Strong Electronic Identification: Survey & Scenario Planning

The deployment of more high-risk services such as online banking and government services on the Internet has meant that the need and demand for strong electronic identity is bigger today more than ever. Different stakeholders have different reasons for moving their services to the Internet, including cost savings, being closer to the customer or citizen, increasing volume and value of services among others. This means that traditional online identification schemes based on self-asserted identities are no longer sufficient to cope with the required level of assurance demanded by these services. Therefore, strong electronic identification methods that utilize identifiers rooted in real world identities must be provided to be used by customers and citizens alike on the Internet. This thesis focuses on studying state-of-the-art methods for providing reliable and mass market strong electronic identity in the world today. It looks at concrete real-world examples that enable real world identities to be transferred and used in the virtual world of the Internet. The thesis identifies crucial factors that determine what constitutes a strong electronic identity solution and through these factors evaluates and compares the example solutions surveyed in the thesis. As the Internet become more pervasive in our lives; mobile devices are becoming the primary devices for communication and accessing Internet services. This has thus, raised the question of what sort of strong electronic identity solutions could be implemented and how such solutions could adapt to the future. To help to understand the possible alternate futures, a scenario planning and analysis method was used to develop a series of scenarios from underlying key economic, political, technological and social trends and uncertainties. The resulting three future scenarios indicate how the future of strong electronic identity will shape up with the aim of helping stakeholders contemplate the future and develop policies and strategies to better position themselves for the future

Strong Electronic Identification: Survey & Scenario Planning

The deployment of more high-risk services such as online banking and government services on the Internet has meant that the need and demand for strong electronic identity is bigger today more than ever. Different stakeholders have different reasons for moving their services to the Internet, including cost savings, being closer to the customer or citizen, increasing volume and value of services among others. This means that traditional online identification schemes based on self-asserted identities are no longer sufficient to cope with the required level of assurance demanded by these services. Therefore, strong electronic identification methods that utilize identifiers rooted in real world identities must be provided to be used by customers and citizens alike on the Internet. This thesis focuses on studying state-of-the-art methods for providing reliable and mass market strong electronic identity in the world today. It looks at concrete real-world examples that enable real world identities to be transferred and used in the virtual world of the Internet. The thesis identifies crucial factors that determine what constitutes a strong electronic identity solution and through these factors evaluates and compares the example solutions surveyed in the thesis. As the Internet become more pervasive in our lives; mobile devices are becoming the primary devices for communication and accessing Internet services. This has thus, raised the question of what sort of strong electronic identity solutions could be implemented and how such solutions could adapt to the future. To help to understand the possible alternate futures, a scenario planning and analysis method was used to develop a series of scenarios from underlying key economic, political, technological and social trends and uncertainties. The resulting three future scenarios indicate how the future of strong electronic identity will shape up with the aim of helping stakeholders contemplate the future and develop policies and strategies to better position themselves for the future

Towards Practical Security of Pseudonymous Signature on the BSI eIDAS Token

In this paper we present an extension of Pseudonymous Signature introduced by the German Federal BSI authority as a part of technical recommendations for electronic identity documents. Without switching to pairing friendly groups we enhance the scheme so that: (a) the issuer does not know the private keys of the citizen (so it cannot impersonate the citizen), (b) a powerful adversary that breaks any number of ID cards created by the Issuer cannot forge new cards that could be proven as fake ones, (c) deanonymization of the pseudonyms used by a citizen is a multi-party protocol, where the consent of each authority is necessary to reveal the identity of a user. (d) we propose extended features concerning fully anonymous signatures and a pragmatic revocation approach. (e) we present an argument for unlinkability (cross-domain anonymity) of the presented schemes. In this way we make a step forwards to overcome the substantial weaknesses of the Pseudonymous Signature scheme. Moreover, the extension is on top of the original scheme with relatively small number of changes, following the strategy of reusing the previous schemes -- thereby reducing the costs of potential technology update

Hajusraamatutehnoloogia kasutuselevõtu õiguslikud takistused: tehnoloogia neutraalsuse ja funktsionaalse samaväärsuse põhimõtetele tuginev analüüs

