The New German eID Card: Concepts, Technologies and ... · PDF fileThe New German eID Card:...
Transcript of The New German eID Card: Concepts, Technologies and ... · PDF fileThe New German eID Card:...
1
The New German eID Card: Concepts, Technologies and Opportunities
Ulrich WaldmannFraunhofer Institute SIT
DESY Computing Seminar17 January 2011, Hamburg
2
Agenda
Fraunhofer-Institute SIT
Basics of the new eID Card
Application Scenarios
Security Concepts
Special Requirements
Challenges
Summary and Outlook
3
Who is Fraunhofer?
Munich
Darmstadt
Birlinghoven(near Bonn)
Joseph von Fraunhofer (1787-1826), inventor & entrepreneur
Fraunhofer Society in Germany
Largest application-oriented research organization
59 institutes, 17,000 staff
€ 1.6 billion annual research budget
€ 1.3 billion of this through contract research
Fraunhofer SIT: Institute for Secure Information Technology
Leading expert for IT Security
Competence Center new eID Card
Cooperation with public authorities
Consulting about eID Card integration
Security Testing
5
Who else receives my personal data?
Typical Questions on the Internet
Citizen
Service providers usually do not identify themselves
Is the service trustworthy?
Service Provider of eBusiness or eGovernment
What is my password?
What is the correct zip code?
Where can I complain?
What do they need my date of birth for?
Have I registered before?
How can I verify address & zip code?
Is this person really over 18?
Is the name spelling correct? Is this customer already in my CRM system?
What is my account name?
German Answer since November 1st, 2010: new eID Card
Does the requesting person really exist?
Citizens must identify themselves, usually giving away their data privacy
6
Physical Card
Polycarbonate in cash card format (ID-1)
Outer security features, e.g. guilloche, holograms, laser engraving
Integrated contactless microprocessor chip
Obligatory for citizens from age of 16
Validity: 10 years
Card Access Number (CAN)
Serial Number
Personal Data
Machine-Readable Zone (MRZ) - Doc-Type, Serial Number- Date of Birth- Date of Expiry- Name, Given Name
Date of Expiry
7
Why use a contactless Chip?
Durable, user-friendly, cost-efficient, flexible
Card reader compatible to contactless passport
Reliable technology
ISO 14443 interface (Type A and B) at 13,56 MHz
Energy transfer by inductive coupling
Data transfer by load modulation up to 847 kBit/s
Operating range at max. 3-5 cm
eID CardCard Reader
Power Supply
Transponder
Load Modulator
Magnetic Field
Source: http://RFID-handbook.com
8
What Data are in the Chip?
ePass Application for Inspection Systems (offline)
- Face Image
- 2 Fingerprint Images (optional)
- MRZ data (Name, Given Name, Date of birth etc.)
eID Application for eGovernment / eBusiness (offline / online)
- Family Name, Given Name
- Religious / Artistic Name
- Doctoral Degree
- Date of Birth
- Place of Birth
- Address
- Community ID
- Issuing State, Date of Expiry
- Verification of Age
- Verification of Community
- Restricted Identification (Pseudonym)
- Revocation Feature
eSign Application for eGovernment / eBusiness (offline / online)
- Signature key
- Signature certificate (X.509)
For qualified electronic signature according to the German Signature Law
Mandatory Opt-out / opt-in Optional download
9
Data Protection Functions 1
Verification of Age
For age-dependent access restrictions
- avoids disclosure of date of birth
Verification of a given date
If date of birth stored in the chip is before or equal: OK
Verification of Community
For regional services, e.g. restricted to a certain city
- avoids disclosure of address
Verification of a given community ID
If community stored in the chip is identical: OK
Yes, I am older than 18!
