Abstract
The extended access control protocol has been used for the German identity card since November 2010, primarily to establish a cryptographic key between a card and a service provider and to authenticate the partners. The protocol is also referenced by the International Civil Aviation Organization for machine readable travel documents (Document 9303) as an option, and it is a candidate for the future European eIDAS identity system. Here we show that the system can be used to build a secure access system which operates in various settings (e.g., integrated, distributed, or authentication-service based architectures), and where access can be granted based on card’s attributes. In particular we prove the protocols to provide strong cryptographic guarantees, including privacy of the attributes against outsiders.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Dagdelen and Fischlin actually show a slight modification of EAC (with an independent authentication key) to be a BR-secure protocol; without this modification such a proof cannot go though. We also adopt this approach here, but as pointed out in [16] one can in principle use the strategy in [13, 14] to lift this to a security for the original protocol, at the cost of a more complicated proof.
- 2.
The proof relies on the unforgeability of signatures only to ensure that the adversary cannot inject its own ephemeral key, which is guaranteed by construction here.
References
Bundesamt für Sicherheit in der Informationstechnik (BSI): Advanced Security Mechanism for Machine Readable Travel Documents – Extended Access Control (EAC), Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI). BSI-TR-03110, Version 2.0 (2008)
Bundesamt für Sicherheit in der Informationstechnik (BSI): Technical Guideline TR-03110-2: Advanced Security Mechanisms for Machine Readable Travel Documents and eIDAS Token, Part 2, Protocols for electronic IDentification, Authentication and trust Services (eIDAS). BSI-TR-03110, Version 2.20 (2015)
Bundesamt für Sicherheit in der Informationstechnik (BSI): Technical Guideline TR-03110-3: Advanced Security Mechanisms for Machine Readable Travel Documents and eIDAS Token, Part 3, Common Specifications. BSI-TR-03110, Version 2.20 (2015)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001). doi:10.1007/3-540-45682-1_30
Morgner, F.: Transaktionsabsicherung mit der Online-Ausweisfunktion. Kryptographische Bindung von Transaktionsdaten an den Personalausweis. Presentation, CeBit 2014, March 2014
Bastian, P.: Physical Access Control Systems Using Asymmetric Cryptography, Master-Arbeit, Humboldt-Universität zu Berlin (2015)
Bellare, M., Anand Desai, E., Jokipii, P.R.: A concrete security treatment of symmetric encryption. In: FOCS, pp. 394–403. IEEE (1997)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). doi:10.1007/3-540-48329-2_21
Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: The PACE\(|\)AA protocol for machine readable travel documents, and its security. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 344–358. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32946-3_25
Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: Domain-specific pseudonymous signatures for the German identity card. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 104–119. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33383-5_7
Bender, J., Fischlin, M., Kügler, D.: Security analysis of the PACE key-agreement protocol. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 33–48. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04474-8_3
Bender, J., Fischlin, M., Kügler, D.: The PACE\(|\)CA protocol for machine readable travel documents. In: Bloem, R., Lipp, P. (eds.) INTRUST 2013. LNCS, vol. 8292, pp. 17–35. Springer, Heidelberg (2013). doi:10.1007/978-3-319-03491-1_2
Brzuska, C.: On the Foundations of Key Exchange. Dissertation, Technische Universität Darmstadt (2013). http://tuprints.ulb.tu-darmstadt.de/id/eprint/3414
Brzuska, C., Fischlin, M., Smart, N.P., Warinschi, B., Williams, S.C.: Less is more: relaxed yet composable security notions for key exchange. Int. J. Inf. Sec. 12(4), 267–297 (2013)
Coron, J.-S., Gouget, A., Icart, T., Paillier, P.: Supplemental access control (PACE v2): security analysis of PACE integrated mapping. In: Naccache, D. (ed.) Cryptography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 207–232. Springer, Heidelberg (2012). doi:10.1007/978-3-642-28368-0_15
Dagdelen, Ö., Fischlin, M.: Security analysis of the extended access control protocol for machine readable travel documents. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 54–68. Springer, Heidelberg (2011). doi:10.1007/978-3-642-18178-8_6
