Category Archives: Electronic Identity

MSc thesis: Security of Loyalty Cards Used in Estonia

Abstract
This thesis identifies the card technologies used in loyalty programs across Estonia. These technologies include magnetic-stripe cards, contactless cards (in the form of MIFARE Classic, MIFARE Ultralight, MIFARE DESFire EV1 and low frequency RFID cards) and a smart card known as the Estonian electronic identification card (ID card). Each card type implements its own security features to prevent cloning and/or unauthorized access to the content stored on the card. The contents of each card was read and the method in which it was used in the system analysed. In the cases where possible a clone of the card was created and tested against the real system to verify that it passed the authentication procedures.

This is MSc thesis from TUT Cyber Security curriculum. The thesis was defended in June 2017.

The thesis analyzed cloneability aspects of the loyalty cards used in Estonia. While the magnetic-stripe cards are known to be trivially cloneable, the study also analyzed bunch of contact-less cards: MyFitness, Elron, Tallinn Bus Card, ISIC, SEB ISIC, Tartu Bus Card, Rimi Card. Only the Rimi and Elron card was found to withstand known cloning attacks.

Links:
http://kodu.ut.ee/~arnis/loyalty_thesis.pdf
http://kodu.ut.ee/~arnis/loyalty_slides.pdf

Using the Estonian Electronic Identity Card for Authentication to a Machine

Abstract: The electronic chip of the Estonian ID card is widely used in Estonia to identify the cardholder to a machine. For example, the electronic ID card can be used to collect rewards in customer loyalty programs, authenticate to public printers and self-checkout machines in libraries, and even unlock doors and gain access to restricted areas.
This paper studies the security aspects of using the Estonian ID card for this purpose. The paper shows that the way the ID card is currently being used provides little to no assurance to the terminal about the identity of the cardholder. To demonstrate this, an ID card emulator is built, which emulates the electronic chip of the Estonian ID card as much as possible and is able to successfully impersonate the real ID card to the terminals deployed in practice. The exact mechanisms used by the terminals to authenticate the ID card are studied and possible security improvements for the Estonian ID card are discussed.

The TLDR; of the paper is that when the ID card is used to authenticate to a machine (unless PIN1/PIN2 is involved), the ID card does not provide additional authentication factor. This is not a surprise to anyone who is familiar with the technology, but some still believe that ID card provides some security over the magnetic-stripe card.

The paper describes proof-of-concept implementation of non-cryptographic “ID card emulator” and demonstrates transplantation of the fake chip to a real ID card.

Links:
https://eprint.iacr.org/2017/880.pdf
https://kodu.ut.ee/~arnis/EstEID_keycard_slides.pdf

Liisa Past, Kaur Virunurm: E-State and Proactive Risk Management

The presentation was given in cybersecurity conference “Cyberchess 2017” held on October 5, 2017 in Riga. The presentation touched upon the recent events such as i-voting and the flaw found in the ID card chip.

The last question from the audience was worth a dime:

Is PPA considering any legal action against the vendor, because, as I understand, you have been informed by the researchers, but the vendor has not informed you.
And the second one: in the new procurement, what are are the lessons learned? Are you planing to change or include some clauses on liability?

The question was not answered in full, but the answer would be interesting indeed.

Links:
https://www.youtube.com/watch?v=6N_ZeFDNzvg
https://cert.lv/uploads/pasakumi/liisapastkaurvirunurm.pdf

 

PIN2 code not needed to make payments in Danske Bank

Most internet bank users using ID-card or Mobile-ID are used to first enter PIN1 and then confirm by PIN2 again when making a payment. Danske Bank, however, has solved the matter differently, and will only ask for PIN1 for both login and for payment confirmation.

Annika Maiste, head of Danske Bank’s e-banking, told that indeed the same PIN code should be used for both login and payment confirmation, and according to the bank, this does not have any effect on security. “In our risk assessment, we have analyzed various attacks and concluded that the use of the digital signing function in Internet Banking may not provide significant additional protection to the user in the case of modern malware,” Maiste said.