Yes, I live in Darmstadt, Germany
10
Data Protection Functions 2
With you my name is 0x312D7582F871
With you my revocation feature is 0x49A77F285D52
Pseudonym
For pseudonymous access and recognition
- avoids disclosure of personal data
Card- and service-specific identifier
calculated from service identifier and card’s secret
Unchainable
Revocation Feature
For check of card- and service-specific revocation lists
- avoids disclosure of pseudonyms
Computed like pseudonym, but from other card’s secret
Just as unique per card and service provider
12
Use Cases of the eID Function
Citizen
Service provider identifies himself by means of authorization certificate
Citizen identifies herself by means of the eID Card
Citizen and service provider can rely on the identity of the opposite party
This is really the service I trust and want to communicate with
Service Provider
May replace account name / password
May replace appearance in person
Yields person-related data of high quality
The requesting person really exists
13
eID Function vs. eSign Function
eSign Function
"This I have signed"
Legally binding statement of intention
Optional download from accredited certification
authority (additional costs)
Display of document / email to-be-signed
Entry of eSign-PIN to sign document
Transmission of signed document
Example: Signing of contracts or
transactions
eID Function
"This I am"
Snapshot without enduring evidence
Included at card issuance,
opt-in at registry office
Display of service provider's identity
and requested data fields
Entry of eID-PIN to release eID data
Transmission of eID data
Examples: Registration as a customer,
opening of a bank account
Document
......
......name, address, …
14
Pseudonymous Access Age Verification Public Services
eKiosk
/ Information Desk Electronic Signature
Barrier-free Internet ServicesAccess ControlsOnline Registration
Automatic Form Completion
Use Case Examples
17
The "Extended Access Control" (EAC)
eID ServerCard Reader / PC
PIN inside
eID Card Chip
I don't get it! eID Server (= Terminal)Card Reader / PC
Card security based on Diffie-Hellman, Elliptic Curves and AES
PACE, Password-Authenticated Connection Establishment
Chip verifies Authentication Certificate of the Service Provider
Terminal Authentication (TA) + Chip Authentication (CA)
Result: Secure Channel between card reader and eID Card
Result: Secure Channel between eID Card and eID Server
eID-PIN
eID Card Chip
18
How does the eID Card enforce EAC?
Internal access rules of eID data with security condition
1. PACE with entry of a password
2. TA with Authorization Certificate
3. CA
Example 1: Updating the address by a registry office
Condition: PACE with CAN
+ TA with authorization "CAN allowed" + "Update Address"
+ CA Secure Channel
Example 2: Reading the address by a service provider
Condition: PACE with eID-PIN
+ TA with authorization "Read Address"
+ CA Secure Channel
18
PACETA
CA
19
Who can get access to the eID Data?
ePass Application for Inspection Systems (offline)
- Face Image
- 2 Fingerprint Images (optional)
- MRZ data (Name, Given Name, Data of birth etc.)
eID Application for eGovernment / eBusiness (offline / online)
- Family Name, Given Name- Religious / Artistic Name- Academic Title- Date of Birth- Place of Birth- Address-Community ID- Issuing State, Date of Expiry
- Verification of Age- Verification of Community- Pseudonym- Revocation Feature
eSign Application for eGovernment / eBusiness (offline / online)
- Signature key
- Signature certificate (X.509)
For qualified electronic signature according to the German Signature Law
CardSecurity
Signed info about public chip authentication key Readable after PACE, TAVerifiable by Passive Authentication
Card Access Number (CAN)
eID-PIN
MRZ Password
Personal Unblocking Key (PUK)
Accessible after PACE, TA, CA
Private Key for Chip Auth.
Private Key for Restricted Ident.
