JavaCard as a SSCD

8/16/2019 JavaCard as a SSCD

1/22

Java Card as a

Secure Signatu re-Creation Dev ice

Jussipekka Leiwo

Setec Oy

and

Wolfgang Killmann

T-Systems ISS GmbH


2/22

EU Direc t ive 1999/93/EC

! Advanced Electronic Signatures, based

on a Qualified Certificate, created by a

Secure-signature-creation device

! satisfy the legal requirements in relation to data

in electronic form in the same manner as hand-written signature satisfies those requirements

in relation to paper-based data, and

! are admissable as evidence in legal

proceedings


3/22

Qualif ied Elec tron ic Signature

! QES is based on asymmetric

cryptographic mechanisms - digital

signatures

! The private key (signature-creation data,

SCD) is implemented in a secure

signature-creation device (SSCD)

! The public key (signature-verification

data, SVD) is included in a qualifiedcertificate


4/22

Secure Signatu re-Creation Dev ice

! Must ensure at least that

! the SCD can practically only occur once, and

that their secrecy is reasonably assured,

! the SCD cannot be derived and the signature is

protected against forgery,! the SCD can be reliably protected by the

legitimate signatory against the use of others.

!Must not alter the DTBS or prevent suchdata from being presented to the

signatory prior to the signature process


5/22

SSCD in con text

Alice

SDO

Qualified

certificate

SSCD

AES

SCD

SVD

SIGN

SCA

DTBS


6/22

CEN/E-SIGN A rea F SSCD PP

! CEN Workshop Agreement CWA 14169

! EAL4+{AVA_MSU.3,AVA_VLA.4} SOF-high

! Types of SSCD

!Type 1: SCD/SVD creation only

! Type 2: Signature creation only

! Type 3: SCD/SVD and signature creation

! Must be enhanced for most practical

implementations

! e.g. Application separation


7/22

SSCD assets

! SCD confidentiality

! SVD integrity when exported

! DTBS and DTBS representation integrity

! VAD Confidentiality and authenticity! RAD Integrity and confidentiality

! Signature-creation function using SCD


8/22

Java-based SSCD components

Trusted EID Applet

CEN/ISSSSSCD PP

Trusted JCVM

Trusted ICCI n t e gr a t i on

SFR for IC Chip

SFR for JCVM

SFR for

EID Applet

CompositeJava-based

SSCD

EAL4 Augmented


9/22

Composite evaluat ion p r inc iples

! Device a SFR break-out for components

! Assume SFR’s for underlying components

! JCVM component assumes compatibility to the

break-out by the ICC component

! EID Applet component assumes compatibility

to the break-out by the JCVM component

! SSCD includes all underlying components

! EID Applet makes the JAVA card a SSCD! EID Applet evaluation includes the composite

view of all evaluation results to be conformand

with the SSCD PP


10/22

Key secu r i ty services

KeyManagement

Cryptography

AppletSeparation

SecureMessaging

Identification &Authentication

ICC COS Applet

RNGCE API AC

CE APIAC

non-std paddings

MMU FIREWALLShareableInterface

DESCE API SM

APIPINPUK

MMU

Assume Assume


11/22

SetCOS SFR’s for key mgm t.

XXCEFPT_TST.1

(X)active shield, sensorsFPT_PHP.1, .3

exception

handling

checksums, ATRsensors, SW CRCFPT_FLS.1

Xcurrent scrambling, bus encr.FPT_EMSEC.1

atomic writeatomic writeFDP_SDI.2/

persistent

APDUSCD, VAD, RADMMUFDP_RIP.1

(X)XMMUFCS_CKM.4XRNG, CEFCS_CKM.1

AppletJCVMICCSFR


12/22

SetCOS SFR for cryptography

XXCEFPT_TST.1

X(X)CEFCS_COP.1/

Correspondence

XXself testFIA_AMT.1


exception

handling



Xatomic writeatomic write,CRCFDP_SDI.2/ DTBS

(padding,

hashing)

XCEFCS_COP.1/

Signing

(X)XCE, DES, SHA-1FCS_COP.1/ DES,

RSA, SHA-1

AppletJCVMICCSFR


13/22

SetCOS SFR fo r app let separat ion

SIXMMUFDP_ACC.2/ FW

X(X)(MMU)FDP_ACC.1/ SSCD

XMMU, MEDFPT_SEP.1

XFPT_RVM.1


exception

handling



Persistent

APDUSCD, VAD, RAD(MMU)FDP_RIP.1

SIXMMUFDP_ACF.1/ FW,

JCRE, Transient,

SSCD

AppletJCVMICCSFR


14/22

SetCOS SFR for SM

XFirewallMMUFDP_ACF/ACC

for SM

X APICE, DESFPT_TRP.1

X APIRNG, CE, DESFDP_ITC.1,

FDP_ETC.1


X APIRNG, CE, DESFCS_COP.1/DES, RSA,

SHA-1

AppletJCVMICCSFR


15/22

SetCOS SFR for I&A

XFMT_MOF,

FMT_MSA,

FMT_MTD,

FMT_SMR

XFIA_UAU, UID

XXFIA_AFL.1

X(X)FIA_ATD.1


Persistent

AppletJCVMICCSFR


16/22

Setec imp lementat ion

! Organization

! Developer and sponsor: Setec Oy

! Evaluation Facility: T-Systems ISS GmbH

! Certification Facility: BSI Germany

! Components

! ICC Platform: Infineon SLE88

! JCVM/JCRE Component: SetCOS Java

! EID Applet: Not included in the currentevaluation


17/22

SetCOS Java

! JCVM/JCRE/VOP component for a SSCD

! CC EAL4+{AVA_MSU.3, AVA_VLA.4} SOF

High

! Development completed 06/2002

! Evaluation completed by 10/2002

! Certification completed by 12/2002

!Final certificate dependant on SLE88

! An evaluated EID Applet required for SSCD

conformance


18/22

In f ineon SLE88CX720P

! 32-bit RISC CPU max. 66MHz

! 240kB ROM, 8kB RAM, 80kB EEPROM

! Advanced Crypto Engine (RSA 2048k)

! DES Accelerator (3DES)! Memory Management Unit, HW Firewall

! DPA/SPA protection

! SSVG PP EAL4+{ADV_IMP.2, ALC_DVS.2,AVA_MSU.3, AVA_VLA.4} in the future


19/22

EID App let chal lenges

! Personalization through Applet methods

! Post-issuance of Applets

! CEN/E-SIGN Area K active

! Low coupling of EID Applet to JCVM

enables flexibility in catering to clientspecific expectations

"Client required to act as a sponsor for

evaluating an EID Applet tailored from thegeneric, non-evaluated EID Applet


20/22


21/22

For fur ther info rmat ion

! http://www.setec.com

! http://www.t-systems-iss.com

! http://www.infineon.com/88controller

! http://www.cenorm.be/isss

! http://www.cenorm.be/isss/CWAs/cwalist.htm


22/22

Thank you !

Jussipekka Leiwo, Ph.D.

Senior System Architect, IT Security

[email protected]

Documents

JavaCard as a SSCD