From wully at bluewin.ch  Mon Nov  3 09:35:19 2025
From: wully at bluewin.ch (wully)
Date: Mon, 3 Nov 2025 18:35:19 +0100
Subject: [Pcsclite-muscle] Fwd: Question about RSA and ECC on smart cards
In-Reply-To: <69acb85a-0a20-c227-b511-f14ad44935e9@bluewin.ch>
References: <69acb85a-0a20-c227-b511-f14ad44935e9@bluewin.ch>
Message-ID: <e05993fd-b3ce-d014-e986-588ecb719c4e@bluewin.ch>

Hi all

I was in the muscle at lists.musclecard.com last time asking questions
around 2017. So, I was sending my new request to the wrong list-address

I hope, that I am now at the right address again.

Thank you

best regards
wully


-------- Forwarded Message --------
Subject: Question about RSA and ECC on smart cards
Date: Mon, 3 Nov 2025 16:16:23 +0100
From: wully <wully at bluewin.ch>
To: muscle at lists.musclecard.com

Hi all

Currently, I am working with ATOS-Cards cardosV5.3 which support
ECDH-derivation.

Since these cards have "plenty" of memory (about 90kByte), it would be
interesting, to store not only keys, certificates etc. on the card, but
also store somewhat larger data (e.g. 10 or more kB) on the card. But
to transfer the data between the card and the host, it would be good to
use an AES-Encryption where the key ist derived by ECDH-Method on the card.

The generation of an AES-Key on my PC by using ECDH from the card works
perfectly (using pkcs#11). I can encrypt testdata in PC-Memory by using
C_Encrypt with the derived AES-Key and then decrypt the encrypteddata by
using the AES-Key on the PC. So the basic mechanism works.

But now I would like to use this secure "channel" between the card and
the PC to transfer secret data stored on the Smartcard to the PC, so an
eavesdropper on the USB can not decode the exchanged data.

As far as I understand, the current PKCS#11-standard does not allow to
encrypt a data object (CKA_VALUE) on the card directly by using a
*handle* to this data. Since the ATOS-Cards are not Java-Cards, one can
not use a Java-Applet on this card.

Is there a possibility, to do this?

The other direction would be similar: after establishing the secure
"channel", secret data from the PC could be AES-ecrypted and sent over
the channel to the card. But then, the data should be decrypted INSIDE
the smartcard and then stored in a CKA_VALUE.

That would be a wonderfull possibility.

Any suggestions are welcome.

wully


From andreas.schwier at cardcontact.de  Tue Nov  4 00:47:54 2025
From: andreas.schwier at cardcontact.de (Andreas Schwier)
Date: Tue, 4 Nov 2025 09:47:54 +0100
Subject: [Pcsclite-muscle] Fwd: Question about RSA and ECC on smart cards
In-Reply-To: <e05993fd-b3ce-d014-e986-588ecb719c4e@bluewin.ch>
References: <69acb85a-0a20-c227-b511-f14ad44935e9@bluewin.ch>
 <e05993fd-b3ce-d014-e986-588ecb719c4e@bluewin.ch>
Message-ID: <0d8f0265-83cd-4a06-84e1-f3d8939f202f@cardcontact.de>

Hi Wully,

I guess you are looking for the Chip Authentication protocol defined in 
BSI TR-03110. That does ECDH between the PC and the card to establish 
AES keys for secure messaging. It is the protocol used by passports and 
eID cards to protect data exchanged between the card and the terminal.

I would assume that ATOS-Cards (CardOS) support that protocol, as they 
are used in some eID systems. But of course you will need some 
supporting PKI to perform Chip Authentication.

The SmartCard-HSM has all this on-board already, as it is part of a 
larger Scheme-PKI.

Andreas

On 11/3/25 18:35, wully wrote:
> Hi all
> 
> I was in the muscle at lists.musclecard.com last time asking questions
> around 2017. So, I was sending my new request to the wrong list-address
> 
> I hope, that I am now at the right address again.
> 
> Thank you
> 
> best regards
> wully
> 
> 
> -------- Forwarded Message --------
> Subject: Question about RSA and ECC on smart cards
> Date: Mon, 3 Nov 2025 16:16:23 +0100
> From: wully <wully at bluewin.ch>
> To: muscle at lists.musclecard.com
> 
> Hi all
> 
> Currently, I am working with ATOS-Cards cardosV5.3 which support
> ECDH-derivation.
> 
> Since these cards have "plenty" of memory (about 90kByte), it would be
> interesting, to store not only keys, certificates etc. on the card, but
> also store somewhat larger data (e.g. 10 or more kB) on the card. But
> to transfer the data between the card and the host, it would be good to
> use an AES-Encryption where the key ist derived by ECDH-Method on the card.
> 
> The generation of an AES-Key on my PC by using ECDH from the card works
> perfectly (using pkcs#11). I can encrypt testdata in PC-Memory by using
> C_Encrypt with the derived AES-Key and then decrypt the encrypteddata by
> using the AES-Key on the PC. So the basic mechanism works.
> 
> But now I would like to use this secure "channel" between the card and
> the PC to transfer secret data stored on the Smartcard to the PC, so an
> eavesdropper on the USB can not decode the exchanged data.
> 
> As far as I understand, the current PKCS#11-standard does not allow to
> encrypt a data object (CKA_VALUE) on the card directly by using a
> *handle* to this data. Since the ATOS-Cards are not Java-Cards, one can
> not use a Java-Applet on this card.
> 
> Is there a possibility, to do this?
> 
> The other direction would be similar: after establishing the secure
> "channel", secret data from the PC could be AES-ecrypted and sent over
> the channel to the card. But then, the data should be decrypted INSIDE
> the smartcard and then stored in a CKA_VALUE.
> 
> That would be a wonderfull possibility.
> 
> Any suggestions are welcome.
> 
> wully
> 
> _______________________________________________
> pcsclite-muscle mailing list
> pcsclite-muscle at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/pcsclite-muscle

-- 
     ---------    CardContact Systems GmbH
    |.##> <##.|   Sch?lerweg 38
    |#       #|   D-32429 Minden, Germany
    |#       #|   Phone +49 571 56149
    |'##> <##'|   http://www.cardcontact.de
     ---------    Registergericht Bad Oeynhausen HRB 14880
                  Gesch?ftsf?hrer Andreas Schwier