Public Root Key (Trust anchor)
Accessible after PACE, TA, CA
Private Key for Revocation
Accessible after PACE, TA
- Read by Inspection System after PACE with CAN or MRZ, TA, CA
- Verified by Passive Authentication (signed data)
- Read by Authentication Terminal of service provider after PACE with eID-PIN, TA, CA
- Read by Inspection System after PACE with CAN or MRZ, TA , CA
- Updated (address, community ID) by terminal of registry office after PACE with CAN, TA, CA
- Downloaded from Authentication Terminal of Certification Authority after PACE with eID-PIN, TA, CA
- Used by Signature Terminal after PACE with CAN, TA, CA and entry of eSign-PIN
20
Structure of Authorization Certificate
Card Verfiable Certificate
Certificate Body
Certificate Profile Identifier
Certification Authority Reference
Public Key
Certificate Holder Reference
Certificate Holder Authorization Template
(Flags for roles, permissions to write, read, use special functions)
Certificate Effective Date
Certificate Expiration Date
Certificate Extensions
Hash of Certificate Description
(issuerName, issuerURL, subjectName, subjectURL,
termsOfUsage, redirectURL, commCertificates)
Hash of Terminal Sector
(service identifier)
Signature
21
PKI of Authorization Certificates
3-level authorization PKI
Country Verifying Certification Authority (CVCA)
German Root of authorization PKI
Authorizes Document Verifying CAs
Document Verifying Certification Authority (DVCA)
Issuer of authorization certificates
Terminals
Holder of authorization certificates
22
Types of Authorization Certificates
Authorization certificates are CVCs of service providers
Used during Terminal Authentication
Special authorizations towards eID card according to terminal type
Certificates of inspection systems
Access to ePass + eID application for police + border control (offline)
Certificates of authentication terminals
Access to eID application for eGovernment / eBusiness (remote, online)
Certificates of signature terminals
Access to eSign application for eID cardholder (local, offline)
23
Card-Verifiable Certificate (CVC)
Card verifies the certificate signature (≠ X.509)
Chip with public Root key as trust anchor
Card evaluates certificate attributes (≠ X.509)
Imports certified public key
Imports authorizations of certificate owner
CVCs interoperable + flexible
Compact + self-descriptive (ASN.1 Tag-Length-Value)
Any length of certificate chains
Cross- and link-certificates
24
CVC-based Authentication
Card verifies certificate chain
Chip verifies first CVC with Root key
Verification of subsequent certificate with each imported public key
Last certificate belongs to entity, which wants to authenticate
Authentication of opposite entity
Card verifies that entity is correct certificate holder
Card grants access according to authorizations
Mutual authentication with establishment of a secure channel
25
Verification of Certificate Validity
Card without battery and clock
Storage of approximated current date
Update with Certificate Effective Date of certificates
Rejection, if Certificate Expiration Date < current date
Official time update service
Online update by means of special certificates
Certificates without any authorizations
No subsequent authentication
26
Certificate Life
Entity Application Validity
CVCA Sign / verify DVCA certificates 3 years (useful life) + 1 month (overlap time)
DVCA Sign / verify terminal certificates 3 months + 14 days
Inspection system with distributed terminal
Read ePass + eID data 1 month + 2 days
Inspection systemwith integrated terminal
Read ePass + eID data 1 day + 1 day
Official authentication terminal, with distributed terminal
Read ePass + eID data, update service 1 month + 2 days
Official authentication terminal with integrated terminal
Read ePass + eID data, update service 1 day + 1 day
Non-official auth. terminal with integrated terminal
Read eID data, update service, restricted identification
1 day + 1 day
Non-official auth. terminalwith integrated terminal
verification of age and community ID, download service QES
1 month + 2 days
Non-official auth. terminal with distributed or integrated t.
Special regulation for vending machines, verification of age
1 month + 7 days
Signature terminal (integrated) Create electronic signatures (QES) 3 years + 1 month
27
The 10 Steps of Online Identification
Web Server
eID Server
Citizen
Web Browser
eID Client
Call of Website: HTTP GET
5 Plug-In starts eID Client
6 User interaction,finally entry of eID-PIN
TLS with PAOS binding
CVC
X.509X.509
X.509X.509
X.509
X.509X.509
X.509X.509
TLS SAML
TLS SAMLAuthorizationCertificate
1
Forwarding of SAML Response in HTTP POST9SAML Request in GET of HTTP Redirect2
Response: Welcome to Service!10
eID function: EAC, transmission of eID data via eCard API
7
SAML Response in POST of HTTP Redirect
8HTML with special MIME type + parameters, PSK
4Forwarding of SAML Request: HTTP GET
3TLS with HTTPS
34
What does the Citizen need?
