Page tree
Skip to end of metadata
Go to start of metadata

Current Signed Encrypted Identity and Signed Encrypted Pseudonym are based on BSI TR 03111 version 2.0 and use "EC-Schnorr" as method for the Schnorr signing algorithm.

Next generation structures have adopted to BSI TR 03111 versions 2.10, using ECSDSA as the signing algortihm (described in eID PEP 1.11.pdf §4.3). Differences between EC-Schnorr and ECSDSA algorithm makes the results incompatible and requires parties validating the signatures to adopt to ECSDSA. Support for EC-Schnorr based structures will be removed in a future version.

Changes in structure for Signed Encrypted Idntity and Signed Encrypted Pseudonym:

EC-Schnorr structureECSDSA structure (v2)

DeprecatedSignedEncryptedIdentity ::= SEQUENCE {
   notationIdentifier OBJECT IDENTIFIER (id-BSNk-encrypted-identity-signed),
   signedEI SEQUENCE {
      encryptedIdentity EncryptedIdentity,
      auditElement OCTET STRING
  },
  signatureValue EC-Schnorr-Signature
}


SignedEncryptedIdentity-v2 ::= SEQUENCE {
   notationIdentifier OBJECT IDENTIFIER (id-BSNk-encrypted-identity-ecsdsa-signed-v2),
   signedEI SEQUENCE {
      encryptedIdentity EncryptedIdentity,
      auditElement OCTET STRING,
      issuanceDate IA5String,
      extraElements [2] ExtraElements OPTIONAL
   },
   signatureValue EC-SDSA-Signature
}

Changes to the existing structure:

  • New identifier: changes from id-BSNk-encrypted-identity-signed to id-BSNk-encrypted-identity-ecsdsa-signed-v2
  • signatureValue is now EC-SDSA-Signature structure (see structure definition below)
  • issuanceDate and extraElements[2] are fields that support new use-cases. Existing processing-logic for signedEI structures should not be affected by those fields.

DeprecatedSignedEncryptedPseudonym ::= SEQUENCE {
   notationIdentifier OBJECT IDENTIFIER (id-BSNk-encrypted-pseudonym-signed),
      signedEP SEQUENCE {
      encryptedPseudonym EncryptedPseudonym,
      auditElement OCTET STRING
   },
   signatureValue EC-Schnorr-Signature
}



SignedEncryptedPseudonym-v2 ::= SEQUENCE {
   notationIdentifier OBJECT IDENTIFIER (id-BSNk-encrypted-pseudonym-ecsdsa-signed-v2),
   signedEP SEQUENCE {
      encryptedPseudonym EncryptedPseudonym,
      auditElement OCTET STRING,
      issuanceDate IA5String,
      extraElements [2] ExtraElements OPTIONAL
   },
   signatureValue EC-SDSA-Signature
}

Changes to the existing structure:

  • New identifier: Changes from id-BSNk-encrypted-pseudonym-signed to id-BSNk-encrypted-pseudonym-ecsdsa-signed-v2
  • signatureValue is now EC-SDSA-Signature structure (see structure definition below)
  • issuanceDate and extraElements[2] are fields that support new use-cases. Existing processing-logic for signedEI structures should not be affected by those fields.


EC-Schnorr-Signature ::= SEQUENCE {
        signatureType      OBJECT IDENTIFIER (
                                  ecschnorr-plain-SHA384),
        signatureValue     EC-Sig-Value
}


EC-SDSA-Signature ::= SEQUENCE {
        signatureType      OBJECT IDENTIFIER (
                                  ecsdsa-plain-SHA384),
        signatureValue     EC-Sig-Value
}

Changes to the existing structure:

  • New identifier: Changes from ecschnorr-plain-SHA384 to ecsdsa-plain-SHA384
  • signatureValue is now EC-SDSA and needs to be processed accordingly.


Current OID

New OID

id-BSNk-encrypted-identity-signed

2.16.528.1.1003.10.1.2.3

id-BSNk-encrypted-identity-ecsdsa-signed-v2

2.16.528.1.1003.10.1.2.7.2

id-BSNk-encrypted-pseudonym-signed

2.16.528.1.1003.10.1.2.4

id-BSNk-encrypted-pseudonym-ecsdsa-signed-v2

2.16.528.1.1003.10.1.2.8.2

EC-Schnorr-Signature

0.4.0.127.0.7.1.1.4.3.3

EC-SDSA-Signature

0.4.0.127.0.7.1.1.4.4.3

Changes in structure for Signed Direct Encrypted Pseudonym

Direct Encrypted Pseudonyms are used in specific use-cases by specific parties. The Signed Direct Encrypted Pseudonym will also be updated, along with the ECSDSA structures above.

Existing DEP-structureUpdated DEP-structure (v2)

SignedDirectEncryptedPseudonym ::= SEQUENCE {
  
notationIdentifier OBJECT IDENTIFIER (id-BSNk-encrypted-direct-pseudonym-signed),
   
signedDEP SEQUENCE {
     
directEncryptedPseudonym DirectEncryptedPseudonym,
     
auditElement OCTET STRING,
     
signingKeyVersion INTEGER
   
},
   
signatureValue ECDSA-Signature

}



SignedDirectEncryptedPseudonym-v2 ::= SEQUENCE {
   
notationIdentifier OBJECT IDENTIFIER (id-BSNk-encrypted-direct-pseudonym-signed-v2),
   
signedDEP SEQUENCE {
      
directEncryptedPseudonym DirectEncryptedPseudonym
      
auditElement OCTET STRING,
      
signingKeyVersion INTEGER,
     
issuanceDate IA5String,
      
extraElements [2] ExtraElements OPTIONAL
  
},
   
signatureValue ECDSA-Signature
}

Changes to the existing structure:

  • New identifier: changes from id-BSNk-direct-pseudonym-signed to id-BSNk-direct-pseudonym-signed-v2)
  • issuanceDate and extraElements[2] are fields that support new use-cases. Existing processing-logic for signedEI structures will not be affected by those fields.
  • No labels