Deutschland HSM for eID servers for the electronic ID card
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
D
electronic ID card
eutschland HSM
for eID servers for the
Secure Communications
Application Brochure | 01.00
R&S®CryptoServer D
eutschland HSM/3
Contents Public key infrastructures for the electronic
ID card........................................................................... 3
1.1 Country signing certificate authority
(CSCA PKI)......................................................... 3
This document describes the settings required 1.2 Country verifying certificate authority –
on the R&S®CryptoServer Deutschland HSM/3 electronic identity PKI (CVCA‑eID PKI).............. 4
1.2.1 Non-official DVCA or ACA................................. 5
hardware security module when used in
1.2.2 eID servers......................................................... 5
combination with an eID server to access the online
functionality supported by Germany's electronic R&S®CryptoServer....................................................... 6
ID card. It additionally provides an overview of the 2.1 User role concept.............................................. 7
official public key infrastructures for ePASS, eID and 2.2 Multi-client capability......................................... 8
2.3 Smart Cards....................................................... 8
eSIGN used in Germany. 2.4 Setting up and connecting the HSM................. 9
2.4.1 Powering up the HSM and setting the
IP address.......................................................... 9
2.4.1.1 Power-up............................................................ 9
2.4.1.2 IP configuration................................................. 9
A Rohde & Schwarz product 2.4.2 Running the CAT.jar and EIDKMT.jar manage‑
R&S®CryptoServer Deutschland HSM/3 ment programs and installing the card reader... 9
PCI card and LAN appliance 2.4.2.1 Java™ Runtime Environment............................ 9
2.4.2.2 ZIP archive with files for the eID interface......... 9
2.4.2.3 cyberJack card reader....................................... 9
2.4.3 Importing the eID firmware into the
Deutschland HSM........................................... 10
2.4.4 Creating new administrator accounts.............. 11
2.4.4.1 Creating RSA keys on Smart Cards................. 11
2.4.4.2 Creating new administrators and assigning
Smart Cards..................................................... 11
2.4.4.3 Deleting the default user ADMIN.................... 11
2.5 Administrator tasks.......................................... 12
2.5.1 Setting the time............................................... 12
2.5.2 Initializing Smart Cards.................................... 12
2.5.3 Creating users.................................................. 12
2.5.3.1 Key manager personalizer role......................... 13
2.5.3.2 Key manager role............................................. 14
2.5.3.3 Key user role.................................................... 15
2.6 Personalizer tasks............................................. 16
2.6.1 Domain parameters for importing elliptical
curves.............................................................. 16
2.6.2 Creating the key encryption key (AES KEK)..... 16
Appendix..................................................................... 17
3.1 Firmware.......................................................... 17
3.2 Abbreviations................................................... 18
3.3 References....................................................... 18
Ordering information................................................ 19
2
Public key The following public key infrastructures (PKIs) in Germany
support the electronic ID card:
❙❙ Country signing certificate authority (CSCA PKI)
infrastructures ❙❙ Country verifying certificate authority – electronic identity
(CVCA-eID PKI)
for the electronic The CVCA-eID has two certification authorities:
❙❙ An official document verifying certificate authority
(DVCA)
ID card ❙❙ A non-official or foreign DVCA, also known as the
authorization certificate authority (ACA)
In PKIs, hardware security modules (HSMs) such as the
R&S®CryptoServer do the following:
❙❙ Create and store secret keys securely
❙❙ Perform cryptographic functions using these secret keys
(e.g. encryption and signing)
❙❙ Provide organizational security mechanisms that secure
administrative processes, such as the four-eyes principle
This section provides a short overview of PKIs, how they
are organized, and the role they fulfill. More detailed in‑
formation can be found on the website of the German
Federal Office for Information Security at
https://www.bsi.bund.de/EN/Topics/ElectrIDDocuments/
eIDcard/eIDcard_node.html.
1.1 Country signing certificate authority
(CSCA PKI)
The CSCA PKI manages certificates used in various tasks,
including:
❙❙ Production of electronic ID documents (document signer
certificates)
❙❙ Creation of certificate revocation lists of compromised
devices and passports (master revocation lists)
❙❙ Securing of communications between sites (site
certificates)
The CSCA is the security anchor of Germany's official
ID documents. It is operated by the Federal Office for
Information Security (BSI). The CSCA's root certificate and
revocation list are of crucial importance and need to be
checked by eID servers.