eID Card with activated eID function
Knowledge of 6-digit eID-PIN
PC with Internet access
Certified Hard- and software
Contactless card reader
Basic: without PIN Pad
Standard: with PIN Pad
Comfort: with PIN Pad, display, Authorization Certificate for eSign
eID Client software ("AusweisApp")
Communication with eID Card + eID Server
Available for Windows, Linux, Mac OS X
Later also as Open Source Software
35
What does the Service Provider need?
Integration of eID application
Connection to an eID Server
Application for authorization
Application with Federal Administration Office (BVA)
Extract from Commercial Register
Description of service
Terms of usage
Justification for requested eID data
Responsible data protection authority
Authorization certificate
Short-living certificates (2 days valid)
36
What is different from other Cards?
Client-Server Authentication
with eID Card
Server has "Authorization Certificate", i.e.
a Card Verifiable Certificate (CVC)
eID Card imports CVC
including access rights to eID data
Client has eID Card with private key that is the
same on many cards
Access to eID Card via eCard API
eID Card + server establish
Secure Channel (End-to-End)
Server reads data from the eID Card
Client-Server Authentication
with standard smart card
Server has X.509 certificate
- not verified by the card
Client has card with X.509 certificate and
individual private key
Access to card via PKCS#11
Client software + server establish
TLS channel
37
Essential: eCard API Framework
Use of various eCards (e.g. eID Card) for different applications
Web service-oriented access to eCards
Basis of eID Client, eID Server, eID function
Citizen with eID Client
eID function: EAC, transmission of eID data
eID Server
eCard Convenience User Interface
Mgmt. InterfaceeCard Interface
ISO 24727-3 Interface,Generic Card Services,Cryptographic Primitives
Card Reader Interface,eCard Communication
39
Challenges of Introducing an eID Card
New processes, e.g. in registration offices
New organizational units,
e.g. registration authority
Technical specifications
Development, test & certification
Technical infrastructure
Right of informational self-determination
New Identity Card Law & regulations
Change of Signature Law etc.
Technical
Legal
Organizational
User Acceptance ??
40
Challenge of Infrastructure
Certification AuthoritieseID cardseID clientSupport, e.g. deactivation
Apply for eID cardsRevoke and
withdraw revocation Authorization certificates,
Revocation lists
Certificates
Forward revocation /withdrawal
Notify authorizationRevocation lists
Contract
Apply for authorization certificates
Technical guidelines,Certification of components
Chip cards
eID cards
Web Server of Service Provider
eID function
Use of the web service
eID data
Citizen
eID Server
Holder of eID Card, card reader, eID client
Federal Office of Administration (BVA)
Registration authorityFederal Ministry of the Interior (BMI)
Local Registry Offices, Citizen Service Center
Responsible for eID card
Bundesdruckerei, D-Trust
eID card issuer, certification authorityTechnical support, training, testing, information
certificatesCompetence Center eID Card
Federal Office for Information Security (BSI)
Root Certification Authority (PKI)
Component Manufacturers
Chip cards, card readers, eID client + eID server software
41
ISO 14443: Contactless Interface
Challenge of Technical Specification
Chip Functionality
ISO 7816: Card Security Architecture + Commands
BSI TR-03110: Security Protocols (EAC)
BSI TR-03111: Elliptic Curves
BSI TR-02102: Algorithms, Key Lengths
BSI TR-03116-2: Cryptographic Requirements
European Specifications of Card Applications
CEN EN 14980: European Signature Card
CEN TS 15480: European Citizen Card
BSI TR-03117: Contactless Signature Cards
BSI TR-03127: eID Card Architecture
Specification of Card Operating System
ICAO Doc 9303: Data Structures + Security ProtocolsMiddleware
BSI TR-03112 eCard API
CEN TS 15480: European Citizen Card, Part 3: App. Interface
ISO 24727: Integrated Circuit Card Programming Interfaces
BSI TR-03119: Card Readers
BSI TR-03130: eID Server
Evaluation and Certification
BSI PP SSCD
BSI PP eID
German Signature Law/ Signature Act
ISO 15408: Common Criteria V3.1
BSI TR-03105-3.3 and 5.2: Conformity tests, eID, readers
43
Summary
eID Card enforces mutual proof of identity
Secure and data protective authentication
Benefit for citizens and service providers
eID Card demands rethinking
Card Verifiable Certificates
eCard API implementations
Authorization of services
eID Card allows for more trust on the Internet
Sovereign rollout + Root PKI
New business models and customers?
