Secure Signature Creation Devices (SSCDs)



Similar documents
Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012

ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION

Applying Cryptography as a Service to Mobile Applications

MOBILE SMARTPHONES AS SECURE SIGNATURE-CREATION DEVICES

SSLPost Electronic Document Signing

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

e-authentication guidelines for esign- Online Electronic Signature Service

Secure your Privacy. jrsys, Inc. All rights reserved.

Security Target Lite STARCOS 3.4 Health HBA C1

Advanced Authentication

In accordance with article 11 of the Law on Electronic Signature (Official Gazette of the Republic of Serbia No. 135/04), REGULATION

Secure Data Exchange Solution

CRYPTOGRAPHY AS A SERVICE

Guidelines for the use of electronic signature

Best prac*ces in Cer*fying and Signing PDFs

Danske Bank Group Certificate Policy

PrivateServer HSM Integration with Microsoft IIS

Courtesy Translation

Qualified mobile electronic signatures: Possible, but worth a try?

Device-Centric Authentication and WebCrypto

Key & Data Storage on Mobile Devices

Protection Profile Secure Signature-Creation Device Type 3

Secure Signature Creation Device Protect & Sign Personal Signature, version 4.1

How To Use Cmk On An Ipa (Intralinks) On A Pc Or Mac Mac (Apple) On An Iphone Or Ipa On A Mac Or Ipad (Apple Mac) On Pc Or Ipat (Apple

Mobile OTPK Technology for Online Digital Signatures. Dec 15, 2015

Digital signature in insecure environments

Protection Profiles for TSP cryptographic modules Part 1: Overview

Digital Signatures on iqmis User Access Request Form

French Justice Portal. Authentication methods and technologies. Page n 1

White Paper. Cloud Signing vs. Smartcard Signing

Future directions of the AusCERT Certificate Service

How To Choose An Electronic Signature

Controller of Certification Authorities of Mauritius

Cryptographic Modules, Security Level Enhanced. Endorsed by the Bundesamt für Sicherheit in der Informationstechnik

THREAT MODELLING FOR SECURITY TOKENS IN WEB APPLICATIONS

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

The Costs of Managed PKI:

PrivyLink Cryptographic Key Server *

SLE66CX322P or SLE66CX642P / CardOS V4.2B FIPS with Application for Digital Signature

SecureD Technical Overview

Arkansas Department of Information Systems Arkansas Department of Finance and Administration

Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market

Token User Guide. Version 1.0/ July 2013

Check Point FDE integration with Digipass Key devices

ETSI TS V1.4.3 ( )

Securing Cloud Computing. Szabolcs Gyorfi Sales manager CEE, CIS & MEA

AlphaTrust PRONTO Enterprise Platform Product Overview

Forum of European Supervisory Authorities for Electronic Signatures (FESA) Working Paper on Qualified Certificates for Automatically Signing Systems

ComSignTrust e-signing Solutions

Guidelines for Developing Cryptographic Service Providers (CSPs) for Acrobat on Windows

English version. Guidelines for the implementation of Secure Signature-Creation Devices

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

TrustKey Tool User Manual

Demystifying Digital Signature Usage for Global Business

Electronic and Digital Signatures

FAQs Electronic residence permit

INF O R M A T IO N AB O UT websignatureoffice

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

McAfee Endpoint Encryption Manager

PrivateServer HSM EKM Provider for Microsoft SQL Server

TPM Key Backup and Recovery. For Trusted Platforms

COMMISSION OF THE EUROPEAN COMMUNITIES

CardOS V4.4 CNS. Edition 04/2010. Security Target CardOS V4.4 CNS with Application for QES

Egypt s E-Signature & PKInfrastructure

Incorporating Digital Signing & Encryption in Transactions in the Payment System of Sri Lanka

E-Signatures. Chris Reed. Professor of Electronic Commerce Law

Land Registry. Version /09/2009. Certificate Policy

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

CERTIFICATION PRACTICE STATEMENT UPDATE

Cryptomathic s Response to Eurosmart Paper on Server Signing

Criteria for web application security check. Version

W.A.R.N. Passive Biometric ID Card Solution

CERTIFICATE. certifies that the. Info&AA v1.0 Attribute Service Provider Software. developed by InfoScope Ltd.

Entrust IdentityGuard

Technical Description. DigitalSign 3.1. State of the art legally valid electronic signature. The best, most secure and complete software for

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication

PROXKey Tool User Manual

SEZ SEZ Online Manual Digital Signature Certficate [DSC] V Version 1.2

Case Study: Leveraging TPM for Authentication and Key Security

PHP Magic Tricks: Type Juggling. PHP Magic Tricks: Type Juggling

IDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape

ETSI TS V2.1.1 ( ) Technical Specification

Transcription:

Secure Signature Creation Devices (SSCDs) from different approaches Dr. István Zsolt BERTA istvan.berta@microsec.hu Microsec Ltd.