Väitekirja elektrooniline versioon ei sisalda publikatsiooneKäesolev väitekiri käsitleb hajusraamatutehnoloogia (HT) kohtlemist Eesti ja EL õiguse alusel konkreetsete kasutusjuhtude näitel. HT on “mitmeotstarbeline tehnoloogia”, millel on rida erinevaid kasutusvõimalusi, sh. selle kõige tuntumad näited nagu plokiahelatehnoloogia ning bitimünt. Kuivõrd olemasolev õigusraamistik on loodud tsentraliseeritud infrastruktuuride ning mitte hajutatud andmestruktuuride jaoks nagu seda on HT, siis tihtipeale takistab olemasolev õigusraamistik HT kasutamist selles sisalduvate nii otseste kui ka kaudsete kallutatud nõuete tõttu. Nimetatud dissonants on sarnane analoogmaailma jaoks loodud õigusnormide takistava mõjuga digitaalsete lahenduste kasutuselevõtmisel. Seega ei ole väitekirjas käsitletavad takistused vaid HT-le omased vaid seotud iga uue tehnoloogia kasutuselevõtuga. Toodud probleemi uuritakseväitekirjas kolme konkreetse HT kasutusjuhu pinnal: (i) bitimündi vahetusteenuse osutamine; (ii) HT-põhise osanike nimekirja pidamine ; (iii) HT-põhise hübriid-targa lepingu ning elektroonilise allkirja kasutamine. Uurimise mõõdupuuna kasutatakse tehnoloogia neutraalsuse põhimõtet ning funktsionaalse samaväärsuse alampõhimõtet, et tuvastada kallutatud nõudeid ning piirata riigivõimu voli eelistada konkreetseid tehnoloogiaid samas teisi tehnoloogiaid diskrimineerides. HT kasutusjuhtude pinnal saab järeldada, et olemasolev õigsraamistik ei ole tehnoloogia-neutraalne ning eelistab tsentraliseeritud lahendusi ning ei taga HT-põhistele funktsionaalselt samaväärsetele lahendustele samaväärset kohtlemist. Arvestades toodud järeldusi uuritakse väitekirjas ka kallutatud nõuete põhjuseid ning strateegiaid kuidas jätkusuutlikult lahendada kallutatusest tekkinud takistused HT kasutusele. Väitekirja teema on oluline arvestades ka 2020. aasta lõpus avaldatud EL-i digitaalse finantspaketi määruste eesmärki, milleks on toetada HT kasutuselevõttu EL-is.This dissertation focuses on the treatment of distributed ledger technology (DLT) applications under the existing regulation in Estonia and the EU based on the analysis of specific use cases. The existing regulatory frameworks in most jurisdictions were built for centralized infrastructures and not for distributed ones, such as built on DLT. Consequently, current legal frameworks may inhibit the use of DLT due to either apparent or non-apparent biases written into the regulation. DLT on the other hand represents a “general-purpose technology” that, therefore, has abundance of applications including its most well known examples of blockchain and Bitcoin. The discrepancy between old rules and new tools is nothing new as the development of the digital world in comparison to the physical world led to the same problem. Therefore, the research problem addressed in the dissertation is not specific to DLT, but linked to the uptake of any new technology. With the aim to explore the potentially inhibiting effect of existing regulation, specific DLT use cases are investigated: (i) bitcoin exchange-service provision; (ii) DLT-based shareholder ledger maintenance and (iii) use of DLT-based electronic signature and hybrid smart contract agreements. In this exploration, the principle of technology neutrality and its sub-principle of functional equivalence are utilized as benchmarks for the identification of biases. The aim of these principles is to prohibit regulators from favouring some technologies and discriminating against others. The use case analyses show that some of the existing regulation is not technology-neutral due to inbound bias for centralized solutions. Furthermore, effects equivalence is not granted by existing regulation to functionally equivalent DLT-based solutions. Against this background, the dissertation discusses the reasons for these biases and regulative strategies to resolve these in a sustainable manner. The dissertation is especially relevant considering the goal of the proposed EU regulations of the Digital Finance Package introduced in late 2020 to promote the use of DLT in the EU.https://www.ester.ee/record=b542731

Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies

Zero-Knowledge Proof-of-Identity from trusted public certificates (e.g., national identity cards and/or ePassports; eSIM) is introduced here to permissionless blockchains in order to remove the inefficiencies of Sybil-resistant mechanisms such as Proof-of-Work (i.e., high energy and environmental costs) and Proof-of-Stake (i.e., capital hoarding and lower transaction volume). The proposed solution effectively limits the number of mining nodes a single individual would be able to run while keeping membership open to everyone, circumventing the impossibility of full decentralization and the blockchain scalability trilemma when instantiated on a blockchain with a consensus protocol based on the cryptographic random selection of nodes. Resistance to collusion is also considered. Solving one of the most pressing problems in blockchains, a zk-PoI cryptocurrency is proved to have the following advantageous properties: - an incentive-compatible protocol for the issuing of cryptocurrency rewards based on a unique Nash equilibrium - strict domination of mining over all other PoW/PoS cryptocurrencies, thus the zk-PoI cryptocurrency becoming the preferred choice by miners is proved to be a Nash equilibrium and the Evolutionarily Stable Strategy - PoW/PoS cryptocurrencies are condemned to pay the Price of Crypto-Anarchy, redeemed by the optimal efficiency of zk-PoI as it implements the social optimum - the circulation of a zk-PoI cryptocurrency Pareto dominates other PoW/PoS cryptocurrencies - the network effects arising from the social networks inherent to national identity cards and ePassports dominate PoW/PoS cryptocurrencies - the lower costs of its infrastructure imply the existence of a unique equilibrium where it dominates other forms of paymentComment: 2.1: Proof-of-Personhood Considered Harmful (and Illegal); 4.1.5: Absence of Active Authentication; 4.2.6: Absence of Active Authentication; 4.2.7: Removing Single-Points of Failure; 4.3.2: Combining with Non-Zero-Knowledge Authentication; 4.4: Circumventing the Impossibility of Full Decentralizatio

FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs (Extended Version)

Two-factor authentication (2FA) mitigates the security risks of passwords as sole authentication factor. FIDO2---the de facto standard for interoperable web authentication---leverages strong, hardware-backed second factors. However, practical challenges hinder wider FIDO2 user adoption for 2FA tokens, such as the extra costs ($20-$30 per token) or the risk of inaccessible accounts upon token loss/theft. To tackle the above challenges, we propose FeIDo, a virtual FIDO2 token that combines the security and interoperability of FIDO2 2FA authentication with the prevalence of existing eIDs (e.g., electronic passports). Our core idea is to derive FIDO2 credentials based on personally-identifying and verifiable attributes---name, date of birth, and place of birth---that we obtain from the user's eID. As these attributes do not change even for refreshed eID documents, the credentials "survive" token loss. Even though FeIDo operates on privacy-critical data, all personal data and resulting FIDO2 credentials stay unlinkable, are never leaked to third parties, and are securely managed in attestable hardware containers (e.g., SGX enclaves). In contrast to existing FIDO2 tokens, FeIDo can also derive and share verifiable meta attributes (anonymous credentials) with web services. These enable verified but pseudonymous user checks, e.g., for age verification (e.g., "is adult")

FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs

Two-factor authentication (2FA) mitigates the security risks of passwords as sole authentication factor. FIDO2---the de facto standard for interoperable web authentication---leverages strong, hardware-backed second factors. However, practical challenges hinder wider FIDO2 user adoption for 2FA tokens, such as the extra costs ($20-$30 per token) or the risk of inaccessible accounts upon token loss/theft. To tackle the above challenges, we propose FeIDo, a virtual FIDO2 token that combines the security and interoperability of FIDO2 2FA authentication with the prevalence of existing eIDs (e.g., electronic passports). Our core idea is to derive FIDO2 credentials based on personally-identifying and verifiable attributes---name, date of birth, and place of birth---that we obtain from the user's eID. As these attributes do not change even for refreshed eID documents, the credentials "survive" token loss. Even though FeIDo operates on privacy-critical data, all personal data and resulting FIDO2 credentials stay unlinkable, are never leaked to third parties, and are securely managed in attestable hardware containers (e.g., SGX enclaves). In contrast to existing FIDO2 tokens, FeIDo can also derive and share verifiable meta attributes (anonymous credentials) with web services. These enable verified but pseudonymous user checks, e.g., for age verification (e.g., "is adult")