Optimization of processes?
44
Outlook
Implementation period
Specification work since 2006
Setup and testing > 2 years
Integration into a service > 3 months
20 services ready at end of 2010
Rollout of German eID Cards
ca. 12 million citizens with eID Cards at end of 2011
European perspective
National solutions incompatible
EU project STORK for eID interoperability
Specification of European Citizen Card
45
Going Life since 1 November 2010
Application for new eID card possible since 1 November 2010
Delivery period: ~2-4 weeks
Available eID Server / eID Service provider
bremen online services GmbH & Co. KG
Bundesdruckerei GmbH
Deutsche Post GmbH, business area: SignTrust
]Init[ AG
media transfer AG
OpenLimit SignCubes GmbH
Current list of all eID Service providers:
www.Personalausweisportal.de Partner werden
46
Available Services in 2011
Application test participant Test scenario
Air Berlin PLC & Co. Luftverkehrs KG Fluggastabfertigung
Allianz Deutschland AG Kundenserviceprozesse im Versicherungsportal
Anstalt für Kommunale Datenverarbeitung in Bayern (AKDB) KFZ-Zulassungsverfahren OK.VORFAHRT u.a.
ARGE eKfz Teilprojekte eKFZ u.a.
Bayerisches Landesamt für Steuern, Bereich IUK, Verfahrens- Management ELSTER (BLSt-ELSTER)
Registrierungsverfahren für die Teilnahme am ELSTER-Verfahren über das Elster-Online-Portal (elektronische Steuererklärung)
CosmosDirekt Versicherungen Authentisierte Willenserklärungen / Mitteilungen
Datenzentrale Baden-Württemberg (DZB) Online Gewerbeanzeige des Kommunalen Gewerbemanagements (KoGeMa)
Deutsche Kreditbank (DKB) Direktbank
Deutsche Rentenversicherung (DRV) eService der Deutschen Rentenversicherung
d-hosting die rackspace & Connectivity GmbH im Auftrag der Selbsthilfeverbände von Menschen mit Behinderungen
Verfahren für Menschen mit Behinderung oder chronischen Erkrankungen
FRITZ & MACZIOL GmbH Elektronisches Abfallnachweisverfahren (eANV)
Fujitsu Technology Solutions GmbH "Fujitsu Online Shop Deutschland"
Gothaer Allgemeine Versicherung AG Antragstellung
Hagener E-Government Konsortium (Stadt Hagen, HABIT, Fernuniversität Hagen, SAP, u.a.)
