Published on 10 June, 2016
|The POSeIDAS project aimed to provide a prototype eIDAS server and a simulation environment on a chip card
The "Regulation on electronic identities and trust services (eIDAS)" published by the European Union in July 2014 forms the legal basis for the secure handling of electronic transactions between businesses, citizens and public authorities or institutions within the EU. The French Agence nationale de la sécurité of systèmes d'information (ANSSI) and the German Federal Office for Information Security (BSI) have jointly developed the smart card specification (BSI TR-03110 Version 2.20). It is based on the technology that is already used in the German identity card.
POSeIDAS project to develop eIDAS prototype
Given these developments, the BSI commissioned the POSeIDAS project to HJP Consulting, cv cryptovision and Governikus. The project aimed to provide a prototype eIDAS server and a simulation environment for simulating the functions of an eIDAS token and the implementation of eIDAS functions on a chip card.
HJP provided the simulation environment for simulating the eIDAS functions based on BSI TR-03110. This open source smart card simulator – PersoSim – was developed by HJP and certified by the BSI. PersoSim emulates the functions of an electronic identity card and is already used by eID client developers and the BSI among others. PersoSim now includes features such as Chip Authentication in version 3, pseudonyms signature’s and attribute extensions (ERA). The new features represent a complete eIDAS token according to BSI TR-03110. "With POSeIDAS we have successfully realised the first global implementation of the new security features for future ID cards." says Holger Funke, HJP Consulting.
Electronic identities within eIDAS regulation
The Governikus KG delivered an open source version of an eID server and a corresponding eID client that are used for the verification of the interoperability of the electronic identities (Proof of Concept) within the eIDAS regulation. Starting with the eID server and the eID client that already supported the infrastructure of the online ID function of the German ID card, the extensions for the eIDAS token were implemented successively to support all requirements given by the Technical Guideline BSI TR-03110 version 2.20.
cryptovision delivered the first implementation of the new eIDAS functions on a chip card. The implementation is based on the product "ePasslet Suite", a modular Java Card-based application suite for multi-functional national ID documents, which is already used in over 20 eID projects worldwide. ePasslet Suite provides a set of Java Card applets for passports, eID cards, electronic driving licenses, signature cards and other applications, and is also the foundation for the implementation of the eIDAS functionality. Therefore the innovative eIDAS functions can soon be used for international eID document projects in a very flexible manner.