Advertisement

Abstract

Besides their use in identity verification at police and border controls, national ID cards are frequently used for commercial applications, too. One objective of the introduction of the new national ID card on 1 November 2010 is to extend the conventional use of ID documents to the digital world. In order to meet this objective, the new ID card offers two electronic functionalities for e-business and e-government service providers: an electronic authentication and a digital signature.

In the following paper we describe the electronic authentication mechanism used by the ID card, explain the differences between authentication and signature and discuss the security and privacy properties of the two applications used for e-government and e-business.

Keywords

Service Provider Mutual Authentication Trust Center Revocation List Electronic Authentication 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bender, Jens; Kügler, Dennis; Margraf, Marian; Naumann, Ingo: Das Sperrmanagement im neuen deutschen Personalausweis - Sperrmanagement ohne globale chipindividuelle Merkmale, Datensicherheit und Datenschutz (DuD), 2010, p. 295–298.Google Scholar
  2. Bender, Jens, Kügler, Dennis, Margraf, Marian, Naumann, Ingo: Sicherheitsmechanismen für kontaktlose Chips im deutschen elektronischen Personalausweis. Datenschutz und Datensicherheit (DuD), 2008, p. 173–177.Google Scholar
  3. Bender, Jens, Fischlin, Marc, Kügler Kügler: Security Analysis of the PACE Key-Agreement Protocol. Information Security Conference (ISC) 2009, Lecture Notes in Computer Science, Volume 5735, Springer-Verlag, 2009, p. 33–48.CrossRefGoogle Scholar
  4. Margraf, Marian: Der elektronische Identitätsnachweis des zukünftigen Personalausweises. in: 19. SIT-SmartCard Workshop (Fraunhofer-Institut für Sichere Informationstechnologie), Darmstadt 3./4. 2009, p. 3–14.Google Scholar
  5. [BMI 09] Federal Ministry of Interior: Gesetz über Personalausweise und den elektronischen Identitätsnachweis, 2009.Google Scholar
  6. Federal Office for Information Security (BSI): Technical Guideline TR-03110, Advanced Security Mechanisms for Machine Readable Travel Documents – Extended Access Control (EAC) and Password Authentication Connection Establishment (PACE), and Restricted Authentication, Version 2.03, 2010.Google Scholar
  7. Federal Office for Information Security (BSI): Technical Guideline TR-03127, Technical Architecture of the New German ID Card, 2010.Google Scholar
  8. ENISA Position Paper, Privacy Features of European eID Card Specifications, Januar 2009, http://www.enisa.europa.eu/act/it/eid/eid-cards-en.

Copyright information

© Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH 2011

Authors and Affiliations

  • Marian Margraf

There are no affiliations available

Personalised recommendations