在Java Card中存储对称密钥 [英] Store symmetric keys in Java Card

问题描述

我正在处理一个小程序，它必须与不同的终端共享 AESKey 类型的一些键。事情是我不提前知道将要处理多少终端。

I am working on an applet which has to share some keys of type AESKey with different terminals. The thing is I don't know in advance how many terminals it will have to handle.

因为没有像 HashTable 在Java卡，它变得复杂。我仍然可以修复上限和实例尽可能多的对象 AESKey ，但我想搜索另一种方法。

As there is no structure like HashTable in Java Card, it's getting complicated. I can still fix an upper bound and instanciate as much objects AESKey but I would like to search for another way to do.

我想我可以用字节数组做一些事情，但是在 byte [] ？

I thought I could do something with byte arrays, but is it a bad practice to store keys in byte[]?

我认为答案是肯定的，它只是建议存储在瞬态数组进行计算。否则，我不明白 AESKey 对象的作用。

I think the answer is yes and it is only recommanded to store it in transient arrays to make computations. Otherwise, I don't understand the role of AESKey objects. Just want to be sure.

推荐答案

重要的安全相关数据（如密钥和PIN）应始终存储在指定的对象中Javacard API，例如 AESKey 。
智能卡操作系统将执行其他内部操作，以防止值泄漏。
如果您不知道卡将遇到多少终端您可以将键包含在作为链表的一部分的对象中：

Important security-relevant data like keys and PINs shall always be stored in the therefore designated objects from the Javacard API, e.g. AESKey.
The smartcard operating system will perform additional internal operations to protect there values from leaking.
If you don't know how many terminals the card will encounter you could encapsulate the Keys in an Object which is part of a linked list:

class KeyElement{
   KeyElement next;
   AESKey key;
}

这篇关于在Java Card中存储对称密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！