JAVA Toolkit
| home | contact

News Menu

Latest News

Security Advisory: Secure Renegotiation with iSaSiLk

23/02/2010

iSaSiLk v4.4 now supports the new RenegotiationInfo extension (RFC 5746) that has been specified by the IETF TLS working group to fix a severe security flaw in the SSL/TLS renegotiation protocol.

more more

New version of IAIK-CMS with S/MIMEv3!

20/10/2009

The new version of our CMS-SMIME toolkit now supports all key encryption schemes of the NSA Suite B S/MIME algorithm suite, allows content enveloping with the Camellia cipher algorithm, adds SHA-2 with DSA support for the SignedData content type, and implements the Authenticated-Enveloped Content Type.

more more

References

Our Clients

Agfa

ECC

IAIK presents the new ECC library for the Java™ platform. It offers easy to use elliptic curve cryptography, like ECDSA, compliant with existing standards.It is an add-on to the JCE provider so you have to download and install the iaik-jce provider separately.

Download the Product Highlights Brochure!

By default our ecc library uses the uncompressed form to export public keys. If you want to use point compression and decompression (for the import and export of keys and certificates) you will have to down-load the separate PointCompressor.jar and put it into your classpath (see customisation section of the Tutorial

Main Features

  • Compliant with ANSI X9.62, IEEE 1363
  • ECDSA with SHA-2 support according to ANSI X9.62:2005 and BSI BSI TR 03111 v1.00
  • Finite field arithmetic in prime fields
  • Finite field arithmetic in binary fields. In binary fields we only use polynomial base representation. This is mainly because of the patent situation, but there is no reason to use gaussian normal bases.
  • Support for elliptic curve arithmetic with affine and projective coordinates
  • Extensive and extensible domain parameter factory (see list of supported parameters )
  • JCE/JCA integration of ECDSA
  • JCE/JCA integration of ECDH with and without cofactor multiplication
  • ASN.1 encoding of signatures, public and private keys

To get started you should read the Tutorial

Key Length according to FIPS PUB 186-2

FIBS PUB 186-2 PDF Document

Key Length

Example Algorithm

Prime Field ||p|| *

Binary Field m

80

SKIPJACK

192

163

112

Triple-DES

224

233

128

AES-Small

256

283

192

AES-Medium

384

409

256

AES-Large

521

571

*) by ||p|| is meant the length of the binary expansion of the integer p.

Patent Issues

There have been many patents granted and applied for in the field of ECC. This means that this implementation may contain an implementation of an algorithm that is IPR-protected in some country. At this time we are not aware of a specific case, except the point compression algorithm (included in the separate jar file). If anybody does identify a case of possible patent infringement, we would be grateful if you inform us about this to enable us dealing with the issue.

Currently we are using the following algorithms

  • Our current EC implementation is based on the algorithms described in IEEE 1363 (affine and projective coordinates).
  • The prime field arithmetic is based on the BigInteger class.
  • Binary field arithmetic uses polynomial base representation and a very generic implementation of the field operations. Concrete the following algorithms are implemented:
    - Squaring: according to algorithm 7 in [1]
    - Addition: simple XOR operation(s)
    - Multiplication: simple shift and add variant with integrated mod. reduction
    - Mod. reduction according to algorithm 5 of [1]

[1] D. Hankerson, J. Lopez and A. Menezes, Software implementations of elliptic curve cryptography over elds of characteristic two , draft, 2000.

Sales and Conditions

For current prices of the ECC library, please see the price list and license conditions .

To order the product enter webshop .

Download Trial Version Download Evaluation Version | Purchase Purchase 

 
print    tip a friend
back to previous page back  |  top to the top of the page