search

EWC-consortium / eudi-wallet-rfcs

EU Digital Identity Wallet RFCs in EWC to align towards the Large Scale Pilot (LSP) usecases. The project is co-funded by the European Union.
https://eudiwalletconsortium.org/
Apache License 2.0
15 stars 11 forks source link

Document the accepted cryptographic mechanisms #49

Open lalc opened 2 months ago

lalc commented 2 months ago

Shall be as per https://www.sogis.eu/uk/supporting_doc_en.html

ARF specifies 1.3: https://www.sogis.eu/documents/cc/crypto/SOGIS-Agreed-Cryptographic-Mechanisms-1.3.pdf

@georgepadayatti @ntsbs @andreasabr @endimion Please comment on this. We are facing a bit of an issue with interop as some wallets seems to be picking EdDSA over ES256 (ECDSA) algorithms. Lets use this issue to discuss in case you have an opinion. Mostly its enough we just document it as part of a table similar to how we documented the supported formats.

ntsbs commented 2 months ago

The reason to choose ES256 was that it is supported well by Keystore APIs of iOS and Android

lalc commented 2 months ago

The reason to choose ES256 was that it is supported well by Keystore APIs of iOS and Android

Or may be its the other way around? (Am not an expert, but a wild guess).

The SOG-IS Agreed Cryptographic Mechanisms v1.2 (Release Jan 2020, New version is 1.3/Feb-2023) is specified in ARF and it mentions explicitly on EC-DSA. We need experts to comment here on ED-DSA and ARF Requirement 10?

From the ARF 1.3:

Ch 5.1: Req. 10: PID attestation MUST use signature and encryption algorithms in accordance with SOG-IS ACM. Ch 5.2: Req. 11: (Q)EAA SHOULD use signature and encryption algorithms in accordance with SOG-IS ACM.

ntsbs commented 2 months ago

Or may be its the other way around? (Am not an expert, but a wild guess).

You mean, it is well supported because it is a widely standardized and accepted signature algorithm?

Whatever the reason may be, i think ES256 is the safest bet when it comes to acceptance for the EUDI wallet.

lalc commented 2 months ago

You mean, it is well supported because it is a widely standardized and accepted signature algorithm?

Yep.

andreasabr commented 2 months ago

One question, what speaks against using both signature schemes?

ntsbs commented 2 months ago

One question, what speaks against using both signature schemes?

The increased implementation effort for a signature scheme which is not accepted by the ARF

lalc commented 2 months ago

One question, what speaks against using both signature schemes?

Also, if we all use different signatures, interop becomes challenging. So, the proposal is to agree on one, at least within the scope of EWC. ARF strictly used SOG-IS.