Cryptology ePrint Archive: Report 2021/910

SECDSA: Mobile signing and authentication under classical ``sole control''

Eric Verheul

Abstract: The 2014 European eIDAS regulation regulates strong electronic authentication and legally binding electronic signatures. Both require user "sole control". Historically smartcards are used based on direct interaction between user and relying party. Here sole control is provided by giving users both physical possession and control of the cryptographic key used for signing/authentication through a PIN. Such **classical** sole control is required in the 1999 electronic signature directive by some interpretations. The eIDAS regulation repeals the directive and explicitly relaxes its sole control requirements in a trade-off between security and usability. This allows user interaction to be outsourced to intermediary parties (authentication providers, signing services). This also allows mobile applications as user friendly alternatives for smartcards. However, current mobile platforms are only equipped with limited cryptographic hardware not supporting secure knowledge factors (PINs) controlling keys. The eIDAS relaxation raises concerns on sole control; intermediary parties should not be able to act as man-in-the-middle and impersonate users. In this paper we present a simple cryptographic design for signing and authentication on standard mobile platforms providing classical sole control. We argue that our design can meet the highest eIDAS requirements, effectively introducing a new signature category in a 2016 decision of the European Commission. We also sketch a SECDSA based implementation of the European Digital Identity Wallet recently proposed by the European Commission as part of the eIDAS regulation update.

Category / Keywords: applications / legally binding signing, limited cryptographic hardware, mobile platforms, sole control, non-repudiation, strong authentication

Date: received 4 Jul 2021, last revised 1 Aug 2021

Contact author: eric verheul at keycontrols nl

Available format(s): PDF | BibTeX Citation

Version: 20210801:160814 (All versions of this report)

Short URL: ia.cr/2021/910


[ Cryptology ePrint archive ]