Hanzlik, L., Kutylowski, M.: Restricted identification secure in the extended Canetti-Krawczyk model. J. UCS 21(3), 419–439 (2015)
Hanzlik, L., Krzywiecki, Ł., Kutyłowski, M.: Simplified PACE\(|\)AA protocol. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 218–232. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38033-4_16
International Civil Aviation Organization: Doc 9303, Machine Readable Travel Documents, Part 11, Security Mechanisms for MRTDs, 7th edn. (2015)
Jager, T., Kohlar, F., Schäge, S., Schwenk, J.: On the security of TLS-DHE in the standard model. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 273–293. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32009-5_17
Kutyłowski, M., Krzywiecki, Ł., Kubiak, P., Koza, M.: Restricted identification scheme and Diffie-Hellman linking problem. In: Chen, L., Yung, M., Zhu, L. (eds.) INTRUST 2011. LNCS, vol. 7222, pp. 221–238. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32298-3_15
Morgner, F., Bastian, P., Fischlin, M.: Securing transactions with the eIDAS protocols. In: Foresti, S., Lopez, J. (eds.) WISTP 2016. LNCS, vol. 9895, pp. 3–18. Springer, Heidelberg (2016). doi:10.1007/978-3-319-45931-8_1
Paterson, K.G., Ristenpart, T., Shrimpton, T.: Tag size Does matter: attacks and proofs for the TLS record protocol. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 372–389. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25385-0_20
Rogaway, P.: Evaluation of some blockcipher modes of operation. Cryptography Research and Evaluation Committees (CRYPTREC) for the Government of Japan, February 2011
Acknowledgments
We thank the anonymous reviewers of SSR 2016 for valuable comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Security Notions of Cryptographic Primitives
A Security Notions of Cryptographic Primitives
This part of the paper here is almost verbatim from the full version of [9].
Message Authentication Codes. A message authentication code \(\mathcal {M}\) consists of three efficient algorithms \((\textsf {MKGen},\textsf {MAC},\textsf {MVf})\) where \(\textsf {MAC}(k,m)\) maps any key k generated by key generation algorithm \(\textsf {MKGen}\) and any message m to a MAC (resp. tag) T which is verifiable with the help of \(\textsf {MVf}(k,m,T)\) with binary output. Completeness demands again that for any valid key k and any message m the value \(T\leftarrow \textsf {MAC}(k,m)\) makes \(\textsf {MVf}(k,m,T)\) return 1.
We require that the message authentication code \(\mathcal {M}\) is unforgeable under adaptively chosen-message attacks. That is, the adversary is granted oracle access to \(\textsf {MAC}(k,\cdot )\) and \(\textsf {MVf}(k,\cdot ,\cdot )\) for random key k generated by \(\textsf {MKGen}\) and wins if it, at some point, makes a verification query (m, T) about a message m which has not been sent previously to \(\textsf {MAC}\), and such that \(\textsf {MVf}\) returns 1 for this message. We denote by \({\mathbf {Adv}}^{\text {forge}}_{\mathcal {M}}(t,q_m,q_v)\) a (bound on the) value \(\epsilon \) for which no attacker in time t can win (making at most \(q_m\) MACs queries and \(q_v\) verification queries) with probability more than \(\epsilon \). For a concrete attacker \(\mathcal {A}\) we write \({\mathbf {Adv}}^{\text {forge}}_{\mathcal {A},\mathcal {M}}(n)\) to denote the fact that \(\mathcal {A}\) attacks the scheme in the above sense (for security parameter n).
Signatures and Certificates. A signature scheme \(\mathcal {S}=(\textsf {SKGen},\textsf {Sig},\textsf {SVf})\) consists of efficient algorithms for creating key pairs \((\textit{sk},\textit{pk})\), signing messages \(s\leftarrow \textsf {Sig}(\textit{sk},m)\), and verifying signatures, \(d\leftarrow \textsf {SVf}(\textit{pk},m,s)\) with \(d\in \{0,1\}\). It must be that for signatures created under valid key pairs \(\textsf {SVf}\) always returns 1 (correctness). Unforgeability says that no algorithm should be able to forge the signer’s signature. That is, a signature scheme \(\mathcal {S}=(\textsf {SKGen},\textsf {Sig},\textsf {SVf})\) is \((t,q_s,\epsilon )\)-unforgeable if for any algorithm \(\mathcal {A}\) running in time t the probability that \(\mathcal {A}\) outputs a signature to a fresh message under a public key is \({\mathbf {Adv}}^{\text {forge}}_{\mathcal {S}}(t,q_s)\) (which should be negligible small) while \(\mathcal {A}\) has access (at most \(q_s\) times) to a singing oracle. As before, for a concrete attacker \(\mathcal {A}\) we write \({\mathbf {Adv}}^{\text {forge}}_{\mathcal {A},\mathcal {S}}(n)\) to denote the fact that \(\mathcal {A}\) attacks the scheme in the above sense (for security parameter n).
