[HN Gopher] Estonian Electronic Identity Card: Security Flaws in... ___________________________________________________________________ Estonian Electronic Identity Card: Security Flaws in Key Management Author : dcbadacd Score : 193 points Date : 2020-07-02 11:55 UTC (11 hours ago) (HTM) web link (www.usenix.org) (TXT) w3m dump (www.usenix.org) | dijit wrote: | Anyone wondering if this is a new issue; it's not, it's a more | detailed writing of some previous issues, one of which being the | Gemalto affair[0]. | | The new cards issued in 2018 are not known to have any | vulnerabilities. | | [0]: https://www.linkedin.com/pulse/timeline-estonian-id-card- | vul... | kreetx wrote: | Didn't read the paper but it appears to be fresh, so maybe the | newsworthy part is that they are still not fixed? | Avamander wrote: | The paper is half for giving a technical overview of the | issues and part new analysis based on datamining old | certificates. The issues have been mostly fixed, compliance | violations however are still badly monitored. | pier25 wrote: | I'm from the EU and considering incorporating my next company in | Estonia. | | Anyone else in a similar situation has any recommendations or | ideas about this? | edko wrote: | In general, I had a good experiences. There are a few annoying | things, however: my Estonian bank (VUB) discriminates against | non-Estonian customers (even if they are EU citizens/residents) | by applying a foreigners fee. Also, the local business register | seems to be above data protection laws and sells your | information. I receive lots of spam just by being in the | register. Also, if you think that because your company is | private your financial statements will also be private, that | won't be the case. They will still sell the information to | anyone for a few euros. | AhtiK wrote: | Make sure to understand the tax laws when it comes to the | company tax residency in scenarios where you're physically not | operating in Estonia nor employing people there, nor having | majority of your clients there. | | See my older comment [1] for some related topcis to research. | | [1] https://news.ycombinator.com/item?id=21321451 | pier25 wrote: | Thanks, I will definitely check this out. | atlasunshrugged wrote: | Yes, I'd definitely echo that, a huge amount of tax | implications are based on individual residency/permanent | establishment so if you're living in say, Germany, for 1/2 of | the year + 1 day, you should be expecting to pay at least | your personal income taxes there, and likely the business | taxes if you're a sole prop without local employees and local | business. Of course, if you're a true 'digital nomad' who | doesn't establish residency anywhere it gets much trickier. | But in general, my advice it to pay for 1-2 hours with an | accountant up front before you go through setting up a new | entity somewhere | pier25 wrote: | Even if my personal account was in an Estonian bank? | atlasunshrugged wrote: | Having a personal account in a local bank may be a data | point if you want to make a case about where you should | be taxed but it won't automatically make you have | permanent establishment or tax resident in Estonia | pier25 wrote: | Ah, right. | | Yeah I should definitely check with an accountant in the | country where I will end up residing. | atlasunshrugged wrote: | Yeah, highly recommend that. You can also contact | Estonian folks who do understand the idea of running a co | in Estonia and living elsewhere which isn't common in a | country like Germany as local accountants there may be | confused, there's a bunch of people on this list that | have gone through at least some govt vetting | https://e-resident.gov.ee/marketplace/service-providers/ | | I personally had a good working relationship with 1Office | in particular and recommend them (wasn't a client but | they were a partner when I worked for the e-Residency | program and a buddy's GF works there who I trust and who | does good work) | pier25 wrote: | Would you incorporate again in Estonia? | Chickenosaurus wrote: | Yes, the laws don't care about who you bank with. If your | "center of life" is in Germany, you are required to pay | income taxes. Although "center of life" is not defined in | detail in german tax law, there are a number of known | indicators that are considered. For example, if you | reside in Germany for 183 days per year or more, you are | required to pay income tax on all of your income. | AhtiK wrote: | "The jTOP SLE78-powered ID cards were issued until the end of | 2018. ID cards manufactured currently are powered by the chip | platform supplied by IDEMIA (not covered in this work)." | | If my memory serves me right, there was an easy way to check if | your ID card was affected and it got replaced for free. The flaws | described in paper are not known to exist in cards issued since | the end of 2018, beginning of 2019. | jlgaddis wrote: | Yeah, an "offline tester" [0] was made available by the | researchers who discovered ROCA [1] and a company with "close | links" to the researchers created a "ROCA Vulnerability Test | Suite" [2]. The Estonian government also had one on their web | site [3] but it is, apparently, no longer available. | | ROCA didn't _just_ affect Estonian ID cards, though. It also | affected also TPMs (from Infineon), certain Yubikeys [4], and | even some PGP keys! | | --- | | [0]: https://github.com/crocs-muni/roca | | [1]: https://roca.crocs.fi.muni.cz/ | | [2]: https://keychest.net/roca/ | | [3]: http://www.id.ee/?lang=en&id=38239 | | [4]: https://www.yubico.com/support/security- | advisories/ysa-2017-... | chrismeller wrote: | Yes, the Police and Border Guard has an online tool to check. | They also supposedly contacted all the people with bad chips | (my card was not vulnerable, so I can't verify that). | Etheryte wrote: | The aftermath of the issue has been previously discussed here | (2018): https://news.ycombinator.com/item?id=18104861 | PrimeDirective wrote: | > The flaws of the ID-card is a very politically charged topic to | discuss in Estonia, having any doubts about the ID-card or | e-voting will make you a persona non grata. | | I somewhat disagree, the discussion tends to get bent by some | populist agent provocateurs and some of the initial reactions | from the private sector media. (In Estonia, the government media | is the most centered out of all news outlets, go figure). What | these statements usually are is that "ID card has a flaw X, | therefore we should immidiately ban it, close the R&D and burn it | with fire", forgetting that crypto and computing in general, | changes over time. My view is that, of course each flaw has to be | resolved and sometimes this is political, but this just means the | work has to continue. | C1sc0cat wrote: | Thinking that compulsory id cards "Papers Bitte" are not a good | thing is not an uncommon view. | bragh wrote: | It's not about it being compulsory, but the system being | unverifiable end-to-end and any criticism of that being | laughed at. | | If you put it into business terms, would you trust an | employee or vendor who told you that everything was alright, | did not allow you to perform checks and audits and mocked | both your and external partners concerns [0] about it? I | don't think so. If the government is indeed for the people | and not vice versa, then this is not acceptable. | | [0] https://www.youtube.com/watch?v=LkH2r-sNjQs Tom Scott's | video about e-voting. Funniest rebuttal I saw on Estonian | social media was that we are secure, since he is talking | about e-voting, but we have i-voting. So I guess once we will | call it c-voting, it will be even better...? | likelyunaware wrote: | That video had outdated information regarding the Estonian | e-voting system. The report from 2014 has been invalidated | by the newer system, IVXV, which has been redesigned to | address previous criticism. The newer system is open | source, available at https://github.com/vvk-ehk/ivxv. A | good source to quickly familiarize yourself with the | architecure, is "Improving the verifiability of the | Estonian Internet Voting scheme"[0] by Jan Willemson et al | | [0] https://research.cyber.ee/~janwil/publ/ivxv-evoteid.pdf | aj3 wrote: | I watched the video. It's a load of crap. I mean, here are | his arguments (feel free to tell me if I missed something): | - voting systems inevitably have to be closed source, | loaded on easily compromisable USB stick, connected to | internet unguarded and sitting that way for years. In what | reality is this nihilistic fatalism a reasonable | expectation? - voter has no way of independently | verifying that their vote has been processed correctly. | First of all, this is simply ignorant as there are many | cryptographical schemes that allow verification, but most | importantly - how do you know that your vote has been | processed correctly in our current system? You don't, there | is no way for you to do that. - US hacking machines | are routinely exploited at Defcon. That's right. You know | what else is routinely exploited there? Physical safes, | which are used for storing you know paper ballots. Also | cars. And Air Force has promised to bring a fucking | satellite next year. Something having vulnerabilities in | the past does not mean it still has them, something having | vulnerabilities currently does not mean they are easy to | exploit in practice or can't be detected and mitigated, | some products in a certain category having vulnerabilities | does not mean all products in this category will inevitably | have vulnerabilities in the future and we should just give | up on ever fixing them. - trusting a person in a | voting booth to vote for you would be ridiculous, but | filling a ballot yourself and trusting that it will get | counted correctly along the way is somehow self obvious - I | guess because in the first case you clearly see that a | human is involved in the process and in the second example | it sort of feels like the process is finished once you | physically put your vote into a box? - the average | voter won't understand checksums. Well, maybe the average | voter shouldn't worry about bad bytes in that case? And how | come deterministic and auditable cryptography is a problem | while demonstrably non-deterministic process of current | paper voting (look at how results always differ ever so | slightly when votes are recounted) is a non-issue? - | transferring votes over internet is problematic because you | can't trust software on either end. Right, because you know | (never mind trust) everybody that will handle your vote on | the path from voting booth to the whatever-governing-body- | is-announcing-results-in-your-country? - central | computer could be manipulating your votes and only a few | people will have an opportunity to inspect it. Well, how | many voting boxes have you been allowed to inspect in your | life? Are you allowed to go to the central location where | your votes are aggregated and recount all of them | personally? How do you know that officials in your voting | location, precinct or at a national level haven't agreed to | manipulate the results? - casting doubts on the | election is easy to do with electronic voting and nearly | impossible with paper voting. Have you heard this cute | story about medical masks becoming a conspiracy and symbol | of oppression among certain population in US? Has nothing | to do with electrical circuits and everything to do with | politics. If a current incumbent happens to lose an | election there you can be sure that election results will | be called fake, no matter paper or digital. - malware | exists, so voting from personal devices is ridiculous. Just | as ridiculous as doing e-commerce or banking? Or in case of | Estonia getting pretty much any other official business | done, or so I hear. - a single vulnerability in | someones computer can be scaled to millions of computers. | Ok, let's say someone is still using Windows XP and got | infected with something after downloading GTA from Pirate | Bay. How does that affect people voting from their iPhones? | - anecdotes, anecdotes, anecdotes | | tl;dr: Stop spreading FUD. | bragh wrote: | Please try to think here in terms of probabilities, not | absolutes and about the threat model. | | 1. Closed source and loaded on an USB stick is the | simplest case. But in the end, how will you still know | what is the actual code that the eventual tallying system | is running? | | 2. Verification of votes is not about encryption. If you | allow it to be unlimited, then you can actually sell your | vote. In Estonia, you can verify your vote 3 times for 30 | minutes after your vote was cast: https://www.oiguskantsl | er.ee/sites/default/files/field_docum... (point 14 on | page 5) | | 3. Mostly agreed with you about the rate of | vulnerabilities. But the issue here is that voting is | such an important of how democractic society works that | there should be no obvious vulnerabilities or any | exploitations of vulnerabilities can be easily | discovered. E-voting has neither of these because again, | how can we know what code is actually being executed? | | 4., 5., 6., 7. Yes, one vote can get lost. Hell, | thousands can get lost. But on average, I can still count | on the process eventually working out due to the | observability. Somebody will find ballots thrown in | trash, pre-filled ballots, 117% of eligible people | voting. Sure, in those cases the country is | unsalvageable, but you will at least know that it is | happening. | | 8. OK, but that is neither here nor there. | | 9., 10. If you open up Google Maps and look one country | eastward, you will understand. As a reference, https://en | .wikipedia.org/wiki/2007_cyberattacks_on_Estonia Not sure | on what their planning divisions are cooking up, but I do | not doubt that they will use any angle they can. What is | the going price for a Windows 10 0-day anyway, on the | order of a few hundred k to 1M, I assume? Peanuts. | nytgop77 wrote: | 1. Whole paper ballot process is monitored (and | understood) by all parties. They keep each other in | check. I can sign up for such monitoring and see for my | self (at least in my country). Nobody will allow me to | inspect actual machine used to count votes. 2. To hack | paper ballot voting, conspirasy must include many more | people than e-voting. | 8organicbits wrote: | Correct, wikipedia even documents this: | | https://en.m.wikipedia.org/wiki/Your_papers,_please | ZWoz wrote: | ID card is mandatory by law, but there aren't sanctions (in | my knowledge). You need some kind document though, in US that | is usually drivers license. I don't see big difference here. | JoeAltmaier wrote: | Seems interesting, but security flaws were in a countable (small) | number of cases. Is this a general issue? | pisipisipisi wrote: | This shows the issues in process and attitude. Even in the case | of ROCA, you do not really break the crypto part itself, you | wiggle around the implementation and procedure issues to bypass | it. | fabianlindfors wrote: | Are there any Estonians here on HN who would