This content has been marked as final. Show 4 replies
Suppose that we have this private final RSAPrivateKey privateKey defined. And it is initialized in the private constructor/installer. How does the JC protect the memory of this variable? By the access modifier? i.e. private/public/..?The chip will most likely store the key in the crypto co-processor (this is up to the implementation though) which has higher tamper resistance etc. The applet firewall will logically protect the data in that no other applet context can access that memory. The visibility of the field will prevent other classes accessing it.
I would like to know how does GSM achieve the protection of its card authentication key. We know that the key is never readable. The only way that you use it is through APDU "RUN_GSM_ALGORITHM". So how can we do the same through JavaCard??By not implementing a command that exposes the key. If you never return the bytes of the key and only expose methods/commands to use the key then no one can get your private key.
So do you mean that if we use a Key object and not allow the read API, it can achieve the same security than GSM authentication key protection?
1 person found this helpful
So do you mean that if we use a Key object and not allow the read API, it can achieve the same security than GSM authentication key protection?Correct. Unless your applet directly exposes the key (which you would have to implement yourself) then the key can be considered secure and will not be available outside your code.
Got it! Thanks a lot :) !!