JAVA Toolkit
| home | contact

Home > Products > Core Crypto Toolkits > JCE CC CORE

News Menu

Latest News

Christmas Release


One day before Christmas we have released new versions of our SSL/TLS library iSaSiLk and our XML Security Toolkit IAIK-XSECT!

IAIK-JCE 5.60 and IAIK [CP]AdES 2.4 released!


IAIK-JCE 5.60 introduces a "subsidiary" provider as workaround for fixing a JDK JSSE MessageDigest Cloneable bug. IAIK [CP]AdES 2.4 fixes a bug in the AtsHashIndexv3 ASN.1 representation.


Our Clients


The JCE CC Core is a Common Criteria evaluated version of most of the cryptographic functionality of the IAIK-JCE toolkit.

The JCE CC Core provides the core functionality of the IAIK JCE toolkit, it contains several cryptographic algorithms which passed a Common Criteria evaluation. (For further details about the Common Criteria Certification, please see


Up to now, there are two versions of JCE CC Core available.

 JCE CC Core 3.1: This version was evaluated at EAL 3+ in May 2004 by the German TÜV IT. As this is an intermediate assurance level, the certificate is only valid in Germany.

 JCE CC Core 3.15: Version 3.15 has achieved EAL 3 in July 2007. The evaluation was carried out by the German TÜV IT and JISEC in Japan. This certificate is internationally accepted, see 

Please note that the surrounding IAIK-JCE toolkit may have a higher version number than the CC Core; e.g. the CC Core may have the version identification IAIK-JCE CC Core 3.16 whereas the surrounding toolkit may be IAIK-JCE 3.2. This ensures that the CC Core is exactly that version which has been evaluated.


 The CC Core requires Java™ version 1.1, 1.2, 1.3, 1.4, 1.5 or compatible. In addition, it requires a JCE framework which is compatible to JCE 1.2 or later. To ensure secure operation, access to the operating environment must be protected against unauthorized access. Despite the application, the operating environment contains at least the Java™ VM with all runtime classes. In practice, it will usually be necessary to protect the access to the complete host system, including access on operating system level as well as physical access.
 You can find more detailed information about the environment in the chapter security environment.

Cryptographic functions:

The CC Core contains the following list of cryptographic functions. These cryptographic functions are called TOE (Target of Evaluation) Security Functions (short TSFs) in the context of Common Criteria. Therefore, the list contains the code of each TSF group and of each individual TSF in braces. This code identifies each TSF in the Security Target (ST).

Hash Functions (TSF.Hash)

  • SHA-1 (FCS_COP.1/SHA-1)
  • SHA-256 (FCS_COP.1/SHA-256)
  • SHA-384 (FCS_COP.1/SHA-384)
  • SHA-512 (FCS_COP.1/SHA-512)
  • RIPEMD-160 (FCS_COP.1/RIPEMD-160)

Random Generation Functions (TSF.Random)

  •  Simple Hash-Based Random Functions (FCS_RND.1/HashRandom)
     based on SHA-1, SHA-256, SHA-384, SHA-512, and RIPEMD-160
  •  FIPS 186-2 Random Functions (FCS_RND.1/FipsRandom)
     based on SHA-1, SHA-256, SHA-384, SHA-512, and RIPEMD-160

Signature Schemes (TSF.Signature)

  •  RSA Signatures according to PKCS#1 version 1.5 (FCS_COP.1/RSASignature)
     in combination with SHA-1, SHA-256, SHA-384, SHA-512, and RIPEMD-160
  •  RSA PSS Signatures according to PKCS#1 version 2.1 (FCS_COP.1/RSASignaturePSS)
     in combination with SHA-1, SHA-256, SHA-384, SHA-512, and RIPEMD-160

Ciphers (TSF.Cipher)

  • Triple-DES (FCS_COP.1/TripleDES)
  • RC2 (FCS_COP.1/RC2)
  • RSA Encryption according to PKCS#1 version 1.5 (FCS_COP.1/RSACipher)
  • RSA OAEP Encryption according to PKCS#1 version 2.1 (FCS_COP.1/RSACipherOAEP)

MAC Functions (TSF.MAC)

  •  Hash-Based MAC Functions (FCS_COP.1/HMAC)
     based on SHA-1, SHA-256, SHA-384, SHA-512, and RIPEMD-160

Please note that the IAIK-JCE toolkit contains more cryptographic functions than those in the CC Core, but only those of the CC Core have been evaluated. Moreover, the IAIK-JCE toolkit may offer additional features of an algorithm which is part of the CC Core. For example, the CC Core contains RSA signatures with key sizes starting from 1024 bit. The IAIK-JCE supports also shorter key sizes like 512 bit for RSA, but if an application uses 512 bit RSA keys, it uses the IAIK-JCE outside the specifications of the CC Core. 512 bit RSA is not covered by the evaluation.

Prices and conditions

For current prices of IAIK-JCE CC Core, please see our price list and our license conditions.

To order the product, please contact our sales office: 

print    tip a friend
back to previous page back  |  top to the top of the page