be willing to chat a | bit about digital identities in your country? I'm working on | bringing e-ID to more people (https://getpass.app/) and looking | to get a better understanding of current solutions. | | Feel free to reach out, my email is fabian (at) flapplabs.se | Stierlitz wrote: | > n this paper, we describe several security flaws found in the | ID card manufacturing process .. | | Like accidentally on purpose,secure up to a point, but weak | enough to allow the spooks to generate their own IDs. I mean if | the cards were unhackable how would a spy do his job :] | chrismeller wrote: | As an American residing in Estonia, I'm not sure what the | benefit of a state compromising the card crypto would be. There | are four broad categories of uses for the ID cards: | | 1) Obviously, a government-issued photo ID | | 2) For an increasing number of shops, as your "frequent | shopper" card, which admittedly is slightly related to... | | 3) Authentication, including: logging into your bank, | government websites (the state portal, the tax authority, the | the "digital story" - all your medical records, the online | booking website for booking some combination of | surgeons/specialists that operate under the public healthcare | system), the (one) online pharmacy that exists, etc. | | 4) Signing things. I've signed my lease with it (though | "paperless" Estonia still wanted me to sign a paper version as | well) and more routinely you have to "digitally sign" any bank | transfers... which are the standard way to pay bills in | Estonia, so you do it a lot. Finally, voting online. | | I don't see how broadly compromising the crypto would really | benefit anyone for any of those things, it would have to be a | more specific individual attack, like draining your bank | accounts. | | Edit: formatting, added voting | LatNax wrote: | A single leak can be bad, multiple leaks piled into a single | actor can be life changing. | pisipisipisi wrote: | Getting asked as an expert "can this id card thing be | trusted?" my answer has been "for communicating with the | government you inherently don't trust, the method or security | of an authentication device does not really matter" (filing | your taxes or logging to services being the scope). Some | claiming encryption privacy issues ... Well, for any | meaningful opsec you should not be using the id card for | encrypting messages about overthrowing the same government | issuing the encryption devices in the first place, if | government reading your messages is a threat in your model. | chrismeller wrote: | Yeah, I think the biggest risk would be rigging an | election, but we're talking about a country of 1.2 million | people. Not to dismiss the importance of their elections on | Estonia, it doesn't really have the same worldwide | ramifications that compromising a US, UK, German, etc. | election would have. | Strom wrote: | Rigging (digital or not) would be hard to hide, because | it could only be a minor adjustment to remain plausible. | All the election results end up roughly similar to all | the various independent polling results. If some party | suddenly receives a lot more votes than they polled for - | it will be noticed. | | Also Estonia already has a history of (non-digital) | election rigging [1] so rhetoric of the " _digital | results in rigging, keep it physical for safety_ " kind | isn't super convincing. | | -- | | [1] https://en.wikipedia.org/wiki/1940_Estonian_parliamen | tary_el... | dane-pgp wrote: | > Rigging (digital or not) would be hard to hide, because | it could only be a minor adjustment to remain plausible. | | How many more votes would the party in second place at | the last election have needed in order to have won | instead? | | > If some party suddenly receives a lot more votes than | they polled for - it will be noticed. | | Is there a mechanism by which the election could be run | again (before the winners of the election have a chance | to prevent this)? | | > Also Estonia already has a history of (non-digital) | election rigging | | Or it's an argument that a voting system should have both | hand-counting and digital counting, because rigging both | counts is at least twice as difficult as rigging one. | aj3 wrote: | > Or it's an argument that a voting system should have | both hand-counting and digital counting, because rigging | both counts is at least twice as difficult as rigging | one. | | Unless the party rigging the counts is the one currently | in power. Which in my opinion is the main risk, however | minuscule and unrealistic. | Strom wrote: | > _How many more votes would the party in second place at | the last election have needed in order to have won | instead?_ | | 5.8% of the total votes [1] but winning the election is | just part of the game. This time around the winning party | isn't in power because the runner ups formed a coalition. | | > _Is there a mechanism by which the election could be | run again (before the winners of the election have a | chance to prevent this)?