The Algorithm of traditional Diffie-Hellman

[tay00000]

JavaCard standards have not really supported non-ECC/traditional Diffie-Hellman algorithm up till only recently (JC 3.0.5). Anyone who wants to use Diffie-Hellman have to do them manually or simply avoid using the traditional non-ECC Diffie-Hellman.

Here is a Diffie-Hellman library found on Github that allows traditional modular exponential based Diffie-Hellman by manipulating and leveraging the RSA_NOPAD function to execute the modular exponential math that Diffie-Hellman and RSA shares in common. It also uses the RSA key type to generate RSA keypairs as Diffie Hellman keypairs while leveraging the security of the Key type object provided by the card (i.e. tamper resistant key storage, DPA/SPA/DFA protection, glitch protection on the RSA math engine and security memory segment that a card usually have).

The Github repository also provides a link to a Java test client to check if the correctness of the implementation of the Diffie-Hellman applet. by using the desktop side JCE cryptographic library to compare implementations.

Link: https://github.com/ASKGLab/DHApplet

[UNKNwYSHSA]

Mark.

It seems more RAM used when using this algorithm.

[tay00000]

Yes, it may require more RAM than expected.