presentation slides


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

presentation slides

  1. 1. Overview of J2ME and PocketPC Support for both in the PDA, mobile phone market Securing J2ME/MIDP applications using B ouncy Castle Crypto APIs Presented by: Atul Shrivastava CSCI 5939 Instructor: Dr. Yang Date: 27 th March 2003
  2. 2. What is J2ME? <ul><li>J2ME is a version of the Java programming language and stands for ``Java 2 Micro Edition.'' </li></ul><ul><li>J2ME is designed with the memory and processor limitations of small electronic devices, like cell phones and personal digital assistants (PDAs). </li></ul><ul><li>The JavaTM 2 Platform Micro Edition, (J2METM) Wireless Toolkit are sets of tools that provide application developers with the emulation environments, documentation and examples needed to develop Java technology applications targeted at CLDC/MIDP compliant mobile phones and PDAs. </li></ul>
  3. 3. MIDP <ul><li>Mobile Information Device Profile </li></ul><ul><li>MIDP is also an open specification that adapts existing technologies such as Java and the Web. </li></ul><ul><li>MIDP-based applications (also known as MIDlets) is similar, but not identical, to developing Java Applets in the sense they share a similar programming model. </li></ul><ul><li>MIDP provides Java APIs using the ConnectedLimited Device Configuration (CLDC) for small, mobile information devices such as cell phones and two-way pagers. </li></ul><ul><li>An applet is described in an HTML file, a MIDlet or a group of MIDlets (known as a MIDlet Suite) is described in a Java Descriptor (JAD) file. </li></ul>
  4. 4. CVM <ul><li>C Virtual Machine </li></ul><ul><li>CVM a JVM designed for higher-end, emerging, next generation consumer electronic and embedded devices(32-bit processor and 2Mb+ memory) </li></ul><ul><li>Devices using CVM are typically compact and connected consumer-oriented devices. </li></ul><ul><li>The CVM virtual machine is a Java 2 virtual machine designed for devices needing the functionality of the Java 2 virtual machine feature set, but with a smaller footprint. </li></ul>
  5. 5. CDC <ul><li>Connected Device Configuration (CDC) includes the CVM virtual machine and basic class libraries to support Java language applications on pagers, personal digital assistants (PDAs) </li></ul>
  6. 6. POCKET PC <ul><li>Pocket versions of popular Microsoft applications let you easily update and share the same data and documents that you have on your desktop PC. </li></ul><ul><li>Mobile versions of familiar microsoft desktop applications </li></ul><ul><ul><li>Pocket Outlook® -Mobile companion to Microsoft Outlook. </li></ul></ul><ul><ul><li>Calendar keeps your Pocket PC &quot;well-appointed.&quot; </li></ul></ul><ul><ul><li>Tasks Tame your to-do list with Pocket PC tasks! </li></ul></ul><ul><ul><li>Notes &quot;electronic notepad.&quot; </li></ul></ul><ul><ul><li>Pocket Word Pocket PC word. </li></ul></ul><ul><ul><li>Pocket Excel Do the math. </li></ul></ul><ul><ul><li>File Explorer </li></ul></ul>
  10. 10. CHAT
  13. 13. WEB SURFING
  14. 14. QUICK COMPARISON CHART POCKET PC AND PALM OS -=Yes    x =No    $=Optional (May be available as Freeware) $ $ $ Syncs with Lotus Notes  $  Syncs with Outlook    Desktop PIM Included    Syncs with Mac    Syncs with PC    Handwriting    Onscreen Keyboard    Calculator    Task List    Email    NotePad    Calendar    Address Book Palm OS 5.0 Palm OS 4.1 Pocket Pc 2002 Feature
  15. 15. QUICK COMPARISON CHART POCKET PC AND PALM OS cont…    16-bit color support $ $  E-book reader  $  Video playback    MP3 playback support  $  Instant messenger client $ $  Offline browsing $ $  WAP browser  $  HTML browser   $ Voice recorder $ $ $ Adobe Acrobat Support  $ $ Microsoft PowerPoint support  $  Microsoft Excel document support  $  Microsoft Word document support
  16. 16. AVAILABLE PDA’S SUPPORTING POCKET PC OPERATING SYSTEM Intel XScale Toshiba e740 $599* 10 Intel XScale Dell Axim X5 Starting at U.S. $199 9 Intel® PXA250 Toshiba e330 $349* 8 Strong ARM AS 1110 Gradiente Partner R$4.599,00 7 Intel StrongARM Processor T-Mobile Pocket PC Phone Edition U.S.$549.99* 6 Intel XScale Processor iPAQ H3970 U.S.$749* 5 Intel StrongARM 32-bit Processor Audiovox Maestro Pocket PC PDA-1032 U.S.$549* 4 Intel StrongARM 32-bit processor HP Jornada 560 series (565/568) U.S.$599* 3 Intel StrongARM 32-bit processor Casio Cassiopeia E-200 U.S.$599* 2 Intel StrongARM 32-bit processor Toshiba 2032 U.S.$799.99 1 Description PDA’s and estimates prices S.No
