You should factor in the RSA speedups in your space estimates. Typically a public exponent of 2^16+1 is used so you need not pass this separately for a public key. However, the speedup for the private key operation involves all those other fields in a private key, which expands the space requirements needed considerably. While it is possible to do the private key operation with nothing other than the modulus and private exponent you should try to estimate how long the processor on the Java card would take (years? days? hours?).
My gut feeling is that you will not be able to get both a private key and the data to be encrypted into 245 bytes.
Erik Norgaard wrote:
Hi,
Sorry, I haven't written to the list before, if you know of sources of information that will answer my question, please just give me a link.
I am programming a JavaCard v2.1, to provide encryption and decryption using either stored private/public keys or keys passed to the input data buffer.
The input data buffer is just 245 bytes, and I want to pass the key and the data to be de/encrypted in one go to avoid problems with transient objects and risk of leaving the card in an insecure state.
So my question is, say I have an RSA 1024 bit key, how much space does it actually ocupy? AFAIK 128bytes+exponent which is?
For signature I need to fit in 20 bytes for a SHA1 digest, leaving some 225bytes for the key - is that possible.
For encryption I need to fit in x bytes for a symmetric key to be encrypted - how long a symmetric key should I use? which algorithm?
I could use a 768 bit key if that would make things possible.
Given a certificate, how do I extract the modulus and exponent? Sorry, I am getting lost in all the different formats and encodings. But so far I only see a blob of data.
Is there a standard way of packing modulus and exponent efficiently into a single blob?
Thanks a lot, Erik
-- "An Internet-connected Windows machine is tantamount to a toddler carrying a baggie of $100 bills down a city street..."
Charles B (Ben) Cranston mailto: [EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