_ | | Several - the previous government would still be in power | for some time to react, the president has to sign off on | the winners, the defense police could intervene, and then | there are the courts. None of these entities depend on | the newly elected government. | | > _both hand-counting and digital counting_ | | That would certainly be more secure, but like all | security it would be a trade off. | | -- | | [1] https://rk2019.valimised.ee/en/election- | result/election-resu... | ants_a wrote: | > How many more votes would the party in second place at | the last election have needed in order to have won | instead? | | It's a multiple party proportional representation system | so who "wins" doesn't really matter that much. | | > Is there a mechanism by which the election could be run | again (before the winners of the election have a chance | to prevent this)? | | I'm not an electoral law expert, but complaints about | election process go to National Electoral Committee, | which can have its decision contested in Supreme Court. | | > Or it's an argument that a voting system should have | both hand-counting and digital counting, because rigging | both counts is at least twice as difficult as rigging | one. | | The e-voting over here is actual e-voting - the vote is | purely digital and done remotely. Not in any way related | to the digital vote counting machines used in the US. | themacguffinman wrote: | > Rigging (digital or not) would be hard to hide, because | it could only be a minor adjustment to remain plausible. | | As candidates & parties become more competitive, the | difference in their voting shares tends to narrow. | Eventually you end up with large coalitions that split | the electorate fairly evenly. A small adjustment is all | it'd take to tip the scales. If landslide victories are | common, I'd say your political system is doing something | wrong. | aj3 wrote: | > As candidates & parties become more competitive, the | difference in their voting shares tends to narrow. | | This reads like a pure American exceptionalism. | xyzzy123 wrote: | I know your comment was tongue in cheek but this has come up in | the digital Id space before. All these things get bootstrapped | off government sources and spooks have no problems because | governments control those databases. You don't need technical | hacks if you control the systems of record. | dane-pgp wrote: | So what's to stop the ruling party from issuing its loyal | spooks thousands of ID cards in key districts, which they | then use to cast fraudulent votes in the election? | roywiggins wrote: | The spooks are the same government issuing the ID. They can | just call up the department issuing the IDs and ask for a batch | of new identities. No technical flaws necessary. | bragh wrote: | Brave guy to publish this, hopefully it won't end up similar to | the Dreyfus affair -- depends on which the media will roll due to | it being "pickled cucumber season" (everybody is on vacation, | nothing much happening during summer in Estonia). The flaws of | the ID-card is a very politically charged topic to discuss in | Estonia, having any doubts about the ID-card or e-voting will | make you a persona non grata. | Etheryte wrote: | Regarding your last point, I have a hard time seeing what you | mean. The system is audited both internally and externally | fairly regularly, the latest report being released just | December last year [0]. There is also frequent news coverage, | both supporting and criticizing the system [1][2]. One of the | current government parties [3] is an active critic of the | system. So it seems like a fair stretch to say that discussing | or criticizing the system isn't common or somehow not welcome. | | None of this is to say that the system doesn't have flaws, as | every other IT system, it does. It is however publicly | discussed as you would expect in a democracy. | | [0] | https://www.mkm.ee/sites/default/files/e-valimiste_tooruhma_... | | [1] https://www.err.ee/keyword/15389 | | [2] https://www.postimees.ee/term/15008/id-kaart | | [3] https://www.valitsus.ee/et/peaminister- | ministrid/valitsuse-k... | bragh wrote: | > The system is audited both internally and externally fairly | regularly, the latest report being released just December | last year | | Can you please clarify the 'fairly regularly' part? One of | the members of that commission said that this is the first | time that this kind of audit has been undertaken: | https://digi.geenius.ee/rubriik/uudis/e-valimiste- | tooruhma-l... To be fair, there are lots of other reviews | having taken place, but none of them are regular with the | exception of the OECD ones happening during elections: https: | //et.wikipedia.org/wiki/Elektrooniline_h%C3%A4%C3%A4le... | | > There is also frequent news coverage, both supporting and | criticizing the system | | ERR is government-funded and seems to me quite neutral, not | sure how it is relevant here. But it still seems to me that | mainstream media is supportive and you have to go to | "alternative" news sources to