CMAC using AES-128 MAC algorithms

I am interested in IDL(International Driver's License) Applet
And,
I want to konw how to implement CMAC using AES-128 MAC algorithms in JavaCard 2.2.1, especially, JCOPv2.4.1.
Does Java Card API or JCOP API support this algorithm, CMAC using AES-128 MAC?
if not, do I should implement this algorithms as a function inside IDL Applet?
please help me.

JCOP v2.4.1 supports AES. You just need to code down what is written in the spec.
JCOP platform itself does not support AES based secure channel protocol (SCP03).

Similar Messages

  • Which steps we need to follow in order to IE 11 can send requests using AES 128.

    Internet Explorer 11 by default send requests to servers using AES256 algorythm instead of using AES128 bits (used for PKI Service). Which steps we need to follow in order to IE 11 can send requests using AES 128.

    Shuffling the cipher suits should do the trick.
    See Prioritizing Schannel Cipher Suites
    http://msdn.microsoft.com/en-us/library/windows/desktop/bb870930(v=vs.85).aspx
    At a command prompt, enter gpedit.msc. The Group Policy Object Editor appears.
    Expand Computer Configuration, Administrative Templates, Network, and then click SSL Configuration Settings.
    Under SSL Configuration Settings, click the SSL Cipher Suite Order setting.
    In the SSL Cipher Suite Order pane, scroll to the bottom of the pane.
    Follow the instructions labeled How to modify this setting.
    It is necessary to restart the computer after modifying this setting for the changes to take effect. The list of cipher suites is limited to 1023 characters.
    examples
    TLS_RSA_WITH_AES_128_CBC_SHA                
    TLS_RSA_WITH_AES_256_CBC_SHA                
    TLS_RSA_WITH_RC4_128_SHA                    
    TLS_RSA_WITH_3DES_EDE_CBC_SHA               
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256     
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384     
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521     
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256     
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384      
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256   
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384   
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521   
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256   
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384   
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521   
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA            
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA             
    TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
    TLS_RSA_WITH_RC4_128_MD5                                      
    SSL_CK_RC4_128_WITH_MD5                     
    SSL_CK_DES_192_EDE3_CBC_WITH_MD5            
    TLS_RSA_WITH_NULL_SHA
    TLS_RSA_WITH_NULL_MD5    
    At which point you may place AES 128 suites before AES-256 suites, which is actually the default I believe even for TLS 1.2.

  • How Secure Is A Disk Image Using AES-128 Encryption ?

    I want to make encrypted disk images using Disk Utility.
    How secure will they be ?
    Good enough for state secrets ?
    Can the encryption be broken ? If so, how easily ?
    Could the average hacker break it easily or with great effort over a long period ?
    Or would it take a team of government type experts ?
    Ian the Paranoid.

    I would say encrypted disks are a safe option.
    However, with the coming rise of quantum computers, in the wrong hands, encryption for the near future will be all but nullified.
    Some safe measures to take for making your computer safer include: Changing your router's password, enabling firewall, reverse firewall, FileVault (make sure you don't lose your paswords) Firmware password, encrypted mail service, (If available from your ISP).
    These are just some of the obvious. There's more and I haven't used them all. But, it just helps to be informed and work with what you can.

  • Aes-256 or aes-128 bit

    Hello
    I'm trying to keep the CPU down as much as possible on my ASA-5540. We're running 8.2.5 on it. We have a bout 80 active IPSec tunnels so far, all which are using AES-256 bit for phase1/2, 75 of the tunnels are mostly ezy vpn connections. Currently the CPU during peak usage is averaging around 22%.  We're planning on having over 1000 IPsec connections, mostly will be remote vpn access with about 170 of them ezy vpn and 250 l2l tunnels.
    Is there any noticable CPU performance gain by using AES-128 bit instead of AES-256 on the phase2?
    Thanks,
    John

    Just wondering if someone out there has noticed any performance gains by using AES-128 instead of AES-256. I'm trying standardize on a policy going forward.
    Thanks!

  • What is the best encryption algorithm to use on a Mac

    If I'm using a program like cryptor-1.51, what is most reliable encryption algorithm I could use with it?

    Ask the developer. BTW, they claim you can use Blowfish, RC2, RC4, RC5, DES, and AES
    (128,192 and 256-bit) encryption schemes.

