Securing Transactions with the eIDAS Protocols

نویسندگان

  • Frank Morgner
  • Paul Bastian
  • Marc Fischlin
چکیده

The proposed European system for electronic identities, authentication, and trust services (eIDAS) enables remote authentication of an identity card (and selected data of the card) to an eID service. The core system has already been running on the German identity card since 2010. We analyze an extension proposed by Bundesdruckerei that enables the protocol to authenticate further transaction data such as phone numbers or PGP keys. In particular we prove cryptographically that the extension provides strong authenticity guarantees. We also discuss privacy aspects of the solution, preventing the card and the service provider of the eIDAS system to learn the actual transaction data.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Eidas as guideline for the development of a pan European eid framework in futureid

This paper addresses the Regulation on Electronic transactions in the internal market: electronic identification and trust services (eIDAS) and analyses this regulatory framework in relation to the pan European eID infrastructure being developed in the FutureID project. The aim of this paper is to identify if eIDAS sets forward any legal requirements that need to be implemented in the FutureID ...

متن کامل

Towards eIDAS as a Service

Cloud computing promises to provide great advantages and many analysts expect a significant growth of the cloud services market. In a similar manner the forthcoming European regulation on electronic identification and trusted services for electronic transactions in the internal market [eIDAS-EP] is expected to ease electronic identification, authentication and signatures (eIDAS) in Europe. The ...

متن کامل

What's in a name: the conflicting views of pseudonymisation under eIDAS and the General Data Protection Regulation

Pseudonymisation is gaining traction among modern electronic identification systems as a privacy enhancing technique that can significantly reduce risks of personal data misuse. The recently agreed General Data Protection Regulation (the GDPR) encourages the use of pseudonymisation to comply with its requirement of privacy-by-design. Art. 5 of the European Regulation on electronic identificatio...

متن کامل

Challenging eID & eIDAS at University Management

Based on national eID solutions for university scenarios, in this paper eIDAS extensions will be discussed, with benefits and Challenges (from eID to eIDAS)

متن کامل

Attribute-Based Access Control Architectures with the eIDAS Protocols

The extended access control protocol has been used for the German identity card since November 2010, primarily to establish a cryptographic key between a card and a service provider and to authenticate the partners. The protocol is also referenced by the International Civil Aviation Organization for machine readable travel documents (Document 9303) as an option, and it is a candidate for the fu...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2016