← Back to context

Comment by notpushkin

12 hours ago

Just a quick question, and sorry if it might have been answered already... why preventing duplication is so important? I know it’s in the spec probably [1], but I can’t figure out the reason.

And a suggestion: add external HSM support at least? (e.g. things like NitroKey/YubiKey)

[1]: https://eudi.dev/latest/architecture-and-reference-framework... I suppose?

5 comments

notpushkin

Reply
pwlb  12 hours ago

Preventing credential duplication is a requirement to achieve high level of assurance. One of its purpose is to limit the potential damage that can be done by attacks. If credentials are bound to hardware-bound keys, attackers will always need access to this key store to make any miss-use. If you don't prevent duplication, attackers may extract credentials and miss-use them at a 1000 places simultaneously.

  • subscribed  8 hours ago

    Okay, but Google certifies phones which are not updates for the last several years.

    They can be trivially rooted, then they spoof the signature and get a pass in Integrity while being wide open for malware (or cooying the ID, ID presume).

    • pwlb  3 hours ago

      The documentation clearly outlines that there are multiple signals being analysed. Relying on play integrity alone is definitely not sufficient as you state.

notpushkin  12 hours ago

I’ve just had another, completely stupid but not implausible, idea:

> a local internal WSCD, which is a component within the User device, such as a SIM, e-SIM, or embedded Secure Element,

So you could issue SIM-cards / eSIM profiles that only do signatures and nothing else. The app then connects to such eSIM (and you keep your main SIM/eSIM in another slot).

The less stupid variant is, of course, to get mobile operators to issue SIM cards with e-sign capabilities. Estonia has that, for example: https://www.id.ee/en/mobile-id/

  • Avamander  10 hours ago

    > The less stupid variant is, of course, to get mobile operators to issue SIM cards with e-sign capabilities. Estonia has that, for example: https://www.id.ee/en/mobile-id/

    It works great. Just keep in mind that newer phones are starting to deprecate physical SIM slots. At the same time certifying eSIM implementations to the same EAL level is an absolutely crazy task.