8 e id en security
Upcoming SlideShare
Loading in...5
×
 

8 e id en security

on

  • 894 views

 

Statistics

Views

Total Views
894
Views on SlideShare
894
Embed Views
0

Actions

Likes
0
Downloads
6
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

8 e id en security 8 e id en security Document Transcript

  • The Belgian eID Card in a Nutshell Presented by: Prof. Bart Preneel Danny De Cock firstname.lastname@esat.kuleuven.be Katholieke Universiteit Leuven/Dept. Elektrotechniek (ESAT) Computer Security and Industrial Cryptography (COSIC) Kasteelpark Arenberg 10 B-3001 Heverlee Belgium Belgian eID Card, Technical Overview Slide 1 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 Why Introducing an eID card? Every Belgian citizen gets a tool to Authenticate him/herself via email, SSL/TLS,… Create digital signatures equivalent with handwritten signatures, e.g., to sign signatures, contracts electronically Benefits Nation-wide PKI reduces need to deploy closed user group PKIs Nation- Avoids updating legislation referring to handwritten signatures Improved security and confidence in remote transactions Simplification of administrative tasks through Faster data capture Home-government: consult your own files with the government, fill out tax declarations,… Home- Digital signatures protect electronic content Certificates link digital signatures to citizens The new EID card is smaller than the previous ID card Address changes do not necessitate a issuing a new eID card Risks Privacy Market distortion Interoperability at European level Belgian eID Card, Technical Overview Slide 2 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 1
  • What is a Belgian eID card? The digital version of the previous ID card Bank card-sized plastic card depicts the citizen’s card- Photo, Full name, Gender, Handwritten signature, Nationality, Place and Date of birth, Card and National Number,… The chip on the eID card contains the citizen’s Identity data and address Identity and signing certificates (and key pairs),… The chip can be used to Authenticate information (e.g., for invoices) Generate digital signatures equivalent to handwritten signatures (e.g., for contracts) The card is valid for 5 years eID card certificates valid for up to 5 years Belgian eID Card, Technical Overview Slide 3 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 Quick Summary Belgian eID Initiated in 1999, massive rollout started end of October 2004, currently about 1.4 million cards produced and 1 million eID cards activated 588 of the 589 municipalities already activate eID cards eID card can be used to Authenticate the cardholder Create digital (non-repudiation) signatures (non- Capture citizen data electronically Visually identify the citizen Chip contains administrative data (photo, address, cardholder identity, national number,…) Card is valid for 5 years after production All Belgian citizens (+12 years) will have obtained an eID card by end of 2009 Belgian eID Card, Technical Overview Slide 4 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 2
  • Who gets an eID card? A new eID card is issued to New inhabitants Every youngster at the age of 12 People changing from one address to another in the local municipality Replace a lost, stolen, damaged or expired (e)ID card (e)ID Adjust the citizen’s picture Every citizen who asks to replace his/her old ID card Every citizen who changes his/her name, gender,… Everyone older than 14 must carry his/her (e)ID card (e)ID Specific groups who requested a priority: Medical doctors, lawyers, eID software companies,… Belgian eID Card, Technical Overview Slide 5 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 Belgium issuing eID cards More than 6000 cards produced and activated per working day during nation- nation- wide deployment 4500 cards produced and issued per month during pilot phase 588 out of 589 municipalities issue eID cards Belgian eID Card, Technical Overview Slide 6 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 3
  • Typical evolution of an eID CRL CRLs follow the lifecycle of the eID cards they cover The CA stops issuing certificates referring to a particular CRL if it becomes too large The graph reflects the evolution of the eID cards following a CRL for which no new certificates are issues Belgian eID Card, Technical Overview Slide 7 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 Frequently updated graphs available at http://www.godot.be Today’s eID Card Applications eGovernment eCommerce Official document requests Online opening of new account Marital status, Birth Digital Rights Management certificate,… Qualified signature Access to RRN database Contract signing Online voting eBanking eTax Online mortgage request Tax form declaration eMail eJustice Registered mail Electronic submission of Authenticated email conclusions in court cases eAdministration eAccess Data capture Client authentication for web servers Car registration Access control, e.g., container park, library, swimming pool,… Belgian eID Card, Technical Overview Slide 8 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 4
  • Questions? Belgian eID card information on the Internet http://eid.belgium.be http://www.rijksregister.fgov.be http://www.fedict.be http://www.belgium.be http://www.cardreaders.be Test cards can be ordered at http://www.eid-shop.be Source code examples are available at http://www.belgium.be/zip/middleware_source_code_nl.html http://www.belgium.be/zip/middleware_source_code_fr.html Myself Danny.DeCock@esat.kuleuven.ac.be keywords: “godot eID” http://godot.be Yourself https://www.mijndossier.rrn.fgov.be https://www.mondossier.rrn.fgov.be https://www.meindossier.rrn.fgov.be Belgian eID Card, Technical Overview Slide 9 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005 5