Encryptionfunctions of the BASIC CARDS
Security is the main concern for smartcards
The BasicCard support the following crypto functions:
DES and TripleDES algorithm
The DES algorithm is the internationally recognized Data Encryption Standard, defined in the ANSI standard documents X3.92-1981 (Data Encryption Algorithm) and X3.106-1983 (Data Encryption Algorithm – Modes of Operation). For a fuller treatment, including 'C' source code, see Bruce Schneier's Applied Cryptography (Second Edition, John Wiley & Sons, Inc., 1996).
As you can see from the dates of the ANSI documents, the DES algorithm is no longer young. In fact, the original DES algorithm is usually referred to as Single DES, and must now be regarded as less than completely secure. Special-purpose hardware can be constructed for several tens of thousands of dollars, that can break Single DES encryption in less than a day. For this reason, a stronger version, Triple DES, has become a de facto standard in the banking world. This algorithm is generally believed to be safe against all currently feasible attacks.
AES: The Advanced Encryption Standard
The BasicCard supports the Advanced Encryption Standard defined in Federal Information Processing Standard FIPS 197.
This standard is available on the Internet
AES uses the Rijndael algorithm as its cryptographic primitive. The Standard specifies three permitted key lengths: 128 bits, 192 bits, and 256 bits. All three key lengths are available to Terminal programs, BasicCard programs are restricted to 128-bit keys.
EC–161: The Elliptic Curve Library
The EC–161 library implements 161-bit Elliptic Curve Cryptography.
The following operations are supported:
private/public key pair generation;
session key generation;
digital signature generation;
digital signature verification (Terminal program only).
This implementation follows the proposed standard IEEE P1363:
Standard Specifications for Public Key Cryptography.
Elliptic Curve Cryptography is a branch of Public Key Cryptography that is especially suitable for Smart Card implementation, for two reasons:
the generation of private/public key pairs is simple enough to be implemented in a Smart Card;
it requires much smaller key sizes than other well-known methods for the same level of security.
The library EC–161 uses points with 161-bit prime order; this is currently considered equivalent in security to 1024-bit RSA.
RSA is the established standard for public key encryption
The name RSA is derived from the names of the inventors of this algorithm, which are: Ron Rivest, Adi Shamir and Leonard Adleman. RSA is known since 1978 [1,2]. In the long time since invention of RSA the principle of RSA was not broken. However RSA encryption with key length up to 512 bits was broken some time ago. RSA encryption with key length of 1024 bits is not broken and because of that recommended to be used today. The principle and security of RSA is based on the fact that with today's knowledge it is not possible to find the prime factors of a big number (n=pq, where p and q are prime numbers) in suitable time.
Public Key: n=pq (p and q are big prime numbers)
e relative prime to (p-1)(q-1)
Private Key: d e-1 mod ((p-1)(q-1))
Encryption: c = me mod n
Decryption: m = cd mod n
 R.L. Rivest, A. Shamir, and L.M. Adleman,”A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Communications of ACM, v. 21, n. 2, Feb 1978, pp. 120-126
 R.L. Rivest, A. Shamir, and L.M. Adleman,”On Digital Signatures and Public Key Cryptosystems”,MIT Laboratory for Computer Science, Technical Report, MIT/LCS/TR-212, Jan 1979v. 21, n. 2, Feb 1978, pp. 120-126
SHA–1: The Secure Hash Algorithm Library
The Secure Hash Algorithm as defined in the Federal Information Processing Standards document FIPS 180–1. The algorithm takes an arbitrary message as input, and outputs a 20-byte hash of that message. It is supposed to be computationally infeasible to invert this algorithm. More specifically:
given a 20-byte hash, it is computationally infeasible to construct a message with that hash;
it is computationally infeasible to construct two different messages with identical hashes.
FIPS 180-1 is available on the Internet.
The SHA–1 library was implemented as an adjunct to the EC–161 Elliptic Curve library. In the first place, it is specified in the proposed IEEE standard P1363 as one of the approved hashing algorithms for use in Elliptic Curve digital signature generation; and in the second place, it provides a source of cryptographically strong pseudo-random numbers, for the generation of keys and signatures.
IDEA: International Data Encryption Algorithm
The IDEA library implements the International Data Encryption Algorithm, a block cipher with a 128-bit key size. This algorithm is cryptographically as strong as Triple DES, but is faster than Single DES.
Note: The International Data Encryption Algorithm may be used free of charge for non-commercial purposes. For commercial use, permission must be obtained from the patent holders:
Ascom Systec Ltd.
The SG-LFSR Algorithm
(only supported in the Compact BasicCard)
This algorithm was designed by D. Coppersmith, H. Krawczyk, and Y. Mansour ("The Shrinking Generator", Advances in Cryptology – CRYPTO '93 Proceedings, Springer-Verlag, 1994). It uses two Linear Feedback Shift Registers, A and S, to generate a stream of bits: the registers are run in parallel until register S generates a 1 bit, at which point the bit generated simultaneously by register A is used as the next bit in the stream.
The Compact BasicCard implements this algorithm with Linear Feedback Shift Registers A and S of length 31 and 32 respectively. In order for the system to be secure against attack with registers of this size, it is necessary to use generating polynomials PolyA and PolyS that are unknown to the attacker. To this end, we supply a program for the generation of random cryptographic keys and primitive polynomials.
C++ source code for theSG-LFSR algorithm is provided in the BasicCard development kit.