Crayonic Wallets Secure Element Specification

• ECC support for NIST-P-256 and other curves are supported depending on the product

• Digital signature generation and verification with ECDSA

• Key agreement with Diffie-Hellman (ECKA-ECDH) and El Gamal (ECKA-EG)

• ECDH-GM primitive for PACE protocol

• On-chip RSA and ECC key pair generation

• Key pair, public key and PIN objects

• Up to 88.6 Kbytes of user memory

• Extended-length APDUs

Platform

• Java Card™ 3.0.4 Classic Edition

• GlobalPlatform^® 2.1.1

• GlobalPlatform 2.2 - Amendment D - SCP03

• Manufacturer: ST Micro

Hardware

• Arm^® SecureCore^® SC000™ 32-bit RISC core

  • 30-year data retention at 25 °C

  • 500 000 erase/write cycles at 25 °C

• Operating temperature: –40 to +85 °C

• Enhanced NESCRYPT cryptoprocessor for public key cryptography

• Asynchronous receiver transmitter (IART) for high speed serial data support (ISO/IEC 7816-3 and EMV^® compliant)

Security

• AIS-31 class PTG.2 compliant true random number generator (TRNG)

• AIS-20/31 class DRG.3 deterministic number generator (DRNG)

• Enhanced cryptographic algorithms:

  • DES/3DES, ECC and AES

  • SHA-1, SHA224, SHA-256, SHA384, SHA512, MD5 and CRC16

  • Generic Mapping primitive for Password Authenticated Connection Establishment (PACE) protocol

• Hardware security DES accelerator

• Hardware security AES

• Differential power analysis (DPA) and differential fault analysis (DFA) countermeasures against side-channel attacks

• Active shield

• Unique serial number on each die

Certifications

• Hardware IC Common Criteria certified EAL5+

  • Certificate ANSSI-CC-2015/59 with maintenance report ANSSI-CC-2015/59-M01

• Java Card Platform Common Criteria certification EAL5+ (AVA_VAN.5, ALC_DVS.2)

  • Reference PP: Java Card Closed Configuration Protection Profile, v3.0

  • Certificate ANSSI-CC-2017/23