Challenges in Cybersecurity and Privacy - the European Research Landscape

Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended nature and the usage of potential untrustworthiness components. Likewise, identity-theft, fraud, personal data leakages, and other related cyber-crimes are continuously evolving, causing important damages and privacy problems for European citizens in both virtual and physical scenarios. In this context, new holistic approaches, methodologies, techniques and tools are needed to cope with those issues, and mitigate cyberattacks, by employing novel cyber-situational awareness frameworks, risk analysis and modeling, threat intelligent systems, cyber-threat information sharing methods, advanced big-data analysis techniques as well as exploiting the benefits from latest technologies such as SDN/NFV and Cloud systems. In addition, novel privacy-preserving techniques, and crypto-privacy mechanisms, identity and eID management systems, trust services, and recommendations are needed to protect citizens’ privacy while keeping usability levels. The European Commission is addressing the challenge through different means, including the Horizon 2020 Research and Innovation program, thereby financing innovative projects that can cope with the increasing cyberthreat landscape. This book introduces several cybersecurity and privacy research challenges and how they are being addressed in the scope of 15 European research projects. Each chapter is dedicated to a different funded European Research project, which aims to cope with digital security and privacy aspects, risks, threats and cybersecurity issues from a different perspective. Each chapter includes the project’s overviews and objectives, the particular challenges they are covering, research achievements on security and privacy, as well as the techniques, outcomes, and evaluations accomplished in the scope of the EU project. The book is the result of a collaborative effort among relative ongoing European Research projects in the field of privacy and security as well as related cybersecurity fields, and it is intended to explain how these projects meet the main cybersecurity and privacy challenges faced in Europe. Namely, the EU projects analyzed in the book are: ANASTACIA, SAINT, YAKSHA, FORTIKA, CYBECO, SISSDEN, CIPSEC, CS-AWARE. RED-Alert, Truessec.eu. ARIES, LIGHTest, CREDENTIAL, FutureTrust, LEPS. Challenges in Cybersecurity and Privacy - the European Research Landscape is ideal for personnel in computer/communication industries as well as academic staff and master/research students in computer science and communications networks interested in learning about cyber-security and privacy aspects

Tokenization of Real Estate on Blockchain

This thesis presents research at the junction of law, governance, blockchain technology and real estate. The concept of real estate tokenization includes legal, technological, and organizational aspects. The research introduces a theory of a Title Token - a digital record of ownership on the blockchain. It is discussed the principle of technological neutrality, where the traditional land (property) registry is not necessarily abandoned in favor of blockchains, but instead, people gain the right to choose. The key output of this research is an architecture of the system presented as a cross-blockchain protocol designed to support free choice and transferability of assets across blockchains. Another important feature of the protocol is enforceability to address the constraint of the blockchain technology, i.e., the intolerance to retroactive transactions. To resolve disputes and other legal issues, the protocol provides a framework for smart laws and digital authorities. Among objects of interest were questions on the effectiveness of governance and bureaucracy, corruption, automation, fraud on the market, and the role of the government and other intermediaries in the protection of property rights and interests. The multilevel analysis undertaken in this thesis is a preliminary step towards making any policymaking suggestion. It also aims at delivering a solid ground for further research and experimentation. Such analysis aims to address the thorny issue of effectively applying emergent technologies to law and governance. The outcome is a set of reflections and conclusions for policymakers and researchers regarding the capabilities and limits of blockchain technology, wrapped into a consistent concept of improving the current system

Challenges in Cybersecurity and Privacy - the European Research Landscape

Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended nature and the usage of potential untrustworthiness components. Likewise, identity-theft, fraud, personal data leakages, and other related cyber-crimes are continuously evolving, causing important damages and privacy problems for European citizens in both virtual and physical scenarios. In this context, new holistic approaches, methodologies, techniques and tools are needed to cope with those issues, and mitigate cyberattacks, by employing novel cyber-situational awareness frameworks, risk analysis and modeling, threat intelligent systems, cyber-threat information sharing methods, advanced big-data analysis techniques as well as exploiting the benefits from latest technologies such as SDN/NFV and Cloud systems. In addition, novel privacy-preserving techniques, and crypto-privacy mechanisms, identity and eID management systems, trust services, and recommendations are needed to protect citizens’ privacy while keeping usability levels. The European Commission is addressing the challenge through different means, including the Horizon 2020 Research and Innovation program, thereby financing innovative projects that can cope with the increasing cyberthreat landscape. This book introduces several cybersecurity and privacy research challenges and how they are being addressed in the scope of 15 European research projects. Each chapter is dedicated to a different funded European Research project, which aims to cope with digital security and privacy aspects, risks, threats and cybersecurity issues from a different perspective. Each chapter includes the project’s overviews and objectives, the particular challenges they are covering, research achievements on security and privacy, as well as the techniques, outcomes, and evaluations accomplished in the scope of the EU project. The book is the result of a collaborative effort among relative ongoing European Research projects in the field of privacy and security as well as related cybersecurity fields, and it is intended to explain how these projects meet the main cybersecurity and privacy challenges faced in Europe. Namely, the EU projects analyzed in the book are: ANASTACIA, SAINT, YAKSHA, FORTIKA, CYBECO, SISSDEN, CIPSEC, CS-AWARE. RED-Alert, Truessec.eu. ARIES, LIGHTest, CREDENTIAL, FutureTrust, LEPS. Challenges in Cybersecurity and Privacy - the European Research Landscape is ideal for personnel in computer/communication industries as well as academic staff and master/research students in computer science and communications networks interested in learning about cyber-security and privacy aspects