Op­ti­ons for In­te­gra­ting eID and SAML

Hühn­lein, Det­lef, Jörg Schwenk, To­bi­as Wich, Vla­dis­lav Mla­de­nov, Flo­ri­an Feld­mann, An­dre­as Mayer, Schm­ölz, Jo­han­nes, Brueg­ger, Bud P., Horsch, Mo­ritz

CCS 2013 Post-Con­fe­rence Work­shop, Di­gi­tal Iden­ti­ty Ma­nage­ment (DIM)


Ab­stract

Se­ver­al Eu­ropean coun­tri­es cur­rent­ly in­tro­du­ce high­ly so­phis­ti­ca­ted eID func­tio­na­li­ty in their na­tio­nal iden­ti­ty cards. This func­tio­na­li­ty ty­pi­cal­ly has no di­rect re­la­ti­on to web se­cu­ri­ty stan­dards, but will be in­te­gra­ted with web tech­no­lo­gies to enable brow­ser-ba­sed ac­cess to cri­ti­cal re­sour­ces. The re­se­arch chal­len­ge to com­bi­ne eID pro­to­cols and web stan­dards like TLS in a se­cu­re way pro­ves ex­tre­me­ly chal­len­ging: The se­cu­ri­ty of many of the pro­po­sed sys­tems boils down to HTTP ses­si­on cook­ies and TLS ser­ver certi cates. The­re­fo­re, the over­all se­cu­ri­ty is not im­pro­ved and does not ju­s­ti­fy the ad­di­tio­nal costs. In this paper, we in­ves­ti­ga­te this se­cu­ri­ty chal­len­ge for the Ger­man na­tio­nal iden­ti­ty card and its eID func­tio­na­li­ty. We show that the so­lu­ti­on cur­rent­ly stan­dar­di­zed by the Ger­man go­vern­ment does not o er any ad­di­tio­nal se­cu­ri­ty, by gi­ving an in-depth ana­ly­sis of the com­ple­te soft­ware sys­tem. We di­s­cuss se­ver­al pos­si­ble paths to an en­han­ced so­lu­ti­on based on TLS chan­nel bin­dings. Fi­nal­ly, we de­scri­be a sys­tem setup based on the SAML Hol­der-of-Key Web Brow­ser Pro le, which also miti­ga­tes in­ter­ope­ra­bi­li­ty pro­blems.

Tags: eID Au­then­ti­ca­ti­on, Hol­der-of-Key, SAML, Sin­gle Sign-On, TLS Bin­ding