Post on 30-Jul-2015
A research project funded by the European Commission’s 7th Framework Programme.
ABC4Trust Architecture and the
Benefits for eID Schemes
Cyber Security & Privacy EU Forum
Brussels, 18-19 April 2013
Ioannis Krontiris, Goethe University Frankfurt
08.01.2015
Overview
• Example of German eID
• Privacy problems
• Privacy-ABCs to the rescue
• The ABC4Trust architecture
• Integration to the German eID system
• Privacy-ABCs on Smart Cards
08.01.2015
eIDs in Europe
• A number of eIDs and qualified electronic signatures (QES)
already exist
e-Government services
Healthcare services
Financial services
Online shopping
08.01.2015
The German e-ID system
08.01.2015
Security and Privacy Problems
• eID server knows all user transactions
The eID server traces and links all communications and transactions of
each user
• eID server knows all customers of the service provider
The eID server learns all customers trying to access a specific service
• User impersonation
Insiders can copy or alter user’s credentials and impersonate them to
services.
• Availability
Denial of service attacks against the eID server impacts all applications
using the service.
08.01.2015
Moving Ahead
“As such, privacy-enhanced PKI technologies have
significant potential to enhance existing eID card privacy
functions. Although these technologies have been available
for a long time, there has not been much adoption in
mainstream applications and eID card implementations”
• the available technologies based on Privacy-ABCs use different terminology for their features and even different cryptographic mechanisms to realize them
• the performance of Privacy-ABCs on smart cards (like eIDs) was poor and did not allow practical deployment
• Privacy-ABCs are very complex and hard to understand for non-specialists
08.01.2015
High-level view (user)
7
• technology-agnostic
credential & policy handling
• unified and technology-
independent APIs
08.01.2015
High-level view (presentation)
8
language framework covering
the full life-cycle of
credentials and support all
concepts
08.01.2015
ABC4Trust Interactions and Entities
9
Unlinkability (presentation)
Selective Disclosure
Unlinkability (multi-use)
08.01.2015
• Privacy-ABCs are by default untraceable
IdSPs are not able to track and trace at which sites the user is presenting the
information
• Privacy-ABCs can be obtained in advance and stored
No real-time burden of the IdSP – better scalability
• User-binding
No credential pooling possible – Presentation requires proof of knowledge of a
secret key (stored on a secure device like SC)
• Unlimited number of pseudonyms supported
In addition to which, scope-exclusive pseudonyms can be imposed – user can
only register one pseudonym per scope (URL).
Advantages
10
08.01.2015
German eID Integration
11
R. Bjones, “eParticipation Scenario Reference Guide”, Microsoft, Tech. Rep., October 2010
08.01.2015
ABCs on Smart Cards
• ABCs are practical on smart cards
• We selected a contactless smart card chip with cryptoprocessor
• We found that, using precomputations (coupons):
U-Prove can be made efficient
• Issuance < 260 ms
• Presentation 434 ms for 10 attributes
Idemix can be made efficient
• Issuance 231 ms
• (less clear for presentation)
• Specification and development of the ABC4Trust card are now
underway
12
08.01.2015
Smart Card Architecture
13
32-bit chip made available by Invia
08.01.2015
Ioannis Krontiris {ikrontiris@gmx.de},
Goethe University Frankfurt, Germany
Thank you!