Más contenido relacionado
Similar a 8 e id en security (12)
8 e id en security
- 1. The Belgian eID Card
in a Nutshell
Presented by: Prof. Bart Preneel
Danny De Cock
firstname.lastname@esat.kuleuven.be
Katholieke Universiteit Leuven/Dept. Elektrotechniek (ESAT)
Computer Security and Industrial Cryptography (COSIC)
Kasteelpark Arenberg 10
B-3001 Heverlee
Belgium
Belgian eID Card, Technical Overview Slide 1
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
Why Introducing an eID card?
Every Belgian citizen gets a tool to
Authenticate him/herself via email, SSL/TLS,…
Create digital signatures equivalent with handwritten signatures, e.g., to sign
signatures,
contracts electronically
Benefits
Nation-wide PKI reduces need to deploy closed user group PKIs
Nation-
Avoids updating legislation referring to handwritten signatures
Improved security and confidence in remote transactions
Simplification of administrative tasks through
Faster data capture
Home-government: consult your own files with the government, fill out tax declarations,…
Home-
Digital signatures protect electronic content
Certificates link digital signatures to citizens
The new EID card is smaller than the previous ID card
Address changes do not necessitate a issuing a new eID card
Risks
Privacy
Market distortion
Interoperability at European level
Belgian eID Card, Technical Overview Slide 2
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
1
- 2. What is a Belgian eID card?
The digital version of the previous ID card
Bank card-sized plastic card depicts the citizen’s
card-
Photo, Full name, Gender, Handwritten signature, Nationality,
Place and Date of birth, Card and National Number,…
The chip on the eID card contains the citizen’s
Identity data and address
Identity and signing certificates (and key pairs),…
The chip can be used to
Authenticate information (e.g., for invoices)
Generate digital signatures equivalent to handwritten signatures
(e.g., for contracts)
The card is valid for 5 years
eID card certificates valid for up to 5 years
Belgian eID Card, Technical Overview Slide 3
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
Quick Summary Belgian eID
Initiated in 1999, massive rollout started end of October 2004,
currently about 1.4 million cards produced and 1 million
eID cards activated
588 of the 589 municipalities already activate eID cards
eID card can be used to
Authenticate the cardholder
Create digital (non-repudiation) signatures
(non-
Capture citizen data electronically
Visually identify the citizen
Chip contains administrative data (photo, address,
cardholder identity, national number,…)
Card is valid for 5 years after production
All Belgian citizens (+12 years) will have obtained an eID
card by end of 2009
Belgian eID Card, Technical Overview Slide 4
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
2
- 3. Who gets an eID card?
A new eID card is issued to
New inhabitants
Every youngster at the age of 12
People changing from one address to another in the local
municipality
Replace a lost, stolen, damaged or expired (e)ID card
(e)ID
Adjust the citizen’s picture
Every citizen who asks to replace his/her old ID card
Every citizen who changes his/her name, gender,…
Everyone older than 14 must carry his/her (e)ID card
(e)ID
Specific groups who requested a priority:
Medical doctors, lawyers, eID software companies,…
Belgian eID Card, Technical Overview Slide 5
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
Belgium issuing eID cards
More than
6000 cards
produced and
activated per
working day
during nation-
nation-
wide
deployment
4500 cards
produced and
issued per
month during
pilot phase
588 out of 589
municipalities
issue eID cards
Belgian eID Card, Technical Overview Slide 6
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
3
- 4. Typical evolution of an eID CRL
CRLs follow
the lifecycle
of the eID
cards they
cover
The CA stops
issuing
certificates
referring to a
particular
CRL if it
becomes too
large
The graph
reflects the
evolution of
the eID cards
following a
CRL for
which no new
certificates
are issues
Belgian eID Card, Technical Overview Slide 7
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
Frequently updated graphs available at http://www.godot.be
Today’s eID Card Applications
eGovernment eCommerce
Official document requests Online opening of new account
Marital status, Birth Digital Rights Management
certificate,…
Qualified signature
Access to RRN database Contract signing
Online voting
eBanking
eTax Online mortgage request
Tax form declaration
eMail
eJustice Registered mail
Electronic submission of Authenticated email
conclusions in court cases
eAdministration
eAccess
Data capture
Client authentication for
web servers Car registration
Access control, e.g.,
container park, library,
swimming pool,…
Belgian eID Card, Technical Overview Slide 8
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
4
- 5. Questions?
Belgian eID card information on the Internet
http://eid.belgium.be
http://www.rijksregister.fgov.be
http://www.fedict.be
http://www.belgium.be
http://www.cardreaders.be
Test cards can be ordered at
http://www.eid-shop.be
Source code examples are available at
http://www.belgium.be/zip/middleware_source_code_nl.html
http://www.belgium.be/zip/middleware_source_code_fr.html
Myself Danny.DeCock@esat.kuleuven.ac.be
keywords: “godot eID”
http://godot.be
Yourself https://www.mijndossier.rrn.fgov.be
https://www.mondossier.rrn.fgov.be
https://www.meindossier.rrn.fgov.be
Belgian eID Card, Technical Overview Slide 9
© K.U.Leuven/ESAT/COSIC, http://www.esat.kuleuven.be/cosic 17 September 2005
5