The Public Key Cryptographic Library (PKCL) provides standardized key computation, encryption, decryption, signature and verification functionalities for all key sizes up to 8192 bits. It is compliant with:
- RSA cryptosystem as defined in PKCS#1;
- DSA signature scheme as defined in FIPS 186-3;
- Diffie-Hellman (DH) key exchange as defined in PKCS#3;
- El-Gamal cryptosystem;
- JavaCard API.
The Public Key Cryptographic Library is highly customizable: all upper layer functionalities can be either added or withdrawn. The core modular exponentiation is based on the “sliding window” algorithm so that the best performance-memory tradeoff can be achieved by simply tuning the window size. The PKCL library integrates state-of-the-art countermeasures against the latest side-channel attacks (SPA, DPA, etc.) and high-order fault attacks (DFA). Furthermore, the library performances can be greatly enhanced through the Public Key Cryptographic Coprocessor (PK2C).
Java Card compliant cryptographic library for encryption and decryption of RSA, DSA, Diffie-Hellman, El-Gamal and Elliptic Curves algorithms
Overview
Key Features
- key generation, encryption, decryption, signature and verification functions
- all key sizes supported up to 8192 bits
- core functions ASM-optimized for the targeted processor
- configurable architecture: adjustable trade-off between performance and RAM footprint; dedicated coprocessor available separately (about 10 times faster)
- state-of-the-art countermeasures against SPA, DPA and DFA attacks
- typical code size on Cortex-M3 smaller than 15 kbytes
- less than 100 Mcycles to compute a secure 2048-bit RSA signature
Benefits
- RSA, DSA, DH & El-Gamal
- Extended key size range
- Secure implementation
- Adjustable trade-offs
- Efficient computation
Deliverables
- C and Assembly source codes
- C test vectors
- compilation scripts (makefile)
- user manual
- documents for certifications (FIPS, CC, EMV, etc.): complete list of countermeasures with references; implementation details
Technical Specifications
Maturity
Silicon proven
Availability
Available
Related IPs
- Hardware accelerator for RSA, DSA, Diffie-Hellman, El-Gamal and Elliptic Curves algorithms
- ISO/IEC 7816-3 digital controller for integrated circuit card compliant with ETSI TS 102 221 and EMV 2000 standards
- Cryptographic library for Elliptic Curve Diffie–Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA)
- ISO/IEC 7816-3 digital controller for interface device compliant with ETSI TS 102 221 and EMV 2000 standards
- Scalable multicore architecture for a range of macrocells, small cells, cloud-RAN, DFE/DPD/ and more
- ASIC IP-core for high-throughput decoding of DVB-S2/S2X, and DVB-RCS/RCS2