The European Union eIDAS (electronic Identification, Authentication and trust Services) was enacted on 23 July 2014 and put into effect on 1 July 2016. eIDAS mandates stringent guidelines for security protections with digital signatures, electronic transactions, involved bodies, and their embedded practices.
The standards mandated by eIDAS work to ensure the integrity of electronic signatures and include the need for many cryptographic protections. However, what is also mandated is the need for sufficiently protecting the cryptographic processes. This is where the security offered by hardware security modules (HSMs) is required to keep critical data, including keys used to confirm digital identities required for signing from falling into the wrong hands. In what follows, we explain the role that HSMs have in digital signing.
Digital Signing Under eIDAS Regulation
Under eIDAS, an electronic signature is typically considered more secure than an actual physical signature used on a paper-based document. Paper documents containing a physical signature can be tampered with or the signature itself could be fraudulent.
There are different levels of electronic signatures for digital signing that carry the same legal weight as a signed document would. However, with an electronic signature, the signatory’s identity must be verified and validated. This is accomplished through the use of cryptographic protections.
The most secure electronic signature is the qualified electronic signature, which is an advanced electronic signature that is created by QSCD (qualified signature creation device). This device creates a qualified digital certificate to attest to the authenticity of the digital signature and can only be provided through trust services provided by a trust service provider (TSP). The TSP is responsible for authentication and preservation of the electronic signatures and certificates it creates.
Role of HSMs for Digital Signing
eIDAS and the Common Criteria Protection Profile – Cryptographic Module for Trust Service Providers specify the security requirements that must be followed for authentication and storage services provided by TSPs. Hardware security modules fall under the specification of a cryptographic module.
HSMs provide the required secure environment that is needed to generate and protect the cryptographic keys used to protect and authenticate sensitive data such as that used in digital signing and authentication of electronic signatures. The module also controls the use of this data for one or more cryptographic services in supporting trust services supplied by TSPs.
Cryptographic modules, such as an HSM that fall under Common Criteria’s Protect Profile and eIDAS Protection Profile (PP) EN 419 221-5 “Cryptographic Module for Trust Services” give TSPs the resources necessary to be in compliance with EU regulations and accepted policies.
HSMs play an important role in digital signing by:
- Maintaining protection of cryptographic material, including keys and certificates.
- Having functionalities for key authorization that are suited for issuance of qualified certificates under eIDAS.
- Resisting hacking attempts because they are constructed from specialized and secure hardware.
- Running on a secure operating system.
- Maintaining limited access through a strictly-controlled network interface.
- Strengthening cryptographic encryption practices during keys’ entire lifecycle from generation to disposal and in-between.
- Offering an added layer of security by storing decryption keys separate from encrypted data to keep data secure if a breach were to occur.
Utimaco HSMs are certified under eIDAS standards in order to achieve higher levels of data security, trust and legal assurance, whilst also maintaining high service levels and business agility. They provide a scalable and FIPS-compliant hardware solution for secure key storage and processing inside the boundary of the HSM.
Blog post by Dawn Turner.