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 3
1.2 Country verifying certificate authority –
electronic identity PKI (CVCA‑eID PKI)
As defined in [CP-eID], CVCA-eID PKI has two certification
authorities (CAs):
❙❙ An official document verifier CA (DVCA)
❙❙ A non-official or foreign DVCA, also known as an
authorization CA (ACA)
The two CAs communicate with the root of the CVCA‑eID
at the BSI over a common communications interface
(single point of contact, SPOC). eID servers are part of the
ACA, and can be operated directly by an internet service
provider or the provider can use the services of a special‑
ized eID service provider.
CVCA-eID PKI structure
CVCA-eID
root
BSI website
CVCA-eID PKD
Root (BSI)
SPOC
Official DVCA Non-official DVCA
Document verifier
DVCA ACA VfB
Integrated Distributed Offline Online
Terminal
EAC box Vending machine eID server (internal or external)
4
1.2.1 Non-official DVCA or ACA 1.2.2 eID servers
The non-official DVCA is an authorization certificate issuer The eID server extends an application server's identity
that authorizes the various ACAs. In Germany, this is the management (IDM) by adding support for the electronic
Federal Office of Administration (in German “VfB”). ID card's eID applications. To accomplish this, the eID
server needs to communicate with the ID card application
The ACA authorizes eID servers to access individual eID (known as the ”AusweisApp”) that accesses the electronic
applications supported by the electronic ID card. The elec‑ ID card, and with the public key infrastructure. The eID
tronic ID card supports the following eID applications: server uses the R&S®CryptoServer as a hardware security
❙❙ Readout of eID data module (HSM) to provide the encryption functionality for
❙❙ Verification of age and place of residence authorization certificates.
❙❙ Reloading for qualified electronic signatures
For detailed information on eID servers, see [TR-3130].
To use each of these applications, the eID server must au‑
thenticate itself to the electronic ID card using a special
authorization certificate. The certificate is only valid for a
limited period. Depending on the eID application for which
it is issued, an authorization certificate may be valid any‑
where from a few days to several months. When the cer‑
tificate expires, it must be renewed.
Details of certificate validity periods are given in section
6.3.2 of [CP-eID].
Systems that communicate with an eID server
Web application
server with/
Web server without IDM DB server
eID application
Service provider
CSCA Revocation list ACA
eID
server
PKI (CVCA/CSCA)
Key creation, storage, …
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 5
R&S®CryptoServer When used with an eID server, the R&S®CryptoServer per‑
forms the following tasks:
❙❙ Creation and storage of secret keys
❙❙ Creation of signatures
From a purely technical point of view, these are tasks
that could be carried out by any ordinary computer.
However, they are subject to rigorous security require‑
ments that call for a hardware security module (HSM)
such as the R&S®CryptoServer. The HSM enables keys
to be kept secret yet still be recognized as valid by the
electronic ID card. The keys are not allowed to leave the
R&S®CryptoServer, so the cryptographic functionality (digi‑
tal signatures) is performed on the HSM itself.
To ensure that keys remain stored securely, even during
special administrative tasks, the R&S®CryptoServer oper‑
ates with a user concept based on a strict division of roles
and the four-eyes principle.
The Deutschland HSM is a version of the
R&S®CryptoServer developed specially for use with the
electronic ID card.
The R&S®CryptoServer/Deutschland HSM (or
Deutschland HSM for short) is equipped with a special
random number generator and a Java-based eID server in‑
terface, referred to in the sections that follow simply as the
eID interface.
The R&S®CryptoServer/Deutschland HSM (PCI card).
6
2.1 User role concept ❙❙ RSA Smart Card: Another asymmetric method that
The Deutschland HSM user concept for eID servers is utilizes a user's RSA key stored on a Smart Card. In
based on separate user roles: contrast to the RSA signature method, it uses a PIN pad
❙❙ Administrators: Persons authorized to perform attached directly to the CryptoServer. Remote logon is
administrative tasks such as creating user accounts not possible
❙❙ Key manager personalizers: Persons responsible for
making fundamental cryptographic settings, such as The Deutschland HSM also supports the four-eyes prin‑
defining the AES KEK or loading the parameters for ciple. Settings can only be made if at least two users (four-
elliptical curve cryptography (ECC) eyes principle) or, in some cases, three users (six-eyes
❙❙ Key manager: A program that manages authorization principle) are logged on.
certificates for an eID server's clients
❙❙ Key user: The eID server that initiates the cryptographic The table below summarizes the various roles, authenti‑
functions (e.g. digital signature creation) cation methods and tasks for these roles when using the
Deutschland HSM.