  17. 17. AVAILABLE PDA’S SUPPORTING POCKET PC OPERATING SYSTEM cont.. Intel XScale HP iPAQ Pocket PC H1910 U.S.$299* 19 Intel StrongARM SA1110 Alaska Cove MexmalU.S.$399* 18 Intel StrongARM 32-bit processor NEC MobilePro P300 (MC/PG5000A) U.S.$599* 17 Intel StrongARM Processor Siemens / AT&T Wireless SX56 Pocket PC Phone U.S. $549* 16 Intel XScale Zayo A600 U.S. $599* 15 Intel StrongARM 32-bit processor Toshiba Pocket PC e570 U.S.$569* 14 Intel StrongARM 32-bit processor Toshiba e310 $399* 13 Intel XScale Processor ViewSonic Pocket PC V35 U.S. $299* 12 Intel StrongARM 32-bit processor Compaq iPAQ Pocket PC H3870/H3835 U.S.$599* 11
  18. 18. J2ME - Java Enabled Devices & Phones Available in the U.S. and Canada, the i85s was the first J2ME-enabled mobile phone available in North America. VM: MIDP Platform: iDEN Motorola i50sx i55sr i80s i85s i90c Accompli 008/6288 6 VM: iAppli Platform: iMode (PDC) Mitsubishi J-D05,D503i, D503iS 5 CDMA 1XRTT Tri-Mode phone available from Sprint PCS. VM: MIDP Platform: CDMA2000 1X LG Electronics C-nain 2000 CX-300L Cyber-ez-X1 I-Book 4 VM: MIDP Platform: EZ-Java Hitachi C451H, C3001H 3 VM: iAppli Platform: iMode (PDC) Fujitsu F503iS 2 Runs J2ME/MIDP, JBlend, Ezplus VM: MIDP Platform: CdmaOne Casio C452CA 1 Description Java Enabled Devices & Phones S.No
  19. 19. J2ME - Java Enabled Devices & Phones cont.. This dual-band Sprint, &quot;Vision-enabled&quot; phone was released by Sprint PCS, August 2002 in the U.S. VM: MIDP Platform: CDMA2000 1X Sanyo SCP-4900 12 VM: MIDP Platform: CDMA Toshiba C5001T 11 256-color display and integrated Bluetooth technology. VM: MIDP Platform: GSM Siemens S56 10 VM: MIDP Platform: JBlend Sharp J-SH07 9 VM: CLDC Platform: PDC Panasonic P503i P503iS P2101V 8 The first Nokia product with wireless Java support VM: PersonalJava Platform: Symbian Nokia 9210 Communicator 7
  20. 20. <ul><li>SECURING J2ME/MIDP APPLICATIONS </li></ul><ul><li>USING THE BOUNCY CASTLE CRYPTO APIS </li></ul>
  21. 21. OVERVIEW <ul><li>XML digital signature technology can help implement lightweight and flexible security solutions for wireless Web services applications. </li></ul><ul><li>Bouncy Castle cryptography package help securing XML messaging. </li></ul><ul><li>Wireless communications are easy targets for air wave interception wireless devices rarely have the computing power to support strong encryption of all communication data. </li></ul>
  22. 22. THE ELEMENTS OF SECURE COMMUNICATION <ul><li>Authentication : The digital signature on a public key certificate can validate the authenticity of the public key and therefore the party who holds it. </li></ul><ul><li>Data integrity : The parties must make sure that the contents are not altered during transmission. Digital signature is the most commonly used technology to guarantee data integrity. </li></ul><ul><li>Data confidentiality : Sometimes, the communication data is sensitive and has to be kept secret. Digital signature does not provide data confidentiality. We have to use data encryption. </li></ul><ul><li>Non-repudiation : After a message is sent, the sender should not be able deny it later. Digital signature provides a partial solution. If the message is digitally signed, the sender cannot deny its responsibility because only he can provide such signature. </li></ul>
  23. 23. STEPS IN DIGITAL VERIFICATION <ul><li>The server generates a pair consisting of a random public key and a private key using a set of key model parameters. In real production system, this step is usually not necessary because the key pairs are usually pre-generated and stored in server key stores. </li></ul><ul><li>When a JSP page is accessed, the server calculates a digest for the response message. </li></ul><ul><li>The JSP page then invokes the signer in the &quot;sign&quot; mode and generates a digital signature for the digest using the private key. </li></ul><ul><li>The server embeds the signature information including the digest, digital signature itself, and public key parameters in the XML response message. </li></ul>
  24. 24. STEPS IN DIGITAL VERIFICATION <ul><li>The client receives the XML document and parses the digest, digital signature, and public key parameters into Java application data. </li></ul><ul><li>The client calculates a digest from the clear text message and compares it with the digest from the server. If the two digests do not match, the document verification fails; if they do match, go to the next step. </li></ul><ul><li>The client reconstructs the public key using the embedded key parameters. </li></ul><ul><li>The client invokes the signer in &quot;verify&quot; mode and passes the digest, the signature, and the public key to verify the signature. </li></ul>
