Manufacturer of Estonian ID-cards Gemalto ignored security requirements, find experts who proved the latest security fault. To avoid long queues, machines were programmed to generate ID-card encryption keys in a less secure way. The manufacturer denies wrongdoing but could be looking at a lawsuit.
The Estonian ID-card was hit by its second security scandal inside the past year when the State Information System’s Authority (RIA) and the Police and Border Guard Board (PPA) revealed that the secret encryption keys of more than 70,000 ID-cards have been generated outside the chip and transferred onto the cards.
There are some 12,500 such cards still out there today. People will be given two more weeks in which to replace the cards after which their certificates will be revoked, and the cards can no longer be used to access e-services.
RIA was told about the vulnerability in February of last year when University of Tartu researcher Arnis Paršovs shared the results of his analysis with the agency.
Paršovs came across two ID-cards sporting similar public keys. That is in conflict with the fundamentals of ID-card security policy which led to the suspicion that keys could only have been generated outside chips.
“It is a procedural mistake pure and simple,” said head of the eID department at RIA, Margus Arm. It turned out that chip manufacturer Gemalto had set up the PPA’s machines to generate keys outside chips.
A stolen key would give the perpetrator a theoretical chance to enter e-services without the victim’s ID-card or PIN numbers. No such cases have been reported.
To save time
Verifying the vulnerability took nearly 18 months as RIA did not take Paršovs at his word. Last summer saw the ID-card security crisis when a group of Czech scientists found the widely used chip suffered from the so-called ROCA weakness. When the vulnerability was addressed a few months later, RIA tasked its partner AS Cybernetica with verifying Paršovs’ claim. Cybernetica and University of Tartu researchers found that the keys of 74,581 ID-cards had been generated outside the chip.
Cybernetica CDO Arne Ansper said that Paršovs, like the Czech researchers, looked at public keys of the Estonian ID-card to find uniformity. It is possible to determine which device or program generated the public key just by looking at it.
“The most interesting thing was that some public keys matched one for one. Two cards being able to generate the exact same key cannot be explained,” Ansper said.
Next, Cybernetica analyzed public keys using statistical methods and discovered a set of similar characteristics with chips from the generation before last that had been updated at PPA service bureaus. Estonia’s contract with the manufacturer states that keys must be generated on the chip and that private encryption keys must never leave it.
Published by ” Postimees “