net.rim.device.api.crypto
Class ECMQVKeyAgreement

java.lang.Object
  extended by net.rim.device.api.crypto.ECMQVKeyAgreement

public final class ECMQVKeyAgreement
extends Object

Implements the key agreement scheme developed by Menezes, Qu, and Vanstone using elliptic curves (ECMQV).

Elliptic Curve cryptography is defined in various standards including P1363 and ANSI X9.62. ECMQV is defined in P1363 ( we implemented the version from the draft 13 ( "d13" ) document ).

Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0

Method Summary
Category: Signed static byte[] generateSharedSecret(ECPrivateKey localStaticPrivateKey, ECKeyPair localEphemeralKeyPair, ECPublicKey remoteStaticPublicKey, ECPublicKey remoteEphemeralPublicKey, boolean useCofactor)
          Generates the shared secret using the elliptic curve key agreement developed by Menezes, Qu, and Vanstone with the option of the cofactor of the elliptic curve being used in the shared secret calculations.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 



Method Detail

generateSharedSecret

public static byte[] generateSharedSecret(ECPrivateKey localStaticPrivateKey,
                                          ECKeyPair localEphemeralKeyPair,
                                          ECPublicKey remoteStaticPublicKey,
                                          ECPublicKey remoteEphemeralPublicKey,
                                          boolean useCofactor)
                                   throws InvalidCryptoSystemException,
                                          CryptoTokenException,
                                          CryptoUnsupportedOperationException
Generates the shared secret using the elliptic curve key agreement developed by Menezes, Qu, and Vanstone with the option of the cofactor of the elliptic curve being used in the shared secret calculations. The cofactor is used to prevent small subgroup attacks. Note that using the cofactor is the defacto standard for elliptic curve operations of the cofactor of the elliptic curve being factored into the shared secret calculations.

To perform ECMQV, two users must each have a static key pair and an ephemeral key pair. Using an insecure channel, the users exchange their static public key and ephemeral public key with each other. Next, each user computes the shared secret, passing in the required parameters. To perform ECMQV again, the users can use the same static key pair, but they must generate a different ephemeral key pair. Both static and ephemeral private keys are always kept secret and should not be shared. The ephemeral key pair is deleted after the protocol finishes.

Parameters:
localStaticPrivateKey - The local static private key to use.
localEphemeralKeyPair - The local ephemeral key pair to use.
remoteStaticPublicKey - The remote static public key to use.
remoteEphemeralPublicKey - The remote ephemeral public key to use.
useCofactor - If this true, a the elliptic curve's cofactor is used in the calculations. If false, the cofactor is not used. Note, setting this value to TRUE is the most common usage.
Returns:
A byte array containing the shared secret data. Note that the value returned is the raw shared secret, which technically is an element of the finite field that the elliptic curve is defined over. The caller can then take this byte array and feed it into any PseudoRandomSource to create a symmetric key, etc.
Throws:
InvalidCryptoSystemException - Thrown if the local and remote crypto systems are different.
CryptoTokenException - Thrown if an error occurs with the crypto token or the crypto token is invalid.
CryptoUnsupportedOperationException - Thrown if a call is made to an unsupported operation.
Category:
Signed: This element is only accessible by signed applications. If you intend to use this element, please visit http://www.blackberry.com/go/codesigning to obtain a set of code signing keys. Code signing is only required for applications running on BlackBerry smartphones; development on BlackBerry Smartphone Simulators can occur without code signing.
Since:
BlackBerry API 3.6.0





Copyright 1999-2010 Research In Motion Limited. 295 Phillip Street, Waterloo, Ontario, Canada, N2L 3W8. All Rights Reserved.
Copyright 1993-2003 Sun Microsystems, Inc. 901 San Antonio Road, Palo Alto, California, 94303, U.S.A. All Rights Reserved.
Copyright 2002-2003 Nokia Corporation All Rights Reserved.
Java is a trademark of Sun Microsystems, Inc.