Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- D5.1: A survey on legislation on ID theft in the EU and….
- D5.2: ID Fraud Workshop.
- D5.2b: ID-related Crime: Towards a Common Ground for Interdisciplinary Research.
- D5.2c: Identity related crime in the world of films.
- D5.3: A Multidisciplinary Article on Identity-related Crime.
- D5.4: Anonymity in electronic government: a case-study analysis of governments? identity knowledge.
- D6.1: Forensic Implications of Identity Management Systems.
- D6.5/D6.6: Second thematic Workshop forensic implications.
- D6.7b: Workshop on Forensic Profiling.
- D6.7c: Forensic Profiling.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
Common authentication means: the Belgian electronic identity card
In this section, we briefly describe some of the technical aspects of the Belgian eID, which can be seen as an example of a so-called PKI infrastructure. An extensive description of this infrastructure can be found in FIDIS deliverable D3.6.
The card looks like a normal smart card (e.g., a bank card) and displays a number of personal and administrative data:
the identity card holder’s name (family name, up to two given names, and the initial of a third name),
title,
nationality,
place and date of birth,
gender,
picture,
two hand written signatures, i.e., the one of the card holder and the one of the civil servant who issued the card,
validity period of the card (five years),
the card number,
the national Registry Number of the holder,
the place of delivery of the card, and
a machine readable ICAO (international civil aviation organization) zone.
All these visual data are also stored on the chip in a so-called identity file. The residence address of the identity card holder is stored separately, in the address file, to allow easy updating during the validity period of the card. The National Registry digitally signs the address file and the identity file to guarantee the link between both files.
The chip on the card can perform digital signatures and key generation. There are no concrete plans to integrate decryption functionalities in the eID. In total, a Belgian eID holds three different private signing keys: one to authenticate the citizen, one for non-repudiation signatures, and one to identify the card itself towards the Belgian government.
The eID is able to compute digital signatures with all of them. For the citizen’s authentication key and non-repudiation signature key, this is only done after the card holder enters a PIN. It is relevant to note here that both certificates also contain the globally unique identifier of the certificate holder.
29 / 45 |