She added that the above principle is used for both Mobile-ID and ID-card, and that the company can confirm that, although compared to other banks, Danske Internet Bank does not ask PIN2 from users, it is safe for the users.

Katrin Talihärm, Managing Director of the Banking Association, said that what kind of security code to ask is the responsibility of each service provider and they have not made recommendations to their members about it. She added that both ID-card and Mobile-ID are categorized by their definition as strong authentication tools, when used in an electronic environment in addition to PIN.

If only the modern malware is considered in the threat model than indeed PIN2 does not provide any additional protection. However, there are other attacks where, while the compromise of one key is feasible, the compromise of both keys is not.

Links:
https://geenius.ee/uudis/danske-bankis-pin2-koodi-vaja-ei-lahegi/

RSA 2048-bit keys in Estonian ID cards issued after October 2014 are factorizable

On September 5, 2017, Estonian Information System Authority (RIA) informed about a security risk in ID cards:

On 30 August, an international team of researchers informed the Information System Authority (RIA) of a security risk affecting ID-cards issued in Estonia since October 2014 (including cards issued to e-residents), i.e. about 750,000 cards altogether. ID-cards issued before 16 October 2014 have a different chip and are not affected by this risk.

Now we have more details:

The flaw resides in the Infineon-developed RSA Library version v1.02.013, specifically within an algorithm it implements for RSA primes generation. [..] To boost performance, the Infineon library constructs the keys’ underlying prime numbers in a way that makes the keys prone to a process known as factorization. When generated properly, an RSA key with 2048 bits should require several quadrillion years—or hundreds of thousands of times the age of the universe—to be factorized with a general-purpose computer. Factorizing a 2048-bit RSA key generated with the faulty Infineon library, by contrast, takes [..] no more than 17 days and $40,300 using a 1,000-instance machine on Amazon Web Service. On average, it would require half the cost and time to factorize the affected keys. All that’s required is passing the public key through an extension of what’s known as Coppersmith’s Attack.

The researchers examined keys used in electronic identity cards issued by four countries and quickly found two—Estonia and Slovakia—were issuing documents with fingerprinted keys, both of which were 2048 bits in length, making them practically factorizable.[..] While it has closed its public key database, Estonian government officials have also announced plans to rotate all keys to a format that’s not vulnerable, starting in November.

Details from Infineon:

Due to application-specific requirements, it is common practice to employ acceleration algorithms in order to generate key pairs, especially if time resources are sparse. Infineon also utilizes such an acceleration algorithm in time-restricted cases, called “Fast Prime”. [..] The foundations of “Fast Prime” date back to the year 2000. Its use started around ten years later after thorough reviews. [..] this software function was certified by the BSI (Federal Office for Information Security) in Germany. No mathematical weaknesses were known, nor have been discovered during the certification processes. Recently, a research team from the of the Masaryk University, Czech Republic, developed advanced mathematical methods to analyze and exploit weaknesses in acceleration algorithms for prime number selection.

In a way these findings are a blessing for the practical security of Estonian eID. Up to now, at least publicly the chip of Estonian ID card was presumed infallible, and if someone approached these issues in the risk analysis, it was considered a heresy.

There are several lessons to be learned on different levels of management. The current practice of the plain hope that the vendor of the unauditable chip will get it right, may not be a sustainable approach for the state which so heavily relies on the secrecy of the private keys held therein.

Links:
https://crocs.fi.muni.cz/public/papers/rsa_ccs17
https://www.infineon.com/cms/en/product/promopages/rsa-update/rsa-background
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/
https://www.ria.ee/en/possible-security-vulnerability-detected-in-the-estonian-id-card-chip.html
https://www.ria.ee/en/id-cards-affected-by-the-security-risk-can-be-renewed-from-november.html
http://news.postimees.ee/4258645/e-scare-cure-found-in-weeks
http://news.err.ee/634222/cracking-of-one-id-card-would-require-estonia-to-deactivate-750-000-cards
http://news.err.ee/619703/ria-recommends-state-officials-use-mobile-id-to-minimize-security-risks
http://news.err.ee/616732/potential-security-risk-could-affect-750-000-estonian-id-cards
http://news.err.ee/634560/estonia-to-provide-670-000-in-support-for-mobile-id-access-development
http://tehnika.postimees.ee/4243153/id-kaardi-tootja-oleme-eesti-vastu-kohtus-aga-teeme-turvariski-parast-koostood
https://geenius.ee/uudis/id-kaardi-vea-avastanud-teadlane-geeniusele-meid-ullatas-kui-tosiselt-eestis-seda-voeti/
http://www.err.ee/631731/hanso-id-kaardi-turvaprobleemid-saavad-uueks-aastaks-lahendatud