There are three options for a user to authenticate him‑
self to the Deutschland HSM (see section 2.3.2.4 of
[SGCS-Admin]):
❙❙ HMAC password: A symmetric authentication method
in which the HMAC value of a random number is
computed, transmitted and compared. The password
serves as an HMAC key to determine the HMAC value
❙❙ RSA signature: An asymmetric authentication method
in which a random number is signed using a private
RSA key, transmitted, and then verified using a public
RSA key. The user's private RSA key that was generated
for this purpose is saved in a password-protected file
and/or on a Smart Card. The user's public RSA key is
stored in the CryptoServer
Roles and authentication methods
Role and logon level Recommended Users Tasks (selected)
authentication method
Administrator RSA signature At least two persons (better, ❙❙ Create user accounts
22000000 (on a Smart Card) three) ❙❙ Load firmware
using the four-eyes principle ❙❙ Set time
❙❙ Delete audit log
Key manager RSA Smart Card At least two persons (better, ❙❙ Generate AES KEK
personalizer using the four-eyes principle three) ❙❙ Load ECC domain parameters
00000200 ❙❙ Export and import signature keys securely
Key manager HMAC password Program (e.g. to request ❙❙ Create keys for certificate requests
00000020 using the four-eyes principle authorization certificates) ❙❙ Activate keys
❙❙ Export and import signature keys securely
Key user HMAC password Program (eID server) ❙❙ Create signatures
00000002 using the four-eyes principle ❙❙ Generate random numbers
❙❙ Multiply EC points
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 7
2.2 Multi-client capability 2.3 Smart Cards
The R&S®CryptoServer/Deutschland HSM is designed to In the Deutschland HSM's security concept, Smart Cards
protect the keys of multiple clients. It implements a sys‑ are used primarily for user authentication based on a com‑
tem of client assignment that links user accounts with bination of possession (the Smart Card) and knowledge
specific keys. (the Smart Card's PIN). In addition, Smart Cards are used
to store separate parts of the key encryption key (AES
When a user account is created, it is assigned an attribute KEK). An initial set of ten Smart Cards (plus a PIN pad) is
that makes client assignment possible. supplied with the LAN appliance of the Deutschland HSM.
If these users are key managers, they can later only create Additional Smart Cards must be purchased separately
keys for their assigned clients. Similarly, key users can only if required. The information provided in the table below
create signatures using keys that have been generated is based on the assumption that seven Smart Cards are
specifically for their client. in use.
Client assignment for user accounts and keys is controlled
by an entity attribute. Entities are entered as text and are
verified before cryptographic functions are executed.
Entities can include asterisks (*) and question marks (?) as
wild card characters. An asterisk stands for any number
of any characters; a question mark stands for any single
character.
Examples of users' client configuration
User account with entity attribute Processable keys For users having these roles (for example)
* All Key manager personalizer (AES KEK manager)
sampleco* All keys whose entity attribute begins Key manager
with “sampleco” (e.g. “sampleco-cert”,
“sampleco-certreq”)
sampleco-cert Only those keys with the entity attribute Key user
“sampleco-cert”
Use of Smart Cards
Smart Card number User authentication AES-KEK
1 to 3 3 administrators –
4 to 7 3 key manager personalizers 4 × key parts for “2 of 4”
8
2.4 Setting up and connecting the HSM To install files, simply replace the libraries stored locally
2.4.1 Powering up the HSM and setting the with the files contained in the downloaded ZIP archive and
IP address then restart the computer.