  • Encrypt and Decrypt Card Number using AES 256 algorithm

    Dear All,
         I have a table in Sql Server database. in that table  storing
    Card_Information. This information is secured so that need to encrypt that data in sql server table.
    Can some one help on Encrypting and decryption process using AES 256 algorithm.
    Regards, Praveen

    Hello,
    See MSDN Cryptographic Functions (Transact-SQL) for all available en-/decryption function in SQL Server.
    Olaf Helper
    [ Blog] [ Xing] [ MVP]

  • Single sign on using AES or Triple DES algorithm.

    Hello all-
    At my client place we have to setup a Single Sign On Functionality to an external system. The link will be on the portal page for the employees to click. This functioanlity has to be done by either AES (Advanced Encryption Algorithm) or Triple DES algorithm.
    When the user clicks the SSO link on the portal page, the BSP application should implement any of these two above mentioned encryption algorithms and post the encrypted key appended to the third party URL. Then the third party system will decrypt and verify the user who is requesting the information and accordingly either allow or deny.
    If anyone has any info on this please revert back.
    Thank you very much for the help.
    Ramesh.

    Hi Ramesh,
    Did u get any clarification regarding Standard Triple DES algorithm.
    If yes,Please let me know.
    Thanks,
    JOhny lever

  • Can I recover an AES-128 encrypted disk image from the 'trash'?

    I am a college student and I created an AES-128 encrypted disk image file (.dmg, .sparseimage) to store all my assignments and things. Unfortunately, while cleaning out my computer, I accidentally put the file in the trash without noticing and then proceeded to empty the trash. I then turned to the application 'MacKeeper' and used it's 'undelete' function but I could not find the file. It is very very important that I recover this file. I desperately need help.

    You might have better luck with something stronger.....
    http://www.macupdate.com/app/mac/10259/data-rescue
    ....I have not used it....(lucky)

  • How to create SecretKey for AES 128 Encryption based on user's password??

    I have written a below program to encrypt a file with AES 128 algorithm. This code works fine. It does encrypt and decrypt file successfully..
    Here in this code I am generating SecretKey in the main() method with the use of key generator. But can anybody please tell me how can I generate SecretKey based on user's password?
    Thanks in Advance,
    Jenish
    import java.io.InputStream;
    import java.io.OutputStream;
    import java.io.FileInputStream;
    import java.io.FileOutputStream;
    import java.io.ObjectOutputStream;
    import java.io.ObjectInputStream;
    import javax.crypto.Cipher;
    import javax.crypto.SecretKey;
    import javax.crypto.spec.IvParameterSpec;
    import javax.crypto.CipherInputStream;
    import javax.crypto.CipherOutputStream;
    import javax.crypto.KeyGenerator;
    import java.security.spec.AlgorithmParameterSpec;
    public class AESEncrypter
         Cipher ecipher;
         Cipher dcipher;
         public AESEncrypter(SecretKey key)
              // Create an 8-byte initialization vector
              byte[] iv = new byte[]
                   0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
              AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
              try
                   ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                   dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                   // CBC requires an initialization vector
                   ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
                   dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
              catch (Exception e)
                   e.printStackTrace();
         // Buffer used to transport the bytes from one stream to another
         byte[] buf = new byte[1024];
         public void encrypt(InputStream in, OutputStream out)
              try
                   // Bytes written to out will be encrypted
                   out = new CipherOutputStream(out, ecipher);
                   // Read in the cleartext bytes and write to out to encrypt
                   int numRead = 0;
                   while ((numRead = in.read(buf)) >= 0)
                        out.write(buf, 0, numRead);
                   out.close();
              catch (java.io.IOException e)
         public void decrypt(InputStream in, OutputStream out)
              try
                   // Bytes read from in will be decrypted
                   in = new CipherInputStream(in, dcipher);
                   // Read in the decrypted bytes and write the cleartext to out
                   int numRead = 0;
                   while ((numRead = in.read(buf)) >= 0)
                        out.write(buf, 0, numRead);
                   out.close();
              catch (java.io.IOException e)
         public static void main(String args[])
              try
                   // Generate a temporary key. In practice, you would save this key.
                   // See also e464 Encrypting with DES Using a Pass Phrase.
                   KeyGenerator     kgen     =     KeyGenerator.getInstance("AES");
                   kgen.init(128);
                   SecretKey key               =     kgen.generateKey();
                   // Create encrypter/decrypter class
                   AESEncrypter encrypter = new AESEncrypter(key);
                   // Encrypt
                   encrypter.encrypt(new FileInputStream("E:\\keeper.txt"),new FileOutputStream("E:\\Encrypted.txt"));
                   // Decrypt
                   encrypter.decrypt(new FileInputStream("E:\\keeper.txt"),new FileOutputStream("E:\\Decrypted.txt"));
              catch (Exception e)
                   e.printStackTrace();
    }