SK ID Solutions declared provider of vital services

The Identity Documents Act was amended declaring the provider of certification services a vital service provider:

(31) The provider of certification service that enables digital identification and digital signing with the certificate which is entered in the documents issued on the basis of this Act is the provider of vital service specified in clause 36 (1) 8) of the Emergency Act.
[RT I, 03.03.2017, 1 – entry into force 01.07.2017]

In practice, at least currently the new status does not introduce significant new requirements, since for SK as a qualified trust service provider the operational requirements set by law were quite high anyway.

Links:
https://www.riigiteataja.ee/en/eli/521062017003/consolide

Possible to apply for new ID card online using bank authentication

The Police and Border Guard (PPA) have a new online portal where citizens can apply for ID cards based on previously issued identification. Beyond their existing ID cards, people could also log in using their Mobile ID or Internet bank, which is good news for Apple users, as the state’s systems typically don’t work to the full extent for anyone coming in using Apple devices. That people could use their bank to log in meant that also those could apply for a new ID whose existing one had already lost its validity, Abram added.

The solution likely to be very welcome, as PPA has limited the number of offices where people can apply for documents to just a handful of service centers, and queues have been a constant problem. There are plans to extend the portal’s services to include passport applications as well other processes that are currently limited to PPA’s service centers, and to include all residents of Estonia that have a personal identification code (isikukood).

The law was changed to remove the requirement for the application to be digitally signed:

§ 5. Electronic filing of application
(1) Upon submission of an application electronically, the documents specified in the Regulation shall be attached to the application electronically.
(2) An electronically filed application shall be signed digitally or submitted uniquely via an electronic channel that allows verification of identity.
(3) If an application is submitted via an electronic channel specified in paragraph 2, the applicant shall, upon issuing his identity document, confirm with the signature that the data and documents submitted by him in the application are correct.

Links:
http://news.err.ee/602902/police-opens-new-internet-environment-for-simplified-id-application
https://www.riigiteataja.ee/akt/114012017014
http://forte.delfi.ee/news/tarkvara/veebi-teel-id-kaardi-taotlemine-on-populaarne?id=79758000

Oberthur will produce Estonian ID cards from 2019

id_card_blank

The Police and Border Guard Board (PPA) and French company Oberthur Technologies signed an agreement on Thursday for the production of Estonia’s ID cards, permanent resident cards, digital IDs and diplomatic IDs after the current manufacturer agreement expires at the end of 2018.

Oberthur Technologies will be responsible for the manufacture of the card and chip as well as and linking the document to personal data. It will also be responsible for the functioning of the card. The French company will manufacture and personalize the cards in Estonia.

The value of the five-year contract is approximately €40 million. Under the new agreement, the expenses of the PPA for the manufacture of the ID card will remain at the present level.

A tender committee, which in addition to PPA experts included experts from the Estonian Information System Authority, the Ministry of the Interior and the ministry’s IT and Development Centre, chose the offer by Oberthur from among three different offers.

This was already the second tender. In the first tender Safran Morpho was chosen as the winner. The results of the first tender were appealed by two other participants – Oberthur Technologies and Gemalto/Trüb AG. The result of the appeal was that the current contract with Trub AG was prolonged for one more year.

In a public procurement tender of the Estonian Police and Border Guard Board three renowned European ID producers submitted their offers. The tender committee chose the offer of Safran Morpho as the winner, the Police and Border Guard Board said.

The German company Trub AG, which last year was acquired by Gemalto, has been manufacturing ID cards for Estonia since 2001.

