Electronic identity technical specifications (eIDAS)

Publish the 01 September 2015 Updated 01 September 2015

On July 23rd 2014, the European Parliament and of the Council adopted the regulation on electronic identification and trust services for electronic transactions in the internal market, also known as eIDAS regulation. It has been published in the Official Journal (OJ) of the European Union on August 28th 2014, under the reference No 910/2014.

This regulation provides a regulatory environment to Member States for identification means used on their national online services, but also those recognition of digital identities notified by other Member States.
In order to ease the adoption of this regulation, it is necessary to provide a specification framework defining the identification means. In this framework, the German and the French IT security agencies (namely BSI and ANSSI) have defined and published preliminary specifications for an eIDAS Token to address the proposed regulation. The European industry, leader in this sector, brought their support and know-how to insure interoperability and security of these products, to pave the way for European electronic transactions with high level of trust for European citizens.

The following figure describes how the specifications are organized:

The technical Report Signature creation and administration for eIDAS token (TR-SIGN) part 1 describes features associated to the electronic signature application (eSign), in particular:

  • Installation of electronic certificates
  • Public Key exportation
  • Life-cycle management for the application, its keys and user credentials (alphanumerical or biometric)
  • Initialization procedures for confidential codes and electronic certificates
  • The batch mode for secure signature creation
  • Support of multiple signature keys and user credentials

TR-SIGN part 1 relies on TR-Physical Authentication for all operations related to physical user credentials. As of now, the interoperability specification focuses on fingerprint biometry. TR-SIGN part 1 completely relies on TR 03110 for the authentication, rationalizing on state of the art secure authentication procedures used also in the e-Passport world.

The TR 03110 specification can be downloaded from the BSI web site: www.bsi.bund.de/eIDAS.

The Technical Report Concept and Test strategy for eIDAS token conformity testing describes the conformity testing framework for an eIDAS token. It is an umbrella document providing all pointers to conformity test specifications ensuring the interoperability of an eIDAS token. In particular, it relies on BSI TR 3105 (covering TR 03110) and TR-SIGN part 2 (covering the extended signature application described in TR-SIGN part 1).

 

PDF
Technical Report - Signature creation and administration for eIDAS token
PDF
Technical report - Concept And Test Strategy For eIDAS Token Conformity Testing v.1.0 draft 2
PDF
Technical report - Physical Authentication v.1