Sarinay GmbH Blog - Root certificates, eIDAS and the commendable laws of mathematics

A couple of months ago, many members of the cybersecurity community urged EU legislators to reconsider parts of the future eIDAS regulation. Since 2021, opposition has repeatedly been voiced by the industry, academia and NGOs.

The experts criticize the plan to mandate the (unconditional) inclusion of government-approved certificate authorities in the trust stores of all web browsers and thus shift control from tech companies towards governments.

The approach to anonymous credentials within digital wallets is also of concern. The regulation shall enable privacy-preserving technologies in certain scenarios, many in the cybersecurity community prefer to make them mandatory.

It appears that the EU refuses to budge and the scientists are not happy. Neither am I, but for different reasons.

Browsers vs. governments

According to the November letter, once browsers are forced to trust certificate authorities designated by governments, we are all in danger. Mass surveillance abounds. Any EU government will be able to generate arbitrary TLS certificates and intercept any communication between a browser and a web server.

Active man-in-the-middle attacks are precisely what TLS and the corresponding PKI are designed to prevent. A rogue certificate makes the attacks possible, not necessarily trivial. Bulgarian government (say) trying to intercept an e-banking session between a French client and their Dutch bank still has some work to do. Because the rogue certificate has to be revealed to the victim, there exists a (minuscule) chance of getting caught. If any government attempts such attacks on a mass scale, we will likely find out.

Even though the Article 45 bans browsers from implementing security measures beyond what the EU authorities consider reasonable, one can still operate a sort of a TLS observatory in parallel. Certificate transparency, if implemented by the individual certificate authorities, can also help detect attacks.

Impersonating clients

Article 45 only imposes root certificates on browsers, servers are not affected. One could imagine countering some "dangers" of the updated regulation by the use of client certificates or other authentication methods tied to the TLS session. Even if the government could impersonate a bank (say), they could not possibly impersonate the client. Certainly not in the context of mutual TLS authentication.

The above is a mere thought experiment, not a serious proposal to work around the (perceived) bug that allows impersonation of servers. Let us not forget that there is a feature that allows governments to impersonate clients. After all, government-approved electronic identity is the main point of the eIDAS regulation. The EU digital identity wallet will be voluntary for citizens but mandatory for all sorts of service providers. Why bother with an active man-in-the-middle attack, when any EU government can simply impersonate you on-line to access all sorts of private data?

If Article 45 really is a concern, there is a lot more to be worried about.

Governments are powerful

The ability to impersonate people exists right now, it is not about to be introduced by the updated eIDAS regulation. Across the union, a qualified electronic signature is equivalent to a handwritten signature. Any EU government could have a rogue qualified signature certificate issued and sign all sorts of contracts in your name. Combine this with the (presumed) ability to perform active network attacks and they could probably obtain a "proper" TLS certificate from an independent certificate authority.

A government is by definition also able to "fake" all sorts of official documents including passports. That would certainly be against the law. So is abuse of Article 45.

Who are the watchmen?

The current system of trust ultimately controlled by browsers has so far served us reasonably well. We have learned to trust the good folks programming our browsers. It is probably not necessary to restrain them by means of Article 45 and equip EU governments with new powers. Would it be dangerous? Probably not. All sorts of things are regulated, many for a reason.

Given the track record of some European governments, it might make sense not to trust them. For similar reasons, it might make sense not to trust browser makers either. I cannot tell. The Article 45 does not matter much.

Anonymous credentials vs. mathematics

A digital credential, much like a X.509 certificate, contains information identifying the holder (e.g. Name, Date of birth) and a digital signature over the attributes computed by the issuing authority. The holder presenting such a credential needs to be able to prove that they are indeed the person the credential was issued to. This is typically achieved by including a public key of the holder in the data the issuer signs. During authentication, the holder proves the knowledge of the corresponding private key, for example by signing a piece of data tied to a particular session.

Repeated presentations of such a basic credential are easy to recognize. The information identifying the holder or the personal public key are likely to remain stable, any change would require re-issuance of the credential. The value of the digital signature can also typically only change through re-issuance.

The considerable stability of credentials has privacy implications. Persistent identifiers can be used to track holders. The tracking can only ever be prevented if the data revealed during a presentation can be reduced to a level that no longer identifies the holder. There are straightforward ways to achieve such selective disclosure using standard cryptography.

Achieving the effects of variable issuer signatures or personal key material in a practical way without credential re-issuance is an open problem.

