UT Institute of Computer Science Graduation Theses Topics Registry

Organization

Cybersecurity

Abstract

Estonian ID card provides file encryption use case, allowing to encrypt files such that only the respective cardholder can decrypt them. The recent vulnerability affecting the security of ID card private keys compromised the confidentiality of the data encrypted for the affected ID cards. The aim of the thesis is to propose technical solution that would provide forward secrecy feature for the current ID card encryption scheme, i.e., preserve the confidentiality of encrypted data even after the cardholder's private key is compromised.

The solution would involve additional trusted parties holding shares of the symmetric data encryption key, which would be dispensed after authenticating the cardholder. The confidentiality of the shares could be protected using various encryption schemes, including quantum-safe algorithms, thereby providing post-quantum security for the ID card encryption scheme. The result of the thesis should be detailed description of the protocol and the security analysis describing the threat model under which the scheme is secure. As an additional contribution, the proof-of-concept software implementation can be presented.

Links:
Technical specification of currently used file encryption scheme: https://www.id.ee/public/SK-CDOC-1.0-20120625_EN.pdf

Graduation Theses defence year

2018-2019

Supervisor

Arnis Paršovs

Spoken language (s)

English

Requirements for candidates

Level

Keywords

#acs

 

Name

Arnis Paršovs

Phone

E-mail

See more