Belgian eID Cards
  Introduction


                              Danny De Cock
                    Danny.DeCock@esat.kuleu...
Overview of eID Card Types
                                                     Aliens ☺
Belgian Citizens
1. Belgian kids:...
Belgium issuing eID cards
                                                                1 Million
                      ...
eID Card = 4 Functions
 Non-electronic                                       Inherent to ID card
     Visible identificati...
eID Card Content
     PKI                           Citizen Identity Data

                                               ...
Signing Keys & Certificates
2 key pairs for the citizen:
  Citizen-authentication
     X.509v3 authentication certificate
...
eID Certificates Hierarchy

                                                                               m
             ...
eGovernment’s Basic Concepts
Federated architecture
  Each sector operates autonomously
  Interfaces with other sectors th...
Service Oriented eGovernment Services
                                  Patients, Care takers,
                           ...
Upcoming SlideShare
Loading in …5
×

Belgian eID cards

1,345 views

Published on

Basic information on Belgian eID cards

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,345
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
23
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Belgian eID cards

  1. 1. Belgian eID Cards Introduction Danny De Cock Danny.DeCock@esat.kuleuven.be Katholieke Universiteit Leuven/Dept. Elektrotechniek (ESAT) Computer Security and Industrial Cryptography (COSIC) Kasteelpark Arenberg 10 B-3001 Heverlee Belgium Belgian eID Cards Introduction Slide 1 © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  2. 2. Overview of eID Card Types Aliens ☺ Belgian Citizens 1. Belgian kids: 4. Foreign kids: Kids card with two revoked Kids card with two revoked certificates, age < 6 certificates, age < 6 Kids card with valid Kids card with valid authentication & revoked authentication & revoked non-repudiation certificate, 6 non-repudiation certificate, 6 <= age < 12 <= age < 12 Belgian youngster: Foreign youngster: 2. 5. eID card with valid eID card with valid authentication & revoked authentication & revoked non-repudiation certificate, non-repudiation certificate, 12 <= age < 18 12 <= age < 18 Belgian adults: Foreign adults: 3. 6. eID card with two valid eID card with two valid certificates, 18 <= age certificates, 18 <= age Slide 3 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  3. 3. Belgium issuing eID cards 1 Million cards produced and issued in 6 months All 589 municipalities issue eID cards Slide 4 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  4. 4. eID Card = 4 Functions Non-electronic Inherent to ID card Visible identification Reason of its existence 1. Electronic Inherent to eID card Digital identification Privacy-risky 2. Data capture User consent? Prove your identity (Trans)actional activities 3. Authentication Consequence of PKI Digitally sign Long-term relations 4. information Mandatory Non-repudiation signature Slide 5 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  5. 5. eID Card Content PKI Citizen Identity Data ID ADDRESS ID ADDRESS Authentication Digital Signature RRN RRN RRN RRN Root CA SIGNATURE SIGNATURE SIGNATURE SIGNATURE CA 140x200 Pixels ID CA 8 BPP RRN 3.224 Bytes RRN = National Register Slide 6 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  6. 6. Signing Keys & Certificates 2 key pairs for the citizen: Citizen-authentication X.509v3 authentication certificate Advanced electronic (non-repudiation) signature X.509v3 qualified certificate Can be used to produce digital signatures equivalent to handwritten signatures, cfr. European Directive 1999/93/EC 1 key pair for the card: eID card authentication (basic key pair) No corresponding certificate: RRN (Rijksregister/Registre National) knows which public key corresponds to which eID card Slide 7 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  7. 7. eID Certificates Hierarchy m Belgiu m Belgiu CA Root A Root C 2048-bit RSA ARL Citizen Card Gov 2048-bit RSA Admin CA CA CA CRL CRL CRL Code Non- Server Auth RRN Cert Card sign rep Cert Cert Cert Admin Admin 1024-bit RSA Cert Cert Card Administration: Certificates for update address, key pair Government web servers, generation, store signing citizen files, public certificates,… information,… Slide 8 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  8. 8. eGovernment’s Basic Concepts Federated architecture Each sector operates autonomously Interfaces with other sectors through bus system Built around authentic sources Master copy of data is available at exactly one repository Master copy = authoritative source Maximal reuse of information No data replication Administrations are forbidden to re-request data already available in an authentic source Integrated system for user and access management Citizens, professionals and companies are equipped with necessary credentials Each actor manages its own access policies Slide 9 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008
  9. 9. Service Oriented eGovernment Services Patients, Care takers, Health care institutions PortaHealth Portal SZ SVA SVA SVA SVA SVA SVA DTW DTW Site RIZIV Site FOD SZ SVA SVA Portal MyCareNet SVA SVA SVA SVA DTW DTW eHealth SVA SVA SVA DTW Users Basic services of the eHealth platform Network VAS VAS VAS VAS VAS VAS Suppliers VAS = Validated Authentic Source Slide stolen from Frank Robben, cf. Slide 10 Belgian eID Cards Introduction © K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 15 October 2008 http://www.law.kuleuven.ac.be/icri/frobben/presentations.htm

×