A research project funded by the European Commission’s 7th Framework Programme.

ABC4Trust Architecture and the

Benefits for eID Schemes

Cyber Security & Privacy EU Forum

Brussels, 18-19 April 2013

Ioannis Krontiris, Goethe University Frankfurt

08.01.2015

Overview

• Example of German eID

• Privacy problems

• Privacy-ABCs to the rescue

• The ABC4Trust architecture

• Integration to the German eID system

• Privacy-ABCs on Smart Cards

08.01.2015

eIDs in Europe

• A number of eIDs and qualified electronic signatures (QES)

already exist

e-Government services

Healthcare services

Financial services

Online shopping

08.01.2015

The German e-ID system

08.01.2015

Security and Privacy Problems

• eID server knows all user transactions

The eID server traces and links all communications and transactions of

each user

• eID server knows all customers of the service provider

The eID server learns all customers trying to access a specific service

• User impersonation

Insiders can copy or alter user’s credentials and impersonate them to

services.

• Availability

Denial of service attacks against the eID server impacts all applications

using the service.

08.01.2015

Moving Ahead

“As such, privacy-enhanced PKI technologies have

significant potential to enhance existing eID card privacy

functions. Although these technologies have been available

for a long time, there has not been much adoption in

mainstream applications and eID card implementations”

• the available technologies based on Privacy-ABCs use different terminology for their features and even different cryptographic mechanisms to realize them

• the performance of Privacy-ABCs on smart cards (like eIDs) was poor and did not allow practical deployment

• Privacy-ABCs are very complex and hard to understand for non-specialists

08.01.2015

High-level view (user)

7

• technology-agnostic

credential & policy handling

• unified and technology-

independent APIs

08.01.2015

High-level view (presentation)

8

language framework covering

the full life-cycle of

credentials and support all

concepts

08.01.2015

ABC4Trust Interactions and Entities

9

Unlinkability (presentation)

Selective Disclosure

Unlinkability (multi-use)

08.01.2015

• Privacy-ABCs are by default untraceable

IdSPs are not able to track and trace at which sites the user is presenting the

information

• Privacy-ABCs can be obtained in advance and stored

No real-time burden of the IdSP – better scalability

• User-binding

No credential pooling possible – Presentation requires proof of knowledge of a

secret key (stored on a secure device like SC)

• Unlimited number of pseudonyms supported

In addition to which, scope-exclusive pseudonyms can be imposed – user can

only register one pseudonym per scope (URL).

Advantages

10

08.01.2015

German eID Integration

11

R. Bjones, “eParticipation Scenario Reference Guide”, Microsoft, Tech. Rep., October 2010

08.01.2015

ABCs on Smart Cards

• ABCs are practical on smart cards

• We selected a contactless smart card chip with cryptoprocessor

• We found that, using precomputations (coupons):

U-Prove can be made efficient

• Issuance < 260 ms

• Presentation 434 ms for 10 attributes

Idemix can be made efficient

• Issuance 231 ms

• (less clear for presentation)

• Specification and development of the ABC4Trust card are now

underway

12

08.01.2015

Smart Card Architecture

13

32-bit chip made available by Invia

08.01.2015

Ioannis Krontiris {ikrontiris@gmx.de},

Goethe University Frankfurt, Germany

Thank you!