Skip to content

JavaCard implementation of Ed25519 signature algorithm for smartcards that do not support EdDSA algorithm introduced in JavaCard API version 3.1.

License

MIT, MIT licenses found

Licenses found

MIT
LICENSE
MIT
LICENSE-template
Notifications You must be signed in to change notification settings

dufkan/JCEd25519

Repository files navigation

JCEd25519

JCEd25519 is a JavaCard implementation of Ed25519 signature algorithm for smartcards that do not support Named Elliptic Curves and the EdDSA signature algorithm introduced in JavaCard API version 3.1.

The implementation uses (modified) JCMathLib library to perform necessary operations with elliptic curve points and modular arithmetic. In case SHA512 is not supported by a JavaCard, its software re-implementation is used.

⚠️ WARNING ⚠️

This implementation is only suited for proof-of-concept purposes and NOT for production use. The implementation relies on the JCMathLib library, that provides the underlying low-level operations, but not in constant time. An attacker observing signing time with sufficient precision may be able to use this information to extract the private key.

Usage

  • Clone this repository with submodules
git clone --recursive https://github.com/dufkan/JCEd25519
  • Configure your card type in JCEd25519.java file (currently are supported only SIMULATOR, J3R180, J2E145G)

  • Build the applet

./gradlew buildJavaCard  --info --rerun-tasks
  • Send initialize APDU 00DF000000 to the card. For example, using GlobalPlatform Pro
gp --apdu 00A404000C6A6365643235353139617070 --apdu 00DF000000 -d

Details

The optimizations in the implementation require the nonce to be generated randomly to be secure; otherwise, the implementation could be made to reuse nonce for signing of a different challenge. This is a minor deviation from Ed25519 specification, but it cannot be externally observed, unless multiple signatures of the same data are issued.

Supported Cards

The implementation was tested on NXP J3R200, NXP J3H145, NXP J2E145G, and Infineon Secora ID S.

About

JavaCard implementation of Ed25519 signature algorithm for smartcards that do not support EdDSA algorithm introduced in JavaCard API version 3.1.

Topics

Resources

License

MIT, MIT licenses found

Licenses found

MIT
LICENSE
MIT
LICENSE-template

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages