Category: Blog

Available digital services are growing quickly but they are often strangled by a lack of a trusted digital identity which would be available for everyone and everywhere. In daily activities, people cannot enjoy seamless service experience because a suitable digital …

Identity on the Internet Read More »

Tagged with: ,

In cryptography we have things that are proven to be insecure, or proven to be secure, and a big collection of things that are neither.  The PKCS#1 v1.5 signature security happens to be in this kind of middle ground, and …

Proof towards “PKCS#1v1.5 signature is secure” Read More »

Have we really lost the SIM card security? Of course not. Lately news has reported multiple SIM card attacks[1][2][3]. In both of these cases the SIM card lets third parties to do undesirable things because SIM card security is (at …

SIMjacker, WIBattach, All Security Lost? Read More »

The public key system has two accompanying data, the public key and private key. The private key is used to securely create an electronic signature (or decrypt a message). The key is held strictly in the security containment of the …

PKI Security: Smartphone Apps vs. SIM applets Read More »

IANA today registered provisional URI scheme “mss” published by Methics. The “mss” scheme defines the URI for SignatureProfiles used for requesting mobile signature services from the MSSP Platform. You can find the scheme from: https://www.iana.org/assignments/uri-schemes/prov/mss Signature Profile in Mobile Signature …

Methics registers “mss” URI Scheme Read More »

Tagged with: , ,

Today, a person’s ability to prove their identity is seen as an important basis for participation in the society and life in general. In most countries around the world, establishing a person’s identity whether online or offline, is mandatory to …

Strong Electronic Identification: scenarios for the future Read More »

Tagged with: , ,

The MSSP standards were originally defined at ETSI at the beginning of this millennium. One of the MSSP design key objectives was a secure system by design. This blog unwraps those underlying design principles. General security principles such as confidentiality, …

Secure Mobile Signature Service Platform Read More »

To be able to realize the sustainable development goals (SDGs) set by the United Nations, countries need to be able to deliver services to the whole of their population. One major challenge facing this is that face-to-face services provisioning can …

Mobile ID: An Enabler of Sustainable