You should factor in the RSA speedups in your space estimates. Typically a public exponent of 2^16+1 is used so you need not pass this separately for a public key. However, the speedup for the private key operation involves all those other fields in a private key, which expands the space requirements needed considerably. While it is possible to do the private key operation with nothing other than the modulus and private exponent you should try to estimate how long the processor on the Java card would take (years? days? hours?).
My gut feeling is that you will not be able to get both a private key and the data to be encrypted into 245 bytes.
Thanks, well, for normal operations the private key to be applied would be stored on the card. But from my experience, I have learnt not to implement restrictions of valid choices unless there is a very good reason. Eliptic Curves may be supported in future cards and solve the space problem.
The amount of data that should be de-/encrypted is limited, for example the a symmetric key that is used to encrypt the actual message, or a digest to create a signature.
So, I guess this concludes that for the practical puposes, there is room enough :-) Do you know any performance difference for the private key encryption with all components vs. only modulus and exponent?
Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
