Implementation of Revocable Keyed-Verification Anonymous Credentials on Java Card

Abstract

Java Card stands out as a good choice for the development of smart card applications due to the high interoperability between different manufacturers, its security, and wide support of cryptographic algorithms. Despite extensive cryptographic support, current Java Cards do not support non-standard cryptographic algorithms such as post-quantum, secure-multiparty computations, and privacy-enhancing cryptographic schemes. Moreover, Java Card is restricted by the Application Programming Interface (API) in algebraic operations, which are the foundation of modern cryptographic schemes. This paper addresses the issue of developing these modern schemes by exploiting the limited cryptographic API provided by these types of cards. We show how to (ab)use the Java Card’s API to perform modular arithmetic operations, as well as basic operations on elliptic curves. Furthermore, we implement an attribute-based privacy-enhancing scheme on an off-the-shelf Java Card. To do so, we use our cryptographic API and several optimization techniques to make the scheme as efficient as possible. To demonstrate the practicality of our solution, we present the implementation results and benchmark tests.