Legislating scientific progress

The eIDAS regulation recognizes the need for privacy preserving techniques and recommends (as in "the framework shall enable") their use whenever identification of the holder is not required. Given that few practical solutions exist, this makes perfect sense.

Should the regulation be more ambitious and mandate unlinkability? The signatories to the open letter(s) think so and suggest state-of-the-art technologies such as anonymous credentials that have been developed more than 20 years ago.

Anonymous credentials have indeed existed for a few decades. Related (simpler) protocols such as Direct Anonymous Attestation (DAA) and Enhanced Privacy ID (EPID) are supported by a vast number of devices, but do not seem to be used much.

Modern anonymous credentials employ variants of BBS signatures, a scheme always worth another look. The signatures rely on the hardness of an arguably contrived computational problem (q-Strong Diffie-Hellman) known to be easy on a quantum computer. There appears to be no practical post-quantum alternative on the horizon. (Practical) revocation of anonymous credentials also remains complicated. Further research will likely alleviate these problems. But can we really expect the EU to adopt a rule today that would soon mandate the use of anonymous credentials?

Every now and then, governments resurrect the idea of backdooring encrypted communication for the sake of law enforcement. They are usually reminded by the cybersecurity community that legislation cannot magically override the laws of mathematics. The recent call for changes to the regulation appears to go the other way round. The EU is expected to mandate the use of technology that does not yet exist.

Encryption backdoors cannot possibly work, anonymous credentials probably will one day. The change proposed in the open letters would therefore not lead to an outright contradiction, yet it is more appropriate to encourage and enable rather than require the use of such privacy-preserving techniques.

Anonymous identification

Imagine we are given a digital wallet with a government-issued anonymous credential. It is possible to only reveal the (subset of) attributes strictly necessary for a particular use case. There are no persistent identifiers, it is impossible to even recognize repeated presentations of the same credential.

What can this "ideal" credential be used for? An example that keeps popping up involves proving that you are an adult when accessing on-line content. One need not consider related scenarios such as accessing physical venues or ordering goods, as they expose other persistent identifiers anyway. Most transactions that involve a payment appear to be out of scope, certainly if they only involve business entities. Even if you participate in a commercial transaction as a natural person, you cannot be "too anonymous". Besides the universal risk of "money laundering" there are simpler reasons such as location-dependent value added tax.

So far we have narrowed the uses down to a free on-line service with restricted access. Depending on the nature of the content served, the service may well be required by law to interact with adults only. Could it possibly rely on a protocol that effectively only transmits the particular single bit of information? By design, the service cannot determine which particular adult it is interacting with. Any adult can offer to share their own credential with others to circumvent any restrictions and do this in an interactive way without sharing their private key material.

Let us switch to a scenario the reader is likely to be more familiar with. Occasionally, an interesting scientific article happens to be behind a paywall. One way of accessing it involves proving that one is registered with a library that pays for a subscription. The publisher does not need to know the identity of the person accessing the article, no payment is necessary. Yet I cannot imagine the publishers agreeing to any meaningful anonymity. Doing so would mean giving up all restrictions and tolerating "abuse".

Anonymous credentials, fascinating as they are, have limited use. They might also mislead users in a way similar to "private/incognito browsing". Introducing a credential, even an anonymous one, cannot make tracking harder. Whether a regulation makes anonymous credentials optional or mandatory will only matter after we have achieved sufficient privacy in situations where no credentials are needed.

Zero-knowledge impersonation

Most anonymous credentials systems do not vary the signature or key material. Instead of transmitting such fixed values the protocols employ zero-knowledge proofs that depend on random challenges (or oracles). One cannot detect repeated presentations of the same credential by looking at any information other than the attributes disclosed in clear. It also means that the use of a "fake" credential the issuer generates to impersonate you cannot be told apart from legitimate use of your genuine credential. Compare this with the case of rogue TLS certificates that can be spotted as such because the key material and the signature inevitably differ.

If you are at all worried about governments misbehaving, widespread use of anonymous credentials may make matters worse.

Conclusion

The open letters addressed to lawmakers have not convinced me. That does not matter. Whenever members of the cybersecurity community speak out on policy issues I am glad that someone is paying attention. Given a political agreement has been reached, it is probably too late to do much about the text of the regulation itself. Let us keep an eye on the development of the various accompanying documents, such as the wallet Architecture and Reference Framework.