Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.6: Study on ID Documents
 |
Title: ELECTRONIC SIGNATURES AND PKI |
 |
The process of creating using and verifying a digital signature provides important functions that can be utilised for ID documents in an e-government context:
Firstly, the asymmetric cryptography (PKI) ensures a high level of security in e-communications and of confidentiality of the context of a message sent over the Internet.
Secondly, digital signatures provide authentication of the identity of the signer by attributing the message to the signer; so it is known who participated in a transaction. The rationale of this function is based on the fact that digital signatures cannot easily be forged, unless the signer loses control of his private key either accidentally or intentionally.
Thirdly, the digital signature protects the integrity of the transmitted data so the recipient can be sure that there has been no alteration to the original message.
The non-repudiation of digital signatures can be guaranteed by the involvement of trusted third parties, the certification authorities (CA’s). The CA’s issue a certificate, which attributes explicitly a public key to a specific identity and confirms the identity of the subject of the certificate.
Even though these functions of digital signatures can guarantee security over open networks, certain challenges need to be confronted. The big question is how secure is the security provided by digital signatures?
Risks of Using PKI
The incorporation of PKI can be very valuable to ID documents, however, it should be remembered that it is not without flaws. There are certain basic questions that need to be answered and precautions that should be taken while incorporating PKI in order to make it sufficiently secure and trustworthy.
Private keys are usually stored on a conventional computer, which may not have a secure computing system, adequate network security and other protections. If it is protected by a password, how difficult is it to guess the password? If the key is stored on a smart-card, how attack resistant is the smart-card? If it is stored in a truly attack-resistant device, can an infected driving computer get the trustworthy device to sign something that was not intended to be signed?
For example, Alice’s digital signature does not prove that Alice signed the message, but that her private key did. If her computer were appropriately infected, the malicious code could use her key to sign documents without her knowledge or permission. Even if she needed to give explicit approval for each signature (for example, via a fingerprint scanner), the malicious code could wait until she approved a signature and sign its own message instead of hers.
If an attacker can manage to add his own public key to an existing list of legally registered keys, then he can issue his own certificates, which will be treated exactly like the legitimate certificates. They may match legitimate certificates in every other field except that they would contain a public key of the attacker instead of the correct one.
A key has a cryptographic lifetime. It also has a theft lifetime, as a function of the vulnerability of the subsystem storing it, the rate of physical and network exposure, attractiveness of the key to an attacker, etc. From these, one can compute the probability of loss of key as a function of time and usage. What probability threshold is used to consider a key invalid?
Certification authorities (forming the backbone of PKI) are vital to the use of digital signatures. However, some jurisdictions have no specific regulation dealing with certification authorities. The EU Directive prohibits mandatory prior authorisation schemes but does allow member states to set up voluntary accreditation schemes for certification authorities. If the PKI system has to have any value in terms of security, the certificate authorities have to be trusted sources. In certain countries, the government itself assumes the role of being the Certification authority.
Conclusion
The use of PKI in ID documents can guarantee time and cost-efficiency in the bureaucratic procedures by facilitating the handle, process, storage and transmission of data. However, countries have to find a means to overcome security problems arising from the use of PKI. For instance, in the Finnish eID system, private keys are held only by the certificate holder (e.g. on the ID card chip) and can be utilised only after inputting the PIN codes, but even then they cannot be read from the card. The PIN codes are known only to the cardholder, and he or she can change them, when necessary. Three false attempts at inputting the PIN code locks the card.
It remains to be answered as to whether the questions and problems as stated above have been considered by member states and if so, if they have been effectively overcome in identity documents using PKI.
| |
   |
|
| Denis Royer | 45 / 56 |