    sabre150 wrote:
    [PKCS12|http://www.rsa.com/rsalabs/node.asp?id=2138]
    [PKCS5|http://www.rsa.com/rsalabs/node.asp?id=2127] , no?
    In Java, you can use the [Password-based encryption PBE Cipher classes|http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#PBEEx] . I think you'll need the bouncycastle provider to get AES-based PBE ciphers.

  • New iPad asks for WiFi password. There is none. My WiFi uses WEP 128 bit encryption, but there is no "password" to enter.

    Brand new to the iPad. It's asking for a password to the WiFi network in my home. There is no "password" as such associated with this WiFi network. It uses WEP 128 bit encryption where each byte is a hexadecimal number and is called a "key" Typing this lengthy thing in gives me no results. The iPad keeps on asking for a password. I have three computers and a DVD hooked to the network which has been working for a decade, so that's not the issue.
    Basically I'm stuck not being able to get onto the WiFi system.

    iOS 6 Wifi Problems/Fixes
    Fix For iOS 6 WiFi Problems?
    http://tabletcrunch.com/2012/09/27/fix-ios-6-wifi-problems/
    Did iOS 6 Screw Your Wi-Fi? Here’s How to Fix It
    http://gizmodo.com/5944761/does-ios-6-have-a-wi+fi-bug
    How To Fix Wi-Fi Connectivity Issue After Upgrading To iOS 6
    http://www.iphonehacks.com/2012/09/fix-wi-fi-connectivity-issue-after-upgrading- to-ios-6.html
    iOS 6 iPad 3 wi-fi "connection fix" for netgear router
    http://www.youtube.com/watch?v=XsWS4ha-dn0
    Apple's iOS 6 Wi-Fi problems
    http://www.zdnet.com/apples-ios-6-wi-fi-problems-linger-on-7000004799/
    ~~~~~~~~~~~~~~~~~~~~~~~
    Look at iOS Troubleshooting Wi-Fi networks and connections  http://support.apple.com/kb/TS1398
    iPad: Issues connecting to Wi-Fi networks  http://support.apple.com/kb/ts3304
    WiFi Connecting/Troubleshooting
    http://www.apple.com/support/ipad/wifi/
    How to Fix: My iPad Won't Connect to WiFi
    http://ipad.about.com/od/iPad_Troubleshooting/ss/How-To-Fix-My-Ipad-Wont-Connect -To-Wi-Fi.htm
    iOS: Connecting to the Internet
    http://support.apple.com/kb/HT1695
    iOS: Recommended settings for Wi-Fi routers and access points  http://support.apple.com/kb/HT4199
    Additional things to try.
    Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
    Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
    Change the channel on your wireless router (Auto or Channel 6 is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
    Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
    How to Quickly Fix iPad 3 Wi-Fi Reception Problems
    http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
    If none of the above suggestions work, look at this link.
    iPad Wi-Fi Problems: Comprehensive List of Fixes
    http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
    Fix iPad Wifi Connection and Signal Issues  http://www.youtube.com/watch?v=uwWtIG5jUxE
    Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
    Unable to Connect After iOS Update - saw this solution on another post.
    https://discussions.apple.com/thread/4010130
    Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
    ~~~~~~~~~~~~~~~
    If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
     Cheers, Tom

  • Using AES - Creating password?

    Hello everyone,
    What I want to do is encrypt data using AES, and encrypt it with a password, like making a Key be a certian String. Instead of using a generated key, because I want people to be able to view this whenever,
    KeyGenerator kgen = KeyGenerator.getInstance("AES");
           kgen.init(128);
           SecretKey skey = kgen.generateKey();Instead of generating a key, I want to be able to use a password like "test" or anything like that. But I don't see how I can do that, I think I am just missing something.
    Thanks for any help,
    ON a side note: If anybody can tell me how I can use AES 256, that would be great but its not that important.

