JCAlgTest: supported algorithms on crypto smartcards

Written by Petr Svenda, 2016-10-14.

Today, we release new version of JCAlgTest database showing which cryptographic smartcards support what cryptographic algorithms defined in JavaCard API. If you like to know which smart card supports elliptic curves cryptography with 192bit key, AES with 256bit key and more then visit https://jcalgtest.org.

You can also try JCAlgTest tool yourself at GitHub repository. Please consider to send us the results obtained from your card.

The JCAlgTest project milestones

The project was started in 2007 by Petr Svenda and later extended by Lukas Srom, Lenka Kunikova, Peter Sekan, Rudo Kvasnovsky and others. Initially, we had only 7 different smart cards we had in our CRoCS lab. The tool now tests for more than 200 combinations of the cryptographic algorithm and key length as defined in JavaCard API version 3.0.5. The database contains early JavaCards manufactured around the year 2000 up to the very recent ones manufactured this year.

We got first community provided result in 2008 for Nokia 6131 phone with the secure element (thx Hakan Karahan). We implemented a better Java-based client for the results collection in 2012 with the subsequent increase in community-provided results.

As a result, we currently have 61 different types of cards from 13 manufacturers in database with 35 provided by our CRoCS lab and rest provided by community (thx Cosmo, Thotheolh Tay, Razvan Dragomirescu, Kenneth Benson, Josh Harvey, Ivo Kubjas, Feitian, Diego NdK, Martin Paljak, Hakan Karahan, Lukas Malina, Henrik, Martin Omacka, Lazuardi Nasution, Pierre-d, Paul Crocker, Arnis UT, Amir Digar Nemikhandad, Ahmed Mamdouh and Metro).

The snippet of the table with results for particular algorithm (a row) and card (column) The snippet of the table with results for particular algorithm (a row) and card (column)

So what cryptographic algorithms smart cards support?

  • 3DES algorithm is supported by all 61 tested smart cards.
  • AES algorithm with 128bit key is supported by 43 cards (out of 61) with 42 supporting also AES-192 and AES-256.
  • RSA with 2048bit key is supported by 57 cards (out of 61).
  • DSA algorithm is supported by only 5 cards.
  • ECC with prime field (FP, different key lengths) is supported by 28 cards. Some cards do not set default curve which must be pre-set before keypair generation use.
  • All cards support on-card keypair generation (RSA, DSA, EC_FP, EC_F2M) for supported key lengths.
  • All cards support generation of truly random data.
  • Almost all cards (59 out of 61) supports SHA-1 hashing algorithm.
  • SHA2-256 hashing algorithm is supported by 38 cards.
  • SHA2-512 hashing algorithm is supported by 16 cards.

We now also finalize performance testing of selected smart cards with beta preview already available. Stay tuned for more.