First install the Deutschland HSM LAN appliance in a
server cabinet, then connect it to the computer network 2.4.2.2 ZIP archive with files for the eID interface
and assign a valid IP configuration. The CAT.jar and EIDKMT.jar programs are shipped
in an archive file named eID.zip that is supplied by
2.4.1.1 Power-up Rohde & Schwarz SIT or Utimaco. The file also contains a
The Deutschland HSM LAN appliance has two power simulator, an interface description and eID firmware for
switches: one on the power supply unit on the rear, and the Deutschland HSM. To install the programs, unpack the
another behind the panel on the front. ZIP archive file and double-click the programs in Windows
Explorer. When CAT.jar and EIDKMT.jar are executed,
2.4.1.2 IP configuration they must be configured with the IP address of the target
On the LAN appliance, use the buttons and display to set Deutschland HSM (see section 2.4.1).
the IP address, subnet mask and gateway. The LAN ports
at the rear are arranged from left to right: Looking at the 2.4.2.3 cyberJack card reader
rear of the device, LAN port 1 is on the left and LAN port 2 The ReinerSCT cyberJack card reader that ships with
on the right. the Deutschland HSM LAN appliance can be connected
directly to the HSM's PS/2 port or to a USB port on the
2.4.2 Running the CAT.jar and EIDKMT.jar manage- administration computer. To install the card reader on the
ment programs and installing the card reader administration computer, simply connect it to a USB port.
The Deutschland HSM is managed using two programs: In the dialog box displayed by Windows Device Manager,
❙❙ CryptoServer administration tool (CAT.jar) select and install the cyberJack driver software contained
❙❙ eID key management tool (EIDKMT.jar) in the ZIP archive supplied with the Utimaco eID interface
description.
2.4.2.1 Java™ Runtime Environment
Both management programs are Java-based, so Oracle's Then run CAT.jar and choose the PIN pad type and port
Java™ Cryptography Extension (JCE) Unlimited Strength under File ▷ Settings on the PIN Pad tab.
Jurisdiction Policy Files 6 must be installed on the com‑
puter being used to manage the Deutschland HSM. For
legal reasons, these files are not shipped with the HSM,
but they can be downloaded free from the Oracle website.
CAT.jar: Setting the port type for the card reader.
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 9
2.4.3 Importing the eID firmware into the
Deutschland HSM
To import the eID firmware into the Deutschland HSM,
run CAT.jar and log onto the HSM as user ADMIN. This is
a default user account which authenticates itself to the
Deutschland HSM with the init_dev_prv.key key file token
(without a password). The key file token is included in the
ZIP archive file that contains the eID interface description.
Click the List All Files and List Firmware buttons to
display an overview of the firmware installed on the
Deutschland HSM. For the HSM to work with the elec‑
tronic ID card, the firmware has to include the eID mod‑
ule. A complete list of firmware modules is provided in
section 3.1.
To load the firmware, choose Firmware Management ▷
Setup CryptoServer. In the dialog box, select the firm‑
ware package and license file to load, and click Setup.
The firmware package and license file are included in the
ZIP archive file.
CAT.jar: Logon dialog for default user ADMIN.
CAT.jar: Loading eID firmware onto the Deutschland HSM.
102.4.4 Creating new administrator accounts Use the Add User button in User Management to add
Moving the Deutschland HSM into users' own crypto‑ three new user accounts as shown in the table below.
graphic domain involves creating user accounts for at When you click OK, you will be prompted to assign the
least two (preferably three) administrators who can, for RSA key previously created on a Smart Card to the user
example, set up user accounts using the four-eyes prin‑ account. To do this, Smart Card access must be legitimat‑
ciple. Administrators each have their own RSA key on a ed by entering a PIN. The default PIN is 123456. It can be
Smart Card which they use to authenticate themselves to changed in CAT.jar by using the following menu sequence
the Deutschland HSM (see section 2.1). Key Tools ▷ Smart Card Management ▷ Change PIN.
2.4.4.1 Creating RSA keys on Smart Cards 2.4.4.3 Deleting the default user ADMIN
Run CAT.jar and use the menu sequence Key Tools ▷ Once the administrator accounts have been created, the
Smart Card Management ▷ Generate to initialize the pre-configured default user ADMIN should be deleted us‑
three Smart Cards as shown in the table below. ing the Delete User button in User Management.
2.4.4.2 Creating new administrators and assigning
Smart Cards
Next, sign onto the Deutschland HSM using the default
user ADMIN. This default user account authenticates itself
to the Deutschland HSM using the init_dev_prv.key key file
token (without a password). The key file token is included
in the ZIP archive file that contains the Utimaco eID inter‑
face description.
CAT.jar: Deleting the default
user ADMIN.
