacard is a smart card that is capable of running programs written in Java It is designed to run on 8-bit microprocessors with as little as 256 bytes of RAM (no, I didn’t leave out the K!) and 14 kilobytes of ROM It enables the first true multi-application cards, it speeds and simplifies application development in very small memory environments

23 Javacard

24 Javacard Virtual Machine Due to limited memory resources, it is not possible to fit the JVM into Javacard 3 strategies: Small JVM is introduced Javacard API is deprecated from Java API  No threads, security manager, synchronization, multi- dimensional arrays, large primitive data types Split architecture  Bytecode at both ends – card terminal end and Javacard end

25 Javacard Communication with the outside world: Application Protocol Data Unit Data package (maximum size is 255 bytes) A Javacard always waits for “Command APDU” from the reader (card terminal software) Responds with “Response APDU”

26 Javacard Javacard Runtime Environment Contains API classes and the JVM Responsible for: applet installation and initialisation selection and deselection APDU dispatching transaction management catching unchecked exceptions assigns AID for each applet

27 Javacard How does it work? Java data is compiled into bytecode and sent to card reader (card terminal driver) Reader converts bytecode into card bytecode Wraps card bytecode into data package “Select APDU” to tell the Javacard to let go of current active applet and select the new current applet JCRE in Javacard will assign new applet AID Communication by “Command APDU” and “Response APDU”

28 AES in Javacard Why Javacard? Smart cards provide a secure, portable platform for "any time, anywhere" computing that can carry and manipulate substantial amounts of data, especially an individual's personal digital identity The Java Card API allows applications written for one card to be downloaded "in place" into any other card The Java Card thus allows smart cards to become a general-purpose computing platform and creates a potentially huge market for application software and development -- especially for financial, telecommunications, television, and security applications

29 AES in Javacard Why AES in Javacard? Increasingly, physical keys are being replaced by cryptographic keys, which are typically a thousand bits in size Modern smart cards are the ideal carriers for such keys, because they have enough computing power to do the necessary encryption or decryption on-card, so that the secret key never has to leave the card One of the reasons Rijndael was chosen as AES was because of its efficiency in low memory environments

30 AES in Javacard Hardware Specifications:

31 AES in Javacard Hardware Specifications: GemPC-410 card reader GemXpresso RAD III PK IS Javacard USB to Serial converter

32 AES in Javacard GUI Card Terminal Application Ocean SDK (optional) Gemplus GemPC-410 Card Terminal Driver Gemplus GemXpresso RAD III PK IS Kernel Windows 98 JDK 1.2.2 Inprise JBuilder 3.5 Card Terminal Application AES Javacard applet

33 AES in Javacard Software Specifications: Windows 98 JDK1.2.2 Inprise JBuilder 3.5 Gemplus GemXpresso RAD III PK IS Kernel Gemplus GemPC-410 Card terminal driver (OCF with PC/SC bridge)

34 AES in Javacard Solution methods: Research into the protocols, standards involved in project Implementation of an AES applet model on a Java platform Design and coding of a Javacard applet, test run on a simulation environment (Gemplus Simulation Environment) Design and coding of card terminal application Test run both Javacard applet and card terminal application

35 AES in Javacard Prototype development phase 1: Tested applet security sandbox with an applet to read c:\autoexec.bat

36 AES in Javacard After creating keystore, signing applet and specifying permission in policy file, applet can be run

37 AES in Javacard Prototype development phase II: Figure: splash screen of prototype

38 AES in Javacard Figure: encryption screen 1 of prototype

39 AES in Javacard Figure: encryption screen 2 of prototype

40 AES in Javacard Figure: decryption screen 1 of prototype

41 AES in Javacard Figure: decryption screen 2 of prototype

42 AES in Javacard Prototype behaviour: Encryption longer than decryption

43 AES in Javacard Implementation plan for coming trimester: Choose between OCF and PC/SC Develop Javacard applet Run Javacard applet using GSE (Gemplus Simulation Environment) simulator to determine memory requirement, implementation errors, flow of communication, etc. Develop Card Terminal Application using OCF or PC/SC platform.

44 AES in Javacard Conclusion: AES in Javacard is a new platform, a new method, a new thinking.

45 AES in Javacard

46 THE END Thank you for your attention

Download ppt "TPR 3211 Project 1 Project Title: AES in Javacard Project ID: 221 Supervisor: Mr. Safi Uddin Moderator: Mr. Murugadoss."

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
563.11.1 Java Card Programming: Overview Presented by: Raman Sharykin PISCES Group: Soumyadeb Mitra, Sruthi Bandhakavi, Ragib Hasan, Raman Sharikyn University.

Java Card Programming: Overview Presented by: Raman Sharykin PISCES Group: Soumyadeb Mitra, Sruthi Bandhakavi, Ragib Hasan, Raman Sharikyn University.
Web-enabled Smart Card for Ubiquitous Access of Patients Medical Record Praveen G Puligundla.

Web-enabled Smart Card for Ubiquitous Access of Patients Medical Record Praveen G Puligundla.
Security of JavaCard smart card applets Erik Poll University of Nijmegen

Security of JavaCard smart card applets Erik Poll University of Nijmegen
New Security Issues Raised by Open Cards Pierre GirardJean-Louis Lanet GERMPLUS R&D.

New Security Issues Raised by Open Cards Pierre GirardJean-Louis Lanet GERMPLUS R&D.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.

Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.
ASU Real-Time Operating System. Supervised by: Dr. Mohammed Sobh.

ASU Real-Time Operating System. Supervised by: Dr. Mohammed Sobh.
Lab Information Security Using Java (Review) Lab#0 Omaima Al-Matrafi.

Lab Information Security Using Java (Review) Lab#0 Omaima Al-Matrafi.
The Advanced Encryption Standard (AES) Simplified.

The Advanced Encryption Standard (AES) Simplified.
J2ME 25 July 2002. Overview  What is J2ME?  The CLDC and CDC configurations  MIDP and MIDlets  Development Tools  Demonstrations.

J2ME 25 July Overview  What is J2ME?  The CLDC and CDC configurations  MIDP and MIDlets  Development Tools  Demonstrations.
Presented by : ARJUN.B.M USN: 1RL05CS007 Dept Of CSE RLJIT, Dodballapur Under the guidance of : Basavaraj.S.Pol Asst. Prof Dept of CSE, RLJIT.

Presented by : ARJUN.B.M USN: 1RL05CS007 Dept Of CSE RLJIT, Dodballapur Under the guidance of : Basavaraj.S.Pol Asst. Prof Dept of CSE, RLJIT.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Cryptography and Network Security

Cryptography and Network Security
Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.

Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.
Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.

Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.
RIJNDAEL Arta Doci University Of Colorado.

RIJNDAEL Arta Doci University Of Colorado.
The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 89321032 游精允.

The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 游精允.
Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.

Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.

Similar presentations

Ads by Google