Skip to content

Latest commit

 

History

History
39 lines (23 loc) · 2.11 KB

README.md

File metadata and controls

39 lines (23 loc) · 2.11 KB

JCEd25519

JCEd25519 is a JavaCard implementation of Ed25519 signature algorithm for smartcards that do not support Named Elliptic Curves and the EdDSA signature algorithm introduced in JavaCard API version 3.1.

The implementation uses (modified) JCMathLib library to perform necessary operations with elliptic curve points and modular arithmetic. In case SHA512 is not supported by a JavaCard, its software re-implementation is used.

⚠️ WARNING ⚠️

This implementation is only suited for proof-of-concept purposes and NOT for production use. The implementation relies on the JCMathLib library, that provides the underlying low-level operations, but not in constant time. An attacker observing signing time with sufficient precision may be able to use this information to extract the private key.

Usage

  • Clone this repository with submodules
git clone --recursive https://github.com/dufkan/JCEd25519
  • Configure your card type in JCEd25519.java file (currently are supported only SIMULATOR, J3R180, J2E145G)

  • Build the applet

./gradlew buildJavaCard  --info --rerun-tasks
  • Send initialize APDU 00DF000000 to the card. For example, using GlobalPlatform Pro
gp --apdu 00A404000C6A6365643235353139617070 --apdu 00DF000000 -d

Details

The optimizations in the implementation require the nonce to be generated randomly to be secure; otherwise, the implementation could be made to reuse nonce for signing of a different challenge. This is a minor deviation from Ed25519 specification, but it cannot be externally observed, unless multiple signatures of the same data are issued.

Supported Cards

The implementation was tested on NXP J3R200, NXP J3H145, NXP J2E145G, and Infineon Secora ID S.