CAT.jar: Generating RSA keys for administrators (initializing administrator Smart Cards)
Key Tools ▷ Smart Card Management ▷ Generate
Parameter Smart Card 1 Smart Card 2 Smart Card 3
RSA (selected) (selected) (selected)
Key info e.g. Admin 1 e.g. Admin 2 e.g. Admin 3
RSA key size 2048 bit 2048 bit 2048 bit
Number of backups 0 0 0
CAT.jar: Creating administrators (parameters for new administrators)
User Management ▷ Add User
Parameter Administrator 1 Administrator 2 Administrator 3
User profile Customized Customized Customized
Name of new user e.g. Admin 1 e.g. Admin 2 e.g. Admin 3
Authentication mechanisms RSA signature RSA signature RSA signature
Hash method Default Default Default
Group(s) of new users 11000000 11000000 11000000
(see section 2.3 in [SGCS-Admin]) (see section 2.3 in [SGCS-Admin]) (see section 2.3 in [SGCS-Admin])
Static login allowed No No No
Secure messaging Without authentication Without authentication Without authentication
Attributes
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 112.5 Administrator tasks To write information to a Smart Card, a Smart Card PIN
Subsequent administrative tasks can only be conducted has to be entered at the card reader on the administration
if two of the previously created administrators are logged computer. The default PIN is 123456. It can be changed
onto the Deutschland HSM with their Smart Cards (see in CAT.jar using the menu sequence Key Tools ▷ Smart
section 2.4.4). CAT.jar is used to change the date and time Card Management.
and to initialize more Smart Cards. Additional user ac‑
counts can then be set up using EIDKMT.jar. 2.5.3 Creating users
Run EIDKMT.jar to manage user accounts. Right
2.5.1 Setting the time click to open the popup menu. Go to the Devices tab
The date and time settings should be checked and on the left side of the window to add and configure
changed if necessary. Run CAT.jar and choose the menu Deutschland HSM devices. The specifier is the IP address
sequence Firmware Management ▷ Set Time. for LAN appliances or the slot in which the card is installed
(e.g. “PCI:0” or “/dev/cs2a”) for PCI cards.
2.5.2 Initializing Smart Cards
The following explanations are based on using Smart To create users, at least two of the created adminis‑
Cards to authenticate to the Deutschland HSM (see table trators (see section 2.4.4) must be logged onto the
in section 2.3). Three Smart Cards are created for the three Deutschland HSM with their Smart Cards by clicking the
users who have the role of key manager personalizer ac‑ Logon button on the toolbar. Then click the Add button.
cording to the four-eye principle.
Run CAT.jar and initialize the Smart Cards by choosing the
menu sequence Key Tools ▷ Smart Card Management
▷ Generate as shown in the table below.
EIDKMT.jar: Administrator logon.
CAT.jar: Initializing Smart Cards for key manager personalizers
Key Tools ▷ Smart Card Management ▷ Generate
Parameter Personalizer 1 Personalizer 2 Personalizer 3
RSA (selected) (selected) (selected)
Key info e.g. Personalizer 1 e.g. Personalizer 2 e.g. Personalizer 3
sRSA key size 2048 bit 2048 bit 2048 bit
No. of backups 0 0 0
122.5.3.1 Key manager personalizer role
Users assigned the role of key manager personalizer are
responsible for creating a key encryption key (KEK) for the
Deutschland HSM and are known as AES KEK managers.
To use the four-eyes principle, three AES KEK managers
must be created as shown in the table below and assigned
to the three initialized Smart Cards (see section 2.5.2).
Choose RSA Smart Card (MECH_RSA_SC) as the authen‑
tication method for AES KEK managers. This method only
permits authentication via a card reader connected directly
to the Deutschland HSM. If the card reader supplied is
still connected to the computer on which the Smart Cards
were initialized in CAT.jar, then it must be disconnected
and attached directly to the Deutschland HSM to create
the users. Assign each AES KEK manager a Smart Card.
EIDKMT.jar: Creating the AES-KEK-Manager1 user account.