We also assume a certification authority \(\text {CA}\), modeled like the signature scheme through algorithms \(\mathcal {CA}=(\textsf {CKGen},\textsf {Certify},\textsf {CVf})\), but where we call the “signing” algorithm \(\textsf {Certify}\). This is in order to indicate that certification may be done by other means than signatures. We assume that the keys \((\textit{sk}_\text {CA},\textit{pk}_\text {CA})\) of the \(\text {CA}\) are generated at the outset and that \(\textit{pk}_\text {CA}\) is distributed securely to all parties (including the adversary). We also often assume that the certified data is part of the certificate. We define unforgeability for a certification scheme \(\mathcal {CA}\) analogously to signatures, and denote the advantage bound of outputting a certificate of a new value in time t after seeing \(q_c\) certificates by \({\mathbf {Adv}}^{\text {forge}}_{\mathcal {CA}}(t,q_c)\). We assume that the certification authority only issues unique certificates in the sense that for distinct parties the certificates are also distinct; we besides assume that the authority checks whether the keys are well-formed group elements. For a concrete attacker \(\mathcal {A}\) we again write \({\mathbf {Adv}}^{\text {forge}}_{\mathcal {A},\mathcal {CA}}(n)\) to denote the fact that \(\mathcal {A}\) attacks the scheme in the above sense (for security parameter n).
Second Preimage Resistance. We say that the compression function \(\text {Compr}\) is \((t,\epsilon )\)-second preimage resistant if the probability \({\mathbf {Adv}}^{\text {SecPre}}_{\text {Compr}}(t)\) of finding to a random ephemeral public key \(\textit{epk}_T\) another key \(\textit{epk}_T^*\) with the same compressed value is bounded by \(\epsilon \). For a concrete attacker \(\mathcal {A}\) we again write \({\mathbf {Adv}}^{\text {SecPre}}_{\text {Compr}}(t)\) to denote the fact that \(\mathcal {A}\) finds a second preimage in the above sense (for security parameter n).
Gap Diffie-Hellman Problem. We need the following gap Diffie-Hellman problem [4]. For a group \(\mathcal {G}\) generated by \(g\) let \(\text {DH}(X,Y)\) be the Diffie-Hellman value \(X^y\) for \(y=\log _gY\) (with \(g\) being an implicit parameter for the function). Then the gap Diffie-Hellman assumption says that solving the computational DH problem for \((g^a,g^b)\), i.e., computing \(\text {DH}(g^a,g^b)\) given only the random elements \((g^a,g^b)\) and \(\mathcal {G},g\), is still hard, even when one has access to a decisional oracle \(\text {DDH}(X,Y,Z)\) which returns 1 iff \(\text {DH}(X,Y)={Z}\), and 0 otherwise. We say that the GDH problem is \((t,q_\text {DDH},\epsilon )\)-hard if no algorithm can in time t compute the DH value with probability larger than \(\epsilon \), if making at most \(q_\text {DDH}\) queries. We let \({\mathbf {Adv}}^{\text {GDH}}_{\mathcal {G}}(t,q_\text {DDH})\) denote (a bound on) the value \(\epsilon \) for which the GDH problem is \((t,q_{DDH},\epsilon )\)-hard. For a concrete attacker \(\mathcal {A}\) we write \({\mathbf {Adv}}^{\text {GDH}}_{\mathcal {A},\mathcal {G}}(n)\) to denote the fact that \(\mathcal {A}\) attacks the problem in the above sense (for security parameter n).
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Morgner, F., Bastian, P., Fischlin, M. (2016). Attribute-Based Access Control Architectures with the eIDAS Protocols. In: Chen, L., McGrew, D., Mitchell, C. (eds) Security Standardisation Research. SSR 2016. Lecture Notes in Computer Science(), vol 10074. Springer, Cham. https://doi.org/10.1007/978-3-319-49100-4_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-49100-4_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49099-1
Online ISBN: 978-3-319-49100-4
eBook Packages: Computer ScienceComputer Science (R0)