    Now I get an error, this is the code that the error is surrounding
    KeyGenerator kgen = KeyGenerator.getInstance("AES");
           kgen.init(128); // 192 and 256 bits may not be available
           // Generate the secret key specs.
           //Key password = kgen.
           char[] SecretPhrase ={'M', 'y', 'P', 'a', 's', 's', 'w', 'o', 'r', 'd'};
           PBEKeySpec pbeKeySpec = new PBEKeySpec(SecretPhrase);
           SecretKeyFactory skeyFactory = SecretKeyFactory.getInstance("DES");
           SecretKey secretKey = skeyFactory.generateSecret(pbeKeySpec);
           //SecretKey skey = kgen.generateKey();
           byte[] raw = secretKey.getEncoded();
          // String password = "test";
          // byte[] pass = password.getBytes();
           SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
           // Instantiate the cipher
           Cipher cipher = Cipher.getInstance("AES");
           cipher.init(Cipher.ENCRYPT_MODE, skeySpec);The error
    Exception in thread "main" java.security.spec.InvalidKeySpecException: Inappropriate key specification
         at com.sun.crypto.provider.DESKeyFactory.engineGenerateSecret(DashoA13*..)
         at javax.crypto.SecretKeyFactory.generateSecret(DashoA13*..)
         at EncryptionMethods.Main.main(Main.java:60)Line 60 is
      SecretKey secretKey = skeyFactory.generateSecret(pbeKeySpec);

  • SSH Weak MAC algorithms

    Hi All,
    we are running security assessment on Cisco ISE 1.2.1 using nessus software, and we found out that is a SSH weak MAC algorithms detect, how can we disable md5, md5-96, sha1-96. we have also enable "service sshd key-exchange-algorithm diffie-hellman-group14-sha1" in CLI and restart appliance but still face same issue, need this resolve.
    kindly advice. 
    service sshd enable
    service sshd key-exchange-algorithm diffie-hellman-group14-sha1

    im having this same issue..is there a solution for this.

  • Encryption "none" or AES-128

    When duplicating a dvd, Disk Utility asks me to choose from 2 encryption options: "none" or "AES-128 (recommended)". If the latter is recommended, why isn't it the default. I chose "none". What did I lose/give up by not choosing the AES-128 option? thanks

    Turning on encryption for a disk image makes it difficult for the image to be accessed by someone who doesn't know the password. If you burn the image's contents to a DVD just after making it, the encryption method used won't matter, and will only slow down the process because the data needs to be decrypted during the burn.
    (11205)

  • Using a different .Mac account in iPhoto

    We have a .Mac family pack. My wife and I each have a personal account and we would like to use a completely different .Mac account to post our web galleries, but I don't want to have to create a new user on my Mac just to use iPhoto. Is there a way that iPhoto can use a different .Mac account than the one associated with my user account on my computer to publish galleries?
    Thanks,
    Aaron

    For POP:
    The following mail server settings will work with all AT&T email domains: @ameritech.net, @att.net, @bellsouth.net, @flash.net, @nvbell.net, @pacbell.net, @prodigy.net, @sbcglobal.net, @snet.net, @swbell.net, @wans.net.
    Email Program Settings Field:
    Enter:
    Incoming (POP)
    inbound.att.net
    Outgoing (SMTP)
    outbound.att.net(requires authentication)
    Incoming mail server:
    POP3
    Incoming/Outgoing User Name:
    Full AT&T email address, including domain (e.g., [email protected], [email protected])
    Incoming mail port #:
    995, secure connection (SSL) checked
    Outgoing mail port #
    465, secure connection (SSL) checked
    I assume the settings you are refering to gives that delay for marking the messages as read when highlighted for that period of time. Probably for scrolling through the list without changing the unread status. Lion doesn't have that selection, so I can't test that at the moment.

  • I'm using Word for Mac. Though there are various instructions on the Internet for modifying the templates, none make sense to me. They instruct to do something I can't follow. I change a template but can't save it to the template folder.

    What the ****.
    OK, I try to change a template using Word for Mac version 14.3.4 2011 edition.
    I make a change to the template but am unable to save the darned thing to the template folder; it asks for a file name like it's a new document. I want to change the blasted template but if I can't save it as a modified template, I've accomplished nothing.
    Does anyone have a solution?
    Thanks

    Support for Microsoft Office for Mac

Maybe you are looking for