It is notable that this is the first tender in the last 15 years, where PPA decided to make participation in tender available to wider range of companies. Previous contract extensions with Trub AG were justified by “potential security risk avoidance reasons”.

Update: Gemalto and Safran Morpho appealed in court the results of the tender.

Links:
http://news.err.ee/592722/ppa-signs-deal-with-france-s-oberthur-to-produce-ids-beginning-2019
http://www.baltic-course.com/eng/good_for_business/?doc=119884
http://uudised.err.ee/v/eesti/d5436b80-2965-4a27-9e3d-92953dc4fd4f/id-kaardi-kujundus-vahetub-hiljemalt-2018-aastast
http://arileht.delfi.ee/news/uudised/konkurendid-kahtlustavad-40-miljoni-eurose-ppa-hanke-juures-valemangu?id=74676029
http://tehnika.postimees.ee/3577961/kas-sel-korral-laheb-teisiti-riik-on-seni-tellinud-id-kaarte-vaid-uhelt-ettevottelt
http://tehnika.postimees.ee/4140063/laane-suurettevotted-kaebasid-eesti-politsei-kohtusse

Employees of foreign embassies to be issued diplomatic eID card

The Ministry of Foreign Affairs on Friday acquainted heads of the representations of foreign countries and international organizations with a new diplomatic ID which will provide employees with a digital identity giving them access to Estonian e-services, spokespeople for the ministry said.

“It’s unique in the EU and hopefully will encourage other countries to make more rapid progress in e-Europe development,” said the minister.

Digital diplomatic IDs will enable both the physical and electronic identification of an individual as well as provide access to Estonian e-services. Users will receive an Estonian personal identification number that will make it easier for employees of foreign diplomatic representations to handle official business in Estonia.

New type of identity document. Probably will contain the same data as ID card, but will have a bit different look and will be issued to a specific group of people.

Links:
http://news.err.ee/588887/employees-of-foreign-embassies-to-be-issued-digital-ids
http://www.ituudised.ee/uudised/2017/04/10/valisriikide-saatkondade-tootajad-eestis-saavad-digitaalse-diplomaatilise-isikutunnistuse
https://twitter.com/Karen_van_S/status/850306183093211136

 

Document counterfeiting case “Maarika” comes to court

Harju County Court on Thursday accepted plea bargains reached between the Office of the Prosecutor General and those charged in connection with a criminal organization found to be illegally issuing official documents and will make a decision regarding their confirmation in early February.

This is what happened in 2015:

Estonian police has detained 12 people, including four Police and Border Guard (PPA) employees, in what is believed to be the biggest scam the country has seen for years. The suspects allegedly issued official documents that need state approval, such as language test certificates, living permits, papers needed to receive Estonian citizenship, and medical certificates. The scam involved forgery, entering false information and accomplices who used fake identity.

PPA employees were abusing state databases and ignoring suspicious applications:

Four Police and Border Guard employees, who are now bribery suspects, are believed to have been involved in the process of issuing the forged documents, but were not organizers of the scam. They released confidential information, knowingly accepted application forms with false information and issued official documents in return for bribes. Two are specialists and two are customer servants.

This is how the scam got discovered:

Nobody would have ever noticed, if not for the personnel changes at PPA last year. As a result of this, a new person ended up working with follow-up check of citizenship applications, to whom lots of cases seemed an anomaly. People with positive responses to applications looked like they had nothing to do with Estonia whatsoever. As the cases were dozens, the official told internal audit.

The scam was organized by 65-year-old woman calling herself Maarika. Most “clients” who received counterfeit documents were pardoned as exchange from criminal charges. We can see here that if the base identity is not sufficiently protected, no eID system, however well designed, can help.

Links:
http://news.err.ee/v/news/politics/society/77509022-4164-4fb2-81ec-5dab57316f13/enormous-document-factory-scam-exposed
http://news.postimees.ee/3379293/passport-mafia-led-by-babushka
http://news.err.ee/v/news/927817f2-8c7c-435b-a9d9-bde9dc48d934/court-accepts-plea-bargains-in-large-scale-document-counterfeiting-case
http://news.postimees.ee/3996169/members-of-the-passport-mafia-stand-trial