EIDKMT.jar: User parameters for key manager personalizers (AES KEK managers)
Logon ▷ Add
Name AES-KEK-Manager1 AES-KEK-Manager2 AES-KEK-Manager3
Entity * * *
Permissions 00000100 00000100 00000100
Flags deny static login deny static login deny static login
Mechanism MECH_RSA_SC MECH_RSA_SC MECH_RSA_SC
Key source :CS2:cyb:COM1 :CS2:cyb:COM1 :CS2:cyb:COM1
(PIN pad on Deutschland HSM) (PIN pad on Deutschland HSM) (PIN pad on Deutschland HSM)
Password
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 132.5.3.2 Key manager role
Although only one group of AES KEK managers (person‑
alizers) is needed per Deutschland HSM, separate users
for the Key Manager and Key User roles need to be cre‑
ated for each Deutschland HSM client. For instance, if two
companies – SampleCo and DummyCo – are sharing an
eID server, key managers must be created as follows for
both organizations in order to support the two-person rule:
❙❙ Key-Manager 1-SampleCo
❙❙ Key-Manager 2-SampleCo
❙❙ Key-Manager 1-DummyCo
❙❙ Key-Manager 2-DummyCo
The table below shows the two key managers that are to
be created for the client SampleCo. The entry in the entity
field indicates the client for the user account. This informa‑
tion is later compared with the entry attribute of the key
(see section 2.2).
The user names and passwords assigned are used to
authenticate the users or the eID server program to the
Deutschland HSM.
EIDKMT.jar: Creating the Key-Manager 1-SampleCo user
account.
EIDKMT.jar: User parameters for key managers for the client SampleCo
Logon ▷ Add
Name Key-Manager 1-SampleCo Key-Manager 2-SampleCo
Entity sampleco* sampleco*
Permissions 00000010 00000010
Flags deny static login deny static login
Mechanism MECH_HMAC_PWD MECH_HMAC_PWD
Key Source
Password password of first key manager password of second key manager
142.5.3.3 Key user role
Key users supporting the four-eyes-principle must also
be defined for each client. Key users can only access
their own user-specific keys and not all keys of the client.
Access is controlled by refining the entity attribute. In this
example, the entity attributes have been set to the string
“sampleco-cert” so that the eID server program's user
account can be used to request authorization certificates
for the client.
The table shows the parameters for the SampleCo client's
two key users. The two user names (User 1-SampleCo and
User 2-SampleCo) and their passwords must be assigned
to the eID server program so that they can authenticate
themselves to the Deutschland HSM.
EIDKMT.jar: Creating the User1-SampleCo user account.
EIDKMT.jar: Key user parameters for requesting a certificate (cert)
Logon ▷ Add
Name User1-SampleCo User 2-SampleCo
Entity sampleco-cert sampleco-cert
Permissions 00000001 00000001
Flags deny static login deny static login
Mechanism MECH_HMAC_PWD MECH_HMAC_PWD
Key Source
Password password of first key user password of second key user
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 152.6 Personalizer tasks 2.6.2 Creating the key encryption key (AES KEK)
Personalizers (AES KEK managers) have the following The AES KEK is used during runtime to encrypt the sig‑
tasks: nature keys created and stored in the Deutschland HSM
❙❙ Importing domain parameters for the elliptical curves before they are exported. The signature keys can then
used for signatures be transferred securely and imported into another
❙❙ Managing the AES KEK Deutschland HSM. However, for this to function, the
other Deutschland HSM must also possess the AES
They perform both of these tasks using the EIDKMT.jar pro‑ KEK. For this reason, a generated AES KEK can be stored
gram. EIDKMT.jar must be started, and at least two of the once on the AES KEK managers' Smart Cards using the
three personalizers (AES KEK managers) must log on. To split key procedure. The AES KEK must be written to
log on, they need to insert their Smart Cards into the card the cards using a card reader connected directly to the
reader, and the card reader must be connected directly to Deutschland HSM. With at least two AES KEK managers
the Deutschland HSM. logged onto the Deutschland HSM, select the Generate
KEK function on the popup menu (right click) to gener‑
2.6.1 Domain parameters for importing elliptical ate the key encryption key as shown in the table below
curves and split it among the Smart Cards. Once it has been cre‑
At least two AES KEK managers (personalizers) must be ated, the AES KEK is split into a specified number of parts
logged onto the Deutschland HSM in order to import do‑ (”N”), and the parts are sent to separate Smart Cards. This
main parameters. The import can then be started from the requires the PIN pad, which must be connected directly
popup menu (right click) using the Import EC Domain to the COM port on the Deutschland HSM. The AES KEK
Parameter function. Currently, 256 bit keys must be used managers' own Smart Cards can be used to store the key
for the eID server (see section 6.1.1 of [CP-eID]). parts. This will not overwrite their personal authentication
keys.
