Skip to main content
Conference Proceedings

Pseudonymous signature on eIDAS token - Implementation based privacy threats

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2016) 9723 467-477
DOI: 10.1007/978-3-319-40367-0_31
5Citations
Citations of this article
23Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We investigate eIDAS Token specification for Pseudonymous Signature published recently by German security authority BSI, German Federal Office for Information Security. We analyze how far the current specification prevents privacy violations by the Issuer by malicious or simply careless implementation.We find that, despite the declared design goal of protecting privacy of the citizens, it is quite easy to convert the system into a "Big Brother" system and enable spying the citizens by third parties. We show that there is a simple and elegant way for preventing all attacks of the kind described. Moreover, we show that it is possible with relatively small amendments to the scheme.

Cite

CITATION STYLE

APA

Kutyłowski, M., Hanzlik, L., & Kluczniak, K. (2016). Pseudonymous signature on eIDAS token - Implementation based privacy threats. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9723, pp. 467–477). Springer Verlag. https://doi.org/10.1007/978-3-319-40367-0_31

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free