Security Testing of the Swiss E-ID Technology Stack
Category: Network security
Location: Zurich/Thun/Lausanne
Contact:
Martin Burkhart, Damian Pfammatter
NOTE: This thesis is reserved.
Background
The Swiss federal council has decided to build the Swiss E-ID based on self-sovereign identity (SSI) principles. Similarly, the European Union and many companies around the world plan to introduce SSI-based solutions for identity and access management. With SSI, users own their digital identity and autonomously control what information is revealed to which service providers. This contrasts with current Internet single sign-on architectures, which threaten user privacy by deploying central identity providers.
SSI combines many foundational technologies, such as distributed data structures, cryptographic proofs of identity attributes (zero-knowledge proofs), PKI with distributed key management, and various software components such as mobile wallets and agents connected in a P2P network. Accordingly, the technology stack of SSI is very complex. In order for SSI to develop into a secure technological basis for a national E-ID, various aspects need to be researched:
- security of the protocols
- scalability of solutions
- protection of privacy
- usability for consumers
- trust management and governance
Goal of the project
The goal of this thesis is to perform security testing of the E-ID technology stack. According to the Swiss E-ID roadmap, a public beta infrastructure will be made available in Q1 2025. Also, generic code templates will be released by Q4 2024/Q1 2025. The proposed E-ID technology stack is based on public standards and open source software. While the roadmap is still work in progress, these components have a high probability of being used:
- OID4VC/OID4VP - OpenID communication protocols for issuance and verification of VCs (Verifiable Credentials)
- SD-JWT - Format of VCs
- ECDSA - Signature algorithm used in VCs
- did:tdw - Trust DID Web Method for Decentralized Identifiers
- OCA - Overlays Capture Architecture for presenting VCs
Even though the SSI technology stack is quite young, it will soon be used as the foundation for large-scale national infrastructure. Therefore, thorough security analyses of the components and their interfaces should be performed before these systems go live. The methods for doing so may include formal reasoning about security properties of protocols, source code analysis, fuzzying of libraries, vulnerability scanning or interactive attacks on a running test system (penetration testing). The test methodology should go beyond current state-of-the-art, e.g., by innovatively improving existing approaches or incorporating methodology from recently published scientific work.
Tasks
- Familiarize with SSI tech stack
- Short survey on current security testing research
- Identify test targets and define suitable test methodology
- Perform security testing
- Document findings and responsibly disclose possible vulnerabilities
- Presentation and discussion of results with Swiss E-ID team
Links
- Swiss E-ID Discussion Paper: Initial technological basis for the Swiss trust infrastructure
- Swiss E-ID & Trust Infrastructure — Technical Roadmap
- OpenID for Verifiable Credentials: Formal security analysis using the Web Infrastructure Model
- Analyzing and comparing the security of self-sovereign identity management systems through threat modeling