EIDKMT.jar: Generating an AES KEK.
EIDKMT.jar: AES KEK parameters
"Generate KEK"
Parameter Value
Size 256
Name User-defined (e.g. AES-KEK1)
Entity *
Expiration date Expiration date in the format yymmdd
K K of N key parts (Smart Cards) are needed in order to import an AES KEK into another Deutschland HSM
N
16Appendix
3.1 Firmware
The firmware currently installed on the Deutschland HSM can be read out and displayed by clicking the List Firmware
and List All Files buttons in the CAT.jar management program. A Deutschland HSM/3 with the following firmware
modules is needed to work with the electronic ID card.
Deutschland HSM/3 firmware modules
Module File name Version 1)
Bootloader Bootloader 2.5.1.0
System firmware modules Utility module util_3.0.0.3_c86.mtc 3.0.0.3
SMOS operating system smos_2.5.0.6_c86.mtc 2.5.0.6
Administration module adm_3.0.2.0_c86.mtc 3.0.2.0
Command scheduler cmds_3.0.1.0_c86.mtc 3.0.1.0
Hash module hash_1.0.6.0_c86.mtc 1.0.6.0
Long number arithmetic version lna_1.1.0.0_c64.mtc 1.1.0.0
AES module aes_1.0.5.0_c86.mtc 1.0.5.0
ECDSA module ecdsa_1.1.0.0_c86.mtc 1.1.0.0
RSA module vrsa_1.1.0.4_c86.mtc 1.1.0.4
Database module db_1.1.2.4_c86.mtc 1.1.2.4
Elliptic curve arithmetic eca_1.1.1.0_c86.mtc 1.1.1.0
DES module vdes_1.0.3.0_c86.mtc 1.0.3.0
Standard firmware modules Smart Card module sc_1.2.0.0_c86.mtc 1.2.0.0
Master box key module mbk_2.2.0.1_c86.mtc 2.2.0.1
Asn1 module asn1_1.0.3.3_c86.mtc 1.0.3.3
PIN pad driver pp_1.2.3.1_c86.mtc 1.2.3.1
Applications Electronic ID module eid_1.0.2.0_c86.mtc 1.0.2.0
1)
At time of printing; certified version may differ.
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 173.2 Abbreviations
Abbreviations
ACA Authorization CA
AES Advanced Encryption Standard (encryption algorithm)
AES KEK Key Encryption Key using AES encryption
BSI German Federal Office for Information Security
CA Certificate Authority (of a PKI)
CAT(.jar) CryptoServer Administration Tool (file extension for Java Archive)
CP Certificate Policy
CSCA Country Signing CA
CVCA Country Verifying CA
DVCA Document Verifying CA
EAC Extended Access Control
ECC Elliptic Curve Cryptology
eID Electronic Identity card
EIDKMT(.jar) eID Key Management Tool (file extension for Java Archive)
HMAC Hash-based Message Authentication Code
HSM Hardware Security Module
IDM Identity Management
KEK Key Encryption Key
PIN Personal Identification Number
PKD Public Key Directory
PKI Public Key Infrastructure
QES Qualified Electronic Signature
R&S Rohde & Schwarz
TG Technical Guideline (BSI)
VfB German Authority for Authorization Certificates (German: “Vergabestelle für Berechtigungszertifikate”)
3.3 References
References
Der neue Personalausweis – Anwenderhandbuch für Wirtschaft und Verwaltung (The Electronic Identity Card – User Guide
for Business and Public Authorities, in German)
(http://www.personalausweisportal.de/cln_164/DE/Partner-werden/Diensteanbieter/diensteanbieter_node.html)
[CP-eID] Certificate Policy für die eID-Anwendung des ePA, Version 1.26, October 14, 2010 (BSI)
(Certificate Policy for the eID Feature of the Electronic ID Card, in German)
[SGCSE-Admin] SafeGuard® CryptoServer Manual for System Administrators
[TR-3110] Technical Guideline “Advanced Security Mechanisms for Machine Readable Travel Documents”,
Version 2.0.5, October 14, 2010 (BSI)
[TR-3116-2] Technische Richtlinie “eCard-Projekte der Bundesregierung”
(Technical Guideline for Federal Government eCard Projects, in German), 2010 Edition, Revision 1 (BSI)
[TR-3127] Architecture electronic Identity Card and electronic Resident Permit (informative translation)
[TR-3128] EAC-PKI’n für den elektronischen Personalausweis (EAC PKIs for the Electronic ID Card, in German),
Version 1.1, October 8, 2010 (BSI)
[TR-3129] PKIs for Machine Readable Travel Documents, Version 1.10, November 9, 2009
[TR-3130] Technische Richtlinie eID-Server (Technical Guidelines on eID Servers, in German), Version 1.4.1, October 8, 2010 (BSI)
18Ordering information
Designation Type Order No.
