The exclusive promotional activities on JCOP J3H145 card and Feitian R301 Smartcard Reader are in full swing. Please check this page for details.

Enhancing security and authenticity on JavaCardOS offered products

Card Products

Moderator: horse dream

Posts: 141
Joined: Tue Sep 27, 2016 10:58 am
Points :1884

Enhancing security and authenticity on JavaCardOS offered products

Post by tay00000 » Fri Jul 14, 2017 9:13 pm

I would like to recommend a value-add for all JavaCard manufacturers to consider implementation on all it's cards to enhance security and authenticity of applets deployed on the cards.

Attesting to whether a symmetric or asymmetric key is generated on a particular card is difficult as there is no mechanism that can be used to identify as needed that a key is created from a particular card when such attestation is needed. The Trusted Platform Module (TPM) has a mechanism that does that which is called the Direct Anonymous Attestation protocol where the TPM's EK embedded into the TPM is used to attest for keys generated by the TPM when required to proof that keys are minted by a particular TPM as described in a very generic sense.

Similarly, there is no way to proof that a particular key is created from a particular smart card in the public offering and this enhancement can be done by a Card Authenticity Applet (CAA) that can be called by RMI methods between applets.

The CAA applet will hold a single uniquely generated ECDSA P256 keypair as it's identity called it's Card Identity Key (CIK). The private part of the CIK must be generated randomly with the card's own Secure Random RNG and only the public part of the CIK is to be extract for endorsement and verification. The card's unique P-256 public key will be signed by a JavaCard manufacturer or card issuer own's P-256 keypair (inside a HSM) and the card manufacturer or issuer will host a Certificate Authority with their own P-256 key. The issuer/manufacturer's key is the Endorsement Key (EK) to endorse cards manufacturer by them by using their EK to sign the CIK.

Any card applet installed inside the card requiring a certification will call the CAA applet and ask for the CIK to sign their public keys or keyhashes and generate a CIK Attestation Certificate which can be used to proof that the key is minted from a unique card. The entire certificate attestation chain can be traced from the EK to the CIK to the CIK Attestation Certificate and thus ensuring that keys are unique and trusted.

Who is online

Users browsing this forum: No registered users and 4 guests

JavaCard OS : Disclaimer