{"title":"eIDAS 2 数字钱包的众多功能使其成为向后量子加密过渡的风险或理想工具","authors":"Giovanni Comandè , Margaret Varilek","doi":"10.1016/j.clsr.2024.106022","DOIUrl":null,"url":null,"abstract":"<div><p>The amended Digital Identity Framework Regulation (“eIDAS 2″) is expected to be implemented by 2026, including its new solution of the Digital Identity Wallet from each Member State for its residents, citizens, and businesses. Widely used public key cryptosystems including those in the current EUDI Wallet prototypes are using electronic signatures and authentication that will need to be replaced by post-quantum resistant cryptography (PQC). In April 2024, the EU recommended general action by the Member States to prepare for quantum capability. We suggest that the European Digital Identity Wallet could be the starting point for an impactful debut of hybrid “quantum resistant” cryptography tools to align the Member States in the transition. We look at the awareness campaigns of ENISA and national cybersecurity authorities in the USA, Spain, UK and Germany on the transition to PQC using a hybrid approach. There seems to be some early consensus that NIST's PQC algorithms are likely to set the international standard. Given the eIDAS 2′s flexible, technologically neutral language, it allows the timely implementation of new secure encryption methods. The Wallet could be an exemplary model for large businesses, or app developers, and SMEs that also must transition to PQC to render secure those asymmetrically encrypted quantum-vulnerable digital assets. A very large and relatively fast uptake of the EUDI Wallet system is expected, and if it holds the promises of functionality, user friendliness, and security across the changing technological world, the EUDI Wallet's approach could become a benchmark for the transition to post-quantum capacity.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"54 ","pages":"Article 106022"},"PeriodicalIF":3.3000,"publicationDate":"2024-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The many features which make the eIDAS 2 Digital Wallet either risky or the ideal vehicle for the transition to post-quantum encryption\",\"authors\":\"Giovanni Comandè , Margaret Varilek\",\"doi\":\"10.1016/j.clsr.2024.106022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The amended Digital Identity Framework Regulation (“eIDAS 2″) is expected to be implemented by 2026, including its new solution of the Digital Identity Wallet from each Member State for its residents, citizens, and businesses. Widely used public key cryptosystems including those in the current EUDI Wallet prototypes are using electronic signatures and authentication that will need to be replaced by post-quantum resistant cryptography (PQC). In April 2024, the EU recommended general action by the Member States to prepare for quantum capability. We suggest that the European Digital Identity Wallet could be the starting point for an impactful debut of hybrid “quantum resistant” cryptography tools to align the Member States in the transition. We look at the awareness campaigns of ENISA and national cybersecurity authorities in the USA, Spain, UK and Germany on the transition to PQC using a hybrid approach. There seems to be some early consensus that NIST's PQC algorithms are likely to set the international standard. Given the eIDAS 2′s flexible, technologically neutral language, it allows the timely implementation of new secure encryption methods. The Wallet could be an exemplary model for large businesses, or app developers, and SMEs that also must transition to PQC to render secure those asymmetrically encrypted quantum-vulnerable digital assets. A very large and relatively fast uptake of the EUDI Wallet system is expected, and if it holds the promises of functionality, user friendliness, and security across the changing technological world, the EUDI Wallet's approach could become a benchmark for the transition to post-quantum capacity.</p></div>\",\"PeriodicalId\":51516,\"journal\":{\"name\":\"Computer Law & Security Review\",\"volume\":\"54 \",\"pages\":\"Article 106022\"},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2024-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Law & Security Review\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0267364924000888\",\"RegionNum\":3,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Law & Security Review","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0267364924000888","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}
The many features which make the eIDAS 2 Digital Wallet either risky or the ideal vehicle for the transition to post-quantum encryption
The amended Digital Identity Framework Regulation (“eIDAS 2″) is expected to be implemented by 2026, including its new solution of the Digital Identity Wallet from each Member State for its residents, citizens, and businesses. Widely used public key cryptosystems including those in the current EUDI Wallet prototypes are using electronic signatures and authentication that will need to be replaced by post-quantum resistant cryptography (PQC). In April 2024, the EU recommended general action by the Member States to prepare for quantum capability. We suggest that the European Digital Identity Wallet could be the starting point for an impactful debut of hybrid “quantum resistant” cryptography tools to align the Member States in the transition. We look at the awareness campaigns of ENISA and national cybersecurity authorities in the USA, Spain, UK and Germany on the transition to PQC using a hybrid approach. There seems to be some early consensus that NIST's PQC algorithms are likely to set the international standard. Given the eIDAS 2′s flexible, technologically neutral language, it allows the timely implementation of new secure encryption methods. The Wallet could be an exemplary model for large businesses, or app developers, and SMEs that also must transition to PQC to render secure those asymmetrically encrypted quantum-vulnerable digital assets. A very large and relatively fast uptake of the EUDI Wallet system is expected, and if it holds the promises of functionality, user friendliness, and security across the changing technological world, the EUDI Wallet's approach could become a benchmark for the transition to post-quantum capacity.
期刊介绍:
CLSR publishes refereed academic and practitioner papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection, EU policy, freedom of information, computer security and many other topics. In addition it provides a regular update on European Union developments, national news from more than 20 jurisdictions in both Europe and the Pacific Rim. It is looking for papers within the subject area that display good quality legal analysis and new lines of legal thought or policy development that go beyond mere description of the subject area, however accurate that may be.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