  25. 25. THE BOUNCY CASTLE CRYPTO APIS <ul><li>There are three Bouncy Castle's signers </li></ul><ul><li>1. DSA </li></ul><ul><li>2. ECC </li></ul><ul><li>3. RSA </li></ul>
  26. 26. DSA <ul><li>1. Creating an encoded digest </li></ul><ul><li>2. Generating key pairs using methods DSASigUtil.generateKeys() </li></ul><ul><li>3. Retrieving the model and key parameters by the pubKey.getY() method. </li></ul><ul><li>4. Using the generated private key, the utility class DSASigUtil can get a two-part DSA signature, R and S, from a digest </li></ul><ul><li>5. The server encodes the digest, signature, and key parameters into ASCII text form and embeds the text in the XML digital signature format </li></ul><ul><li>6. The verification MIDP application parses the digest, key parameters, and signature out of the XML document, reconstructs the public key </li></ul>
  27. 27. ELLIPTICAL CURVE DSA SIGNATURE <ul><li>Defining the elliptical curve model </li></ul><ul><li>Generating the random key pairs using the model </li></ul><ul><li>ECDSAUtil methods for retrieving model and key parameters </li></ul><ul><li>Retrieving the DSA signature </li></ul><ul><li>Encoding and embedding in digital signature format </li></ul><ul><li>Validating the signature </li></ul>
  28. 28. RSA SIGNATURE <ul><li>Generating random key pairs using Exponent </li></ul><ul><li>RSAUtil methods for retrieving model and key parameters </li></ul><ul><li>Getting the byte array RSA signature </li></ul><ul><li>Encoding and embedding in digital signature format </li></ul><ul><li>Validating the signature </li></ul>
  29. 29. PERFORMANCE COMPARISONS <ul><li>Bouncy Castle Crypto package slow JVM to perform intensive big integer mathematical operations </li></ul><ul><li>Only the RSA algorithm gives an acceptable performance - a minute on a 16MHz Palm VII device </li></ul><ul><li>DSA and ECC algorithm performances are unacceptable -take more than an hour to verify on standard Palm VII MIDP </li></ul><ul><li>JVM must also take advantage of available special hardware and underlying OS features to accelerate security-related math operations. </li></ul>
  30. 30. GLOSSARY <ul><li>The Intel® StrongARM* SA-1110 Microprocessor (SA-1110) is a device optimized for meeting portable and embedded application requirements. In addition, the SA-1110 provides system support logic, multiple serial communication channels, a color/gray scale LCD controller, PCMCIA support for up to two sockets, and general-purpose I/O ports. </li></ul><ul><li>XScale Processor Designed to optimize low power consumption and high performance processing for a wide range of wireless and networking applications and rich services. </li></ul><ul><li>CDMA works by converting speech into digital information, which is then transmitted as a radio signal over a wireless network. Using a unique code to distinguish each different call, CDMA enables many more people to share the airwaves at the same time - without static, cross-talk or interference. </li></ul><ul><li>JBlend The JBlend platform is the de facto solution for deploying Java applications and services in mobile phones. </li></ul><ul><li>GSM networks deliver high quality and secure mobile voice and data services (such as SMS/Text Messaging) with full roaming capabilities across the world. </li></ul><ul><li>GPRS General Packet Radio Service (GPRS) enabled networks offer 'always-on', higher capacity, Internet-based content and packet-based data services. This enables services such as colour Internet browsing, e-mail on the move, powerful visual communications, multimedia messages and location-based services. </li></ul><ul><li>3GSM* is the latest addition to the GSM family. 3GSM* is about having third generation mobile multimedia services available globally. 3GSM* focuses on visionary communications, in more ways than one. It's about the new visual ways in which people will communicate and the unique vision of the GSM community, which has always focused on the future needs of our customers. </li></ul><ul><li>Bluetooth is the key to enabling wireless personal area networks (WPAN) that connect devices in close proximity </li></ul>
  31. 31. REFERENCES <ul><li> </li></ul><ul><li>http:// </li></ul><ul><li> </li></ul><ul><li> default.asp </li></ul><ul><li> </li></ul><ul><li>http:// / </li></ul><ul><li>http:// / </li></ul><ul><li>http:// =3893 </li></ul><ul><li> pocketpc/hardware/americas.asp </li></ul><ul><li>http:// / </li></ul><ul><li>http:// / </li></ul><ul><li>http:// / </li></ul><ul><li>http:// </li></ul><ul><li>http:// /devices/ </li></ul>
  32. 32. Thank You !!! <ul><li>Questions??? </li></ul>