Kommunale Verwaltungsdienstleistungen im virtuellen Rathaus21
47
Available Services in 2011
Application test participant Test scenario
HSH Soft- und Hardware Vertriebs GmbH E-Bürgerservice
HUK24 AG Online-Versicherungen
Informatikzentrum der Sparkassenorganisation GmbH (SIZ) Online-Beantragung von qualifizierten elektronischen Signaturen
]Init[ AG in Zusammenarbeit mit AG Extrapol der Polizeien des Bundes und der Länder
Länderübergreifenden Polizeizusammenarbeit auf der Plattform EXTRAPOL
InterCard AG Kundenkarte mit Zahlfunktion
Lotterie-Treuhandgesellschaft Glücksspiel
LVM-Versicherungen Authentifizierung, Portalzugang, Adressübernahme
Provinzial Rheinland AG Versicherungsbeantragung
Schufa Holding AG Verbraucherportal „meineschufa.de“ und Online- Antrag zur Eigenauskunft
Tönjes Holding AG Identitätsnachweis bei Kfz - Online - Zulassungen
T-Systems in Zusammenarbeit mit dem Innenministerium Baden-Württemberg
Verwaltungsdiensteportal des Landes Baden- Württemberg „mein service-bw“ und EU-DLR (Teilbereiche)
Umweltbundesamt - Deutsche Emissionshandelsstelle (DEHSt)
Antrag auf Zuteilung von Emissionszertifikaten und Emissionsberichterstattung
Verkehrsverbund Rhein-Ruhr (VRR) eTicket-System
Willi Weber GmbH & Co. Kg Altersverifikation an Zigarettenautomaten
Complete list of services: www.Personalausweisportal.de Neue Möglichkeiten
48
Security Flaw of the AusweisApp
Course of Events
Release of AusweisApp on 8 November 2010
Jan Schejbal (TUD, Piratenpartei) describes a security flaw on 9 November
Update function verifies certificate without verification of hostname
Spoofing attacks + infiltration of false updates possible
Update function downloads ZIP file, unzips and verifies signature
Directory traversal possible: direct unzip of any files into file system
(e.g. Trojan in Windows auto boot)
Analysis and Bug fixing
Validation of security flaw by Fraunhofer SIT
Forward of preliminary results to project management
Withdrawal of download facility
Relaunch on 3rd January 2011
49
Thank you for your attention!
Ulrich Waldmann
Phone: +49 (0)6151 869 222
Fraunhofer Institute SIT
Rheinstr. 75
64295 Darmstadt
www.sit.fraunhofer.de/en
51
Selected Readings
BSI Website: www.bsi.bund.de -> Topics -> Electronic ID documents
-> Electronic ID Card, Security Mechanisms
BSI: Technical Guidelines, www.bsi.bund.de -> Publikationen -> Technische Richtlinien
TR-03127: Architektur elektronischer Personalausweis (English version pending)
TR-03112-7: eCard-API-Framework - Part 7: Protocols
TR-03110: Advanced Security Mechanisms for Machine Readable Travel Documents
J. Eichholz, D. Hühnlein, J. Schwenk: SAMLizing the European Citizen Card,
in: Proceedings of "BIOSIG 2009: Biometrics and Electronic Signatures", available via
www.ecsec.de/pub/SAMLizing-ECC.pdf
Walter Fumy and Manfred Paeschke (eds.):
Handbook of eID Security - Concepts, Practical Experiences, Technologies,
Publicis Publishing, December 15th, 2010, ISBN: 978-3-89578-3791
52
Abbreviations
AES
API
BSI
CA
CAN
CEN
CRM
CVC
CVCA
DVCA
EAC
eID
EN
ICAO
ISO
MRZ
Advanced Encryption Standard
Application Programming Interface
(German) Federal Office for
Information Security
Chip Authentication
Card Access Number
Comité Européen de Normalisation
Customer Relationship Management
Card-Verifiable Certificate
Country Verifying Certification Authority
Document Verifying Certification Authority
Extended Access Control
electronic Identification
European Norm
International Civil Aviation Organization
International Organization for Standardization
Machine-Readable Zone
PACE
PAOS
PKCS
PKI
PP
PSK
SAML
SOAP
SSCD
TA
TLS
TR
TS
X.509
Password-Authenticated
Connection Establishment
Reverse SOAP
Public Key Cryptography Standards
Public Key Infrastructure
Protection Profile
Pre-Shared Key
Security Assertion Markup Language
(no acronym) A Web service protocol
Secure Signature Creation Device
Terminal Authentication
Transport Layer Security
(German) Technical Guideline
Technical Specification
A standard certificate format for PKI