Remote Document Encryption —encrypting data for passport holders
Speaker: Eric Verheul
We introduce Remote Document Encryption (RDE) allowing any party to encrypt data for a holder of an electronic passport such that only with physical possession of the passport decryption is possible. RDE is not an intended functionality of passports and actually consists of a tweak of passport protocols. Electronic passports allow for 160 bit security exceeding current good practice of 128 bit security.
In the presentation we also indicate possible applications including secure email and end- to-end secure file sending. In the second quarter of 2018 a proof-of-concept was done with RDE based secure mail. This pilot was successful and indicated that RDE was indeed a viable technique. SURF, the collaborative ICT organisation for Dutch education and research, intends to implement RDE in its Filesender instance and is planning a pilot in 2019.
Eric Verheul is an independent cryptographic consultant and part-time professor at the Radboud University Nijmegen. Eric teaches a Master Course in security management and does research in applied cryptography and privacy enhancing technologies.
His scientific goal is to creatively (ab)use existing cryptographic techniques and protocols achieving optimal (privacy) protection at low cost. His presentation at NLUUG on Remote Document Encryption is a good example of this.
Eric also serves as cryptographic architect in the Dutch eID scheme in which capacity he has developed the technique of polymorphic encryption and pseudonymization (PEP). This supplements federative authentication with strong privacy protection. Paradoxically, PEP allows the identity provider DigiD conducting authentications in an anonymous way while still being able delivering identifying information (or pseudonym) to service providers. From June 4 2018 issued Dutch driver licenses support PEP.