BSNk public scheme keys format description.
Key organization
Polymorphic pseudonimization uses various keys. Keys or organised in schemeVersion
and schemeKeySetVersion
.
The schemeVersion
indicates the version of the cryptographic scheme and this syntax and SHALL start at 1. The schemeVersion
defines the elliptic curve used in the scheme.
The schemeKeySetVersion
is a version that SHALL start at 1 and represents the effective set of long term scheme master keys (PP-M, PD-M, etc...).
Relying party key format
Keys for relying parties are provided using the notation described in DV-key format.
Public scheme key format
Several of the scheme-wide keys are public, and can be used to use the polymorphism or verify signatures. These keys are defined in Metadata and under the role PPSteutelSet in RoleDescriptors non-Participants. For these public keys the brainpool P320r1 curve is used, which is a named curve defined as
-- Brainpool curves and the TeleTrust namespace are defined in BSI TR-03111 ecStdCurvesAndGeneration OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) teletrust(36) algorithm(3) signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8) } ellipticCurve OBJECT IDENTIFIER ::= { ecStdCurvesAndGeneration 1 } versionOne OBJECT IDENTIFIER ::= { ellipticCurve 1 } brainpoolP320r1 OBJECT IDENTIFIER ::= { versionOne 9 }