find any true criticism. | | > One of the current government parties [3] is an active | critic of the system. | | Actually 2, if you count both KE and EKRE. And this is one of | the major criticisms against those parties and has been so | for years. | | A good example of the prevailing attitude can be seen in this | thread from 2017 about the security hole back then from | Hinnavaatlus, probably biggest IT-related forum in Estonia: h | ttps://foorum.hinnavaatlus.ee/viewtopic.php?t=715076&postda.. | . The general tonality in the beginning was that this is a | tinfoil problem and somehow brought up by KE and EKRE before | elections until the reality of the situation sunk in. | raxxorrax wrote: | Being spammed with reviews after mentioning that there might | be a disagreement about electronic id data collection drives | the original point a bit. | Etheryte wrote: | While I try to sympathize, I'm not entirely sure I see what | you mean. Neither the research linked in the submission nor | anything that I linked to discusses data collection, unless | I'm grossly misunderstanding you. | | As for the things I linked, none of them are reviews. The | first link is a ministry report from last year that | outlines 25 shortcomings of the system and how to address | them -- a clear example that there's open discussion about | any problems the current system has. The second and third | links are national news coverage that clearly show articles | from both pro and con sides. The last link is about the | current government in general. | atlasunshrugged wrote: | Having worked for the Estonian government for a bit, I'm not | sure that it'll exactly make you a persona non grata but | definitely you'll get a ton of pushback if you make any claims | about e-ID and e-voting as people have very strong feelings | about it. | Svip wrote: | > "pickled cucumber season" | | Funny, it's called "cucumber time" (agurketid) in Danish. I | wonder if it's a related term in Nordic countries + Estonia. | praseodym wrote: | It's also called "komkommertijd" ("cucumber time") in Dutch. | Not pickled, because we call pickles "augurken". | sputr wrote: | Yeah, we also use 'time of pickled cucumbers' in Slovenia. So | not just a nordic thing ;) | gspr wrote: | We also call it "agurktid"/"agurknyheter" in Norwegian, and I | know the Germans use "Sauregurkenzeit". | | I've never heard any similar expression in English, nor in | any Romance languages. The Brits use "silly season" for the | same concept in journalism/news. | atlasunshrugged wrote: | Ha, I'm an American who lived in Estonia for a bit, I'm not | familiar with any related US term. Maybe we just don't have | this as much as Europe - I know I was shocked at how slow | business got in the EU in summer, there's for sure a dip in | the US with people going on vacation but nothing like | Europe in July/August | eitland wrote: | > I was shocked at how slow business got in the EU in | summer, there's for sure a dip in the US with people | going on vacation but nothing like Europe in July/August | | Reminds me of back when I worked for a company that | exported machines to the US and my boss told an American | customer that we couldn't get a shipment sent in June | which meant it couldn't be sent before somewhere in | August since key personell was on holiday in July. | | They then asked if he couldn't just tell us we _had to | work_ anyway, which -luckily for us- wasn 't an option. | kube-system wrote: | One time here in the US I had to work late hours and | weekends to hit an ambitious deadline for a French | customer who wanted to review our work before they all | went on their vacations. | eitland wrote: | Oh, that was a nice thank you from us pampered Europeans! | /s | | Sorry, hope you got some nice overtime bonus (but I fear | not.) | kube-system wrote: | Overtime? Ha. Almost all salaried jobs in the US are | exempt from overtime laws. | atlasunshrugged wrote: | Yeah that sounds like a classic American move - who cares | if they're on vacation, just make them work! Glad your | employer stood up for you all (or that the law forced | him/her to)! | M2Ys4U wrote: | Most people in Europe have at least 5 weeks paid leave a | year guaranteed by law. | | The US does not sent a mandatory minimum, and | consequently many employers don't offer anywhere near as | much time off. | krzyk wrote: | and "sezon ogorkowy" (cucumber time) also in Poland :) | kaliszad wrote: | Okurkova sezona in Czech | [deleted] | pisipisipisi wrote: | He is a well-known researcher in Estonia, with his scope of | work both known as well as appreciated (at least by the non- | politicians). Of course some have the "too big to fail", thus | "you don't talk about Vo..." attitude, but those want to turn | technical argumentation into political "agreement" and it is | hard to debate a 0 to become 1. You can't argue with computers, | "lets agree this 0 is as good as 1, even better and greater!" ___________________________________________________________________ (page generated 2020-07-02 23:00 UTC)