OpenSSL Conference

Every digital identity wallet needs to use cryptographic key pairs, in order to participate in OpenID4VCI, OpenID4VP and ISO mDL protocols. Naturally, this leads to a question, how to protect those keys and where to keep them. Mobile platforms (Android, IOS) do offer key vaults, such as KeyStore and KeyChains, but the security of such consumer solutions has not been sufficiently evaluated for national identity and EUDI applications. This talk introduces an alternative key protection method for EUDI wallets that does not use mobile platform services, on-device hardware secure elements, and neither relies entirely on wallet provider and vendor controlled remote HSMs. eIDAS2 and EUDI wallets require user's sole control, which is difficult to achieve with remote HSMs. Current state of art for remote HSMs goes up to SCAL2 level (as described by standard CEN 419241-1), but this is achieved with organisational security measures, which need to be periodically audited and which could still be a weak point, compared to mathematically proven cryptography.

Threshold cryptography allows us to distribute private key material between multiple locations and perform cryptographic operations without combining the shares in a single location. Thus, one can keep one share of private key material inside the phone and other share of private key material at server-side. The property of user's sole control is achieved by leaving one share of the private key in user's phone, making the service provider unable to create a user's signature without that user's participation. Threshold two-party signing protocols are the basis of "server-assisted signatures", which minimize the user's mental load in protecting the key from misuse, while mitigating offline and online bruteforce attacks against the smartphone platform. One example of such technology has been well used in production, with eIDAS1 eID means for authentication and qualified electronic signatures, already for 5+ years. As a recent breakthrough, we have combined threshold cryptography with EUDI wallets for protecting the wallet holder's key pairs. We have also extended the technology from the RSA signature algorithm to PQC algorithms.

For server-assisted signatures in postquantum-secure wallets, we need threshold postquantum-secure signatures. In our talk, we will give an overview of lattice-based threshold signature schemes, with main attention given to their performance and the details of their deployment. Even though the interoperability requirements are less for authentication than they are for digital signatures (this is something that we will also give attention in the talk), we also discuss the thresholdability of standardized postquantum-secure signature schemes. We show how ML-DSA can be thresholdized. It turns out that this thresholdization introduces an extra party - the Correlated Randomness Provider - with certain trust and limited availability requirements. We will hence discuss how the deployment is affected, and what is the performance of (2+1)-party threshold ML-DSA.

The talk finishes by giving an overview of EUDIW certification requirements and explaining certification pathways for threshold crypto based products. For eIDAS2 and CRA regulated products, we would need to follow EUCC approach and be compliant with existing and to-be-modified PPs (CEN 419 221-5, CEN 419241-2) and upcoming WSCA PP, which is currently being developed in CEN/CENELEC TC224 WG17.