Requirements for SSCDs Annex III of the e-signature Directive, in plain words: 1. SSCDs must ensure that the signature creation data: (a) is secret and unique; (b) the signature is protected vs. forgery; (c) is reliably protected, only the signatory can use it. 2. SSCDs must not - alter the data to be signed; - prevent the data to be signed from being presented to the signatory. Very high level requirements. More or less common sense.

SSCD as a crypto token data to be signed (DTBS) SCD or private key SSCD signature PIN or auth data auth data (e.g. PIN) verification Stores the private key of the signatory Capable of authenticating the signatory Outputs a signature if the signatory is authenticated only Private key or auth data cannot be retrieved from it Small and simple enough to be secure Usually it is a piece of hardware

Conformity assessment of SSCDs A device is considered an SSCD if its conformity had been assessed by a designated body. Lower level criteria for assessment: Common Criteria, SSCD PP, EAL4+ other criteria based on FIPS 140-X or ITSEC or anything that fulfills the criteria in Annex III of the Directive An SSCD assessed in one Member State is to be recognized in all other Member States

Different approaches to SSCDs Personal devices (e.g. smart card, USB token) Solutions based on a central server Solutions for mass creation of signatures Solutions based on mobile phones etc Let s take a look at some examples!

Smart card Standardized device People can relate to cards (as they use credit cards) Can be personalized Needs a card reader Driver problems, lack of support on various platforms CSPs have little or no bargaining power vs card manufacturers

USB token A personal crypto token, just like a smart card No card reader required It is harder for people to relate to it PIN pad readers cannot be used they are less secure (?) Can be combined with a USB drive / Same driver problems as smart cards

Hardware Security Module (HSM) Personalized HSM storing the private key of one signatory mass signing, great performance expensive for large organizations only Multiple signatories have their keys in an HSM of a central server I do not own my private key how do I authenticate to the HSM??? Not accepted in every member state

Pure software SSCD, without hardware? Why not? It works everywhere! It is possible to backup the private key / My experience: a natural person CANNOT take care of a software based private key Questionable degree of security Can be a viable solution for large organizations who can protect a software key Why the signatory cannot choose the solution that fits her the best?

Mass signing with multiple smart cards Sometimes, in some legal environments mass signing is needed qualified signatures are required an HSM cannot be used as an SSCD Solution: A device containing multiple SSCD smart cards is used for mass creation of signature Such a device is: such a device should not exist a circumvention of legislation a logical response to bad regulation

Mobile phones (1) A mobile phone can be viewed as a personal device. How can we sign using mobile phones? SIM card as an SSCD depends on the telco operator depends on the phone Additional hardware SSCD connected to the phone heavily depends on the phone at least the same driver & compatibility issues as hardware SSCDs in PCs

Mobile phones (2) Software on the mobile phone, so the mobile phone becomes the SSCD depends on the phone is it really secure? phones change a lot, hard to evaluate Server-based solution, phone as authentication does not depend on client platforms I do not have my private key in my pocket can a rouge telco operator sign on my behalf?

Myths, fairy tales, urban legends (1) A QES must be extremely secure! No, it is equivalent with handwritten signatures; a handwritten signature is not secure at all it should be usable; otherwise it shall never be used mass signing: a way of saving money QES is so important that it must be strictly separated from everything else! the same card/pin cannot be used for anything else? this is unrealistic, and makes signatures unusable The signatory must view and accept the document before signing it! this does not happen with handwritten signatures in over 90% of the cases

Myths, fairy tales, urban legends (2) A PIN must be provided for each QES created! what about mass signing? An SSCD MUST establish a secure cypto channel with what? with the human signatory??? with the application? (rules out most applications) with the driver? (what s the point in that?) Security assessment provides additional security evaluation takes LONG, costs a lot of money PC software are complex, there: assessed product = product with known vulnerabilities SSCDs are more simple; is their case different?

Myths, fairy tales, urban legends (3) Smart card readers with PIN pads are more secure PIN pad reader crypto channel The document must be hashed on the SSCD for security does not protect the signatory at all but: it may prevent the signatory from using encryption It is more secure to authenticate the signatory using biometry CEN SSCD PP is a common ground for SSCDs it focuses on crypto tokens only it has many-many different interpretations in encourages circumvention and evaluation tweaking

Conclusions & Recommendations e-signing should be simple, otherwise users will not accept it. Signing is not the purpose of existence, people have other things to do. Mass creation of e-signatures (or e-seals) is a requirement from the market. Natural persons cannot relate to software keys, they can handle a hardware device much better. SSCD PP is suits personal crypto tokens the most. It is often blocking innovation and is often circumvented. The current regulation or current situation with SSCDs is one of the obstacles blocking the market. Relax the requirements, make the technology usable!

Thank you very much!

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information