R&S®CryptoServer/Deutschland HSM
CC certification and BSI approval pending; deployable for eID servers, control systems, revocation services and electronic order placement systems;
all models are based on PCI cards
PCI card, Deutschland HSM/3 CS10 PCI 5414.1300.22
performance level: 125 ECC signatures (256 bit) per second
PCI card, Deutschland HSM/3 CS50 PCI 5414.1300.23
performance level: 1000 ECC signatures (256 bit) per second
LAN appliance, including 1 PIN pad and 10 Smart Cards Deutschland HSM/3 CS10 LAN 5414.1300.26
performance level: 125 ECC signature (256 bit) per second
LAN appliance, including 1 PIN pad and 10 Smart Cards Deutschland HSM/3 CS50 LAN 5414.1300.27
performance level: 780 ECC signatures (256 bit) per second
R&S®CryptoServer accessories
PIN Pad R&S®CryptoServer PIN Pad 5414.1322.02
Smart Card R&S®CryptoServer Smart Card 5414.1322.03
Large External Backup Battery for the R&S®CryptoServer PCI and PCIe R&S®CryptoServer Backup Battery 5414.1322.04
PCI/PCIe
Small On-Board Spare Battery for the R&S®CryptoServer PCI and PCIe R&S®CryptoServer Spare Battery 5414.1322.05
PCI/PCIe
Large On-Board Spare Battery for the R&S®CryptoServer LAN R&S®CryptoServer Spare Battery 5414.1322.06
LAN
The R&S®CryptoServer front panel, LAN appliance.
The R&S®CryptoServer rear panel, LAN appliance.
Rohde & Schwarz Deutschland HSM for eID servers for the electronic ID car 19About Rohde & Schwarz
Service you can rely on Rohde & Schwarz is an independent group of companies
J Worldwide specializing in electronics. It is a leading supplier of solu‑
J Local and personalized tions in the fields of test and measurement, broadcasting,
J Customized and flexible
J Uncompromising quality radiomonitoring and radiolocation, as well as secure
J Long-term dependability communications. Established more than 75 years ago,
Rohde & Schwarz has a global presence and a dedicated
service network in over 70 countries. Company headquar‑
ters are in Munich, Germany.
Environmental commitment
❙❙ Energy-efficient products
❙❙ Continuous improvement in environmental sustainability
❙❙ ISO 14001-certified environmental management system
Certified Quality System
ISO 9001
Rohde & Schwarz SIT GmbH
Am Studio 3 | D-12489 Berlin
Phone +49 30 65884-223 | Fax +49 30 65884-184
E-Mail: info.sit@rohde-schwarz.com
www.sit.rohde-schwarz.com
www.rohde-schwarz.com
Regional contact
❙❙ Europe, Africa, Middle East
+49 89 4129 123 45
customersupport@rohde-schwarz.com
❙❙ North America
1 888 TEST RSA (1 888 837 87 72)
customer.support@rsa.rohde-schwarz.com
❙❙ Latin America
+1 410 910 79 88
customersupport.la@rohde-schwarz.com
❙❙ Asia/Pacific
+65 65 13 04 88
customersupport.asia@rohde-schwarz.com
R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG
Trade names are trademarks of the owners | Printed in Germany (ch)
PD 5214.5678.92 | Version 01.00 | July 2011 | R&S®CryptoServer
Data without tolerance limits is not binding | Subject to change
© 2011 Rohde & Schwarz GmbH & Co. KG | 81671 München, Germany
5214567892You can also read
