Java Card as a

Secure Signature-Creation Device

Jussipekka Leiwo
Setec Oy
and
Wolfgang Killmann
T-Systems ISS GmbH

EU Directive 1999/93/EC
! Advanced Electronic Signatures, based
on a Qualified Certificate, created by a
Secure-signature-creation device
! satisfy the legal requirements in relation to data
in electronic form in the same manner as handwritten signature satisfies those requirements
in relation to paper-based data, and
! are admissable as evidence in legal
proceedings

Qualified Electronic Signature

! QES is based on asymmetric
cryptographic mechanisms - digital
signatures
! The private key (signature-creation data,
SCD) is implemented in a secure
signature-creation device (SSCD)
! The public key (signature-verification
data, SVD) is included in a qualified
certificate

Secure Signature-Creation Device

! Must ensure at least that
! the SCD can practically only occur once, and
that their secrecy is reasonably assured,
! the SCD cannot be derived and the signature is
protected against forgery,
! the SCD can be reliably protected by the
legitimate signatory against the use of others.

! Must not alter the DTBS or prevent such

data from being presented to the
signatory prior to the signature process

SSCD in context
Qualified
certificate

SVD

Alice

SCA
DTBS
AES

SSCD

SIGN
SCD

SDO

CEN/E-SIGN Area F SSCD PP

! CEN Workshop Agreement CWA 14169
! EAL4+{AVA_MSU.3,AVA_VLA.4} SOF-high
! Types of SSCD
! Type 1: SCD/SVD creation only
! Type 2: Signature creation only
! Type 3: SCD/SVD and signature creation

! Must be enhanced for most practical

implementations
! e.g. Application separation

SSCD assets
!
!
!
!
!
!

SCD confidentiality
SVD integrity when exported
DTBS and DTBS representation integrity
VAD Confidentiality and authenticity
RAD Integrity and confidentiality
Signature-creation function using SCD

Java-based SSCD components

CEN/ISSS
SSCD PP
SFR for
IC Chip

SFR for
EID Applet

Trusted ICC
Trusted JCVM
Trusted EID Applet

Integration

SFR for
JCVM

EAL4 Augmented

Composite
Java-based
SSCD

Composite evaluation principles

! Device a SFR break-out for components
! Assume SFRs for underlying components
! JCVM component assumes compatibility to the
break-out by the ICC component
! EID Applet component assumes compatibility
to the break-out by the JCVM component

! SSCD includes all underlying components

! EID Applet makes the JAVA card a SSCD
! EID Applet evaluation includes the composite
view of all evaluation results to be conformand
with the SSCD PP

Key security services

Assume

Assume

ICC

COS

Applet

Key
Management

RNG
CE

API

AC

Cryptography

CE

API

AC
non-std paddings

Applet
Separation

MMU

FIREWALL

Shareable
Interface

Secure
Messaging

DES
CE

API

SM

MMU

API

PIN
PUK

Identification &
Authentication

SetCOS SFRs for key mgmt.

SFR

ICC

JCVM

FCS_CKM.1

RNG, CE

FCS_CKM.4

MMU

(X)

FDP_RIP.1

MMU

SCD, VAD, RAD

APDU

FDP_SDI.2/
persistent

atomic write

atomic write

current scrambling, bus encr.

FPT_FLS.1

sensors, SW CRC

checksums, ATR

exception
handling

FPT_TST.1

CE

active shield, sensors

(X)

FPT_EMSEC.1

FPT_PHP.1, .3

Applet

SetCOS SFR for cryptography

SFR

ICC

JCVM

Applet

CE, DES, SHA-1

(X)

FCS_COP.1/
Signing

CE

(padding,
hashing)

FCS_COP.1/
Correspondence

CE

(X)

atomic write,CRC

atomic write

self test

current scrambling, bus encr.

FPT_FLS.1

sensors, SW CRC

checksums, ATR

exception
handling

FPT_TST.1

CE

active shield, sensors

(X)

FCS_COP.1/ DES,
RSA, SHA-1

FDP_SDI.2/ DTBS
FIA_AMT.1
FPT_EMSEC.1

FPT_PHP.1, .3

SetCOS SFR for applet separation

SFR

ICC

JCVM

Applet

(MMU)

(X)

FDP_ACC.2/ FW

MMU

SI

FDP_ACF.1/ FW,
JCRE, Transient,
SSCD

MMU

SI

FDP_RIP.1

(MMU)

SCD, VAD, RAD

APDU

FPT_SEP.1

MMU, MED

FDP_ACC.1/ SSCD

FPT_RVM.1

FDP_SDI.2/
Persistent

atomic write

atomic write

FPT_FLS.1

sensors, SW CRC

checksums, ATR

active shield, sensors

(X)

FPT_PHP.1, .3

exception
handling

SetCOS SFR for SM

SFR

ICC

JCVM

Applet

RNG, CE, DES

API

FDP_ACF/ACC
for SM

MMU

Firewall

FPT_EMSEC.1

current scrambling, bus encr.

FDP_ITC.1,
FDP_ETC.1

RNG, CE, DES

API

FPT_TRP.1

CE, DES

API

FCS_COP.1/
DES, RSA,
SHA-1

SetCOS SFR for I&A

SFR
FDP_SDI.2/
Persistent

ICC

JCVM

atomic write

atomic write

Applet

FIA_AFL.1

FIA_ATD.1

(X)

FIA_UAU, UID

FMT_MOF,
FMT_MSA,
FMT_MTD,
FMT_SMR

Setec implementation
! Organization
! Developer and sponsor: Setec Oy
! Evaluation Facility: T-Systems ISS GmbH
! Certification Facility: BSI Germany

! Components
! ICC Platform: Infineon SLE88
! JCVM/JCRE Component: SetCOS Java
! EID Applet: Not included in the current
evaluation

SetCOS Java
! JCVM/JCRE/VOP component for a SSCD
! CC EAL4+{AVA_MSU.3, AVA_VLA.4} SOF
High
! Development completed 06/2002
! Evaluation completed by 10/2002
! Certification completed by 12/2002
! Final certificate dependant on SLE88
! An evaluated EID Applet required for SSCD
conformance

Infineon SLE88CX720P
!
!
!
!
!
!
!

32-bit RISC CPU max. 66MHz

240kB ROM, 8kB RAM, 80kB EEPROM
Advanced Crypto Engine (RSA 2048k)
DES Accelerator (3DES)
Memory Management Unit, HW Firewall
DPA/SPA protection
SSVG PP EAL4+{ADV_IMP.2, ALC_DVS.2,
AVA_MSU.3, AVA_VLA.4} in the future

EID Applet challenges

!
!
!
!

Personalization through Applet methods

Post-issuance of Applets
CEN/E-SIGN Area K active
Low coupling of EID Applet to JCVM
enables flexibility in catering to client
specific expectations
"Client required to act as a sponsor for
evaluating an EID Applet tailored from the
generic, non-evaluated EID Applet

Conclusions
! Flexibility of modern smart card operating
systems complicates evaluations
! Monolithic PPs can be dealt with as
components
! Co-operation and communication at early
stages essential
! Pay attention to component interfaces
! Carefull with the conformance claims!

For further information

!
!
!
!
!

http://www.setec.com
http://www.t-systems-iss.com
http://www.infineon.com/88controller
http://www.cenorm.be/isss
http://www.cenorm.be/isss/CWAs/cwalist.htm

Thank you!
Jussipekka Leiwo, Ph.D.
Senior System Architect, IT Security
Jussipekka.Leiwo@setec.com