Abstract
In this paper, we report the results of the formal analysis performed on the Estonian Mobile-ID protocol (deployed since 2008), allowing citizens and permanent residents of Estonia to authenticate themselves and issue digital signatures with the help of a signature-capable SIM-card inside their mobile phone. We analyze the resiliency of the protocol to network attacks under various threat models (compromised infrastructure, client application, etc., confusing user interface) and give suggestions for improvement.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abadi, M., Blanchet, B.: Computer-Assisted Verification of a Protocol for Certified Email. In: Cousot, R. (ed.) SAS 2003. LNCS, vol. 2694, pp. 316–335. Springer, Heidelberg (2003)
Abadi, M., Blanchet, B., Fournet, C.: Just Fast Keying in the Pi Calculus. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 340–354. Springer, Heidelberg (2004)
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), London, UK, January 2001, pp. 104–115 (2001)
AS Sertifitseerimiskeskus. DigiDocService specification, v. 2.122, April 24 (2007), http://www.sk.ee/files/DigiDocService_spec_eng.pdf
Backes, M., Hritcu, C., Maffei, M.: Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus. In: 21st IEEE Computer Security Foundations Symposium, CSF 2008, Pittsburgh, Pennsylvania, June 2008, pp. 195–209 (2008)
Backes, M., Maffei, M., Unruh, D.: Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol. In: 2008 IEEE Symposium on Security and Privacy, May 2008, pp. 202–215 (2008)
Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW-14), Cape Breton, Nova Scotia, Canada, June 2001, pp. 82–96 (2001)
Blanchet, B.: From Secrecy to Authenticity in Security Protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 342–359. Springer, Heidelberg (2002)
Blanchet, B., Chaudhuri, A.: Automated Formal Analysis of a Protocol for Secure File Sharing on Untrusted Storage. In: IEEE Symposium on Security and Privacy, Oakland, CA, May 2008, pp. 417–431 (2008)
Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol, Version 1.1. IETF Network Working Group, RFC 4346 (April 2006)
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–207 (1983)
Gajek, S., Manulis, M., Pereira, O., Sadeghi, A.-R., Schwenk, J.: Universally Composable Security Analysis of TLS. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 313–327. Springer, Heidelberg (2008)
Golovanov, S., Gostev, A., Maslennikov, D.: Kaspersky Security Bulletin 2008: Malware Evolution (January- June 2008), http://www.viruslist.com/en/analysis?pubid=204792034#9
Haack, C.: Verification of Security Protocols, ProVerif’s Resolution Method, lecture slides (March 2008), http://www.cs.ru.nl/~chaack/teaching/2IF02-Spring08/
idBlog. EMT Launches the Mobiil-ID Service, May 2 (2007), http://www.id.ee/blog_en/?p=20
ID.ee. Mobile-ID main page, November 20 (2008), http://www.id.ee/10995
Kremer, S., Ryan, M.: Analysis of an Electronic Voting Protocol in the Applied Pi Calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)
Mao, W.: Modern Cryptography: Theory and Practice. Prentice Hall, Englewood Cliffs (2003)
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. IETF Network Working Group, RFC 2560 (June 1999)
Šablinskas, R.: Summary of Mobile-ID launch in Lithuania. Minutes of the Baltic WPKI Forum Steering Committee, October 31 (2007), http://wpki.eu/Launch-of-mobile-ES-BalticWPKI.pdf
Security Analysis of Mobile ID (Summary, in Estonian). Ordered by Department of State Information Systems, fulfilled by Jaak Tepandi, July 11 (2008), http://www.riso.ee/et/files/MOBIIL-ID_kokkuvote_11-07-2008.pdf
Carst Tankink, Pim Vullers. Verification of the TLS Handshake protocol, May 20 (2008), http://www.cs.ru.nl/~chaack/teaching/2IF02-Spring08/tv-report.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Laud, P., Roos, M. (2009). Formal Analysis of the Estonian Mobile-ID Protocol. In: Jøsang, A., Maseng, T., Knapskog, S.J. (eds) Identity and Privacy in the Internet Age. NordSec 2009. Lecture Notes in Computer Science, vol 5838. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04766-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-04766-4_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04765-7
Online ISBN: 978-3-642-04766-4
eBook Packages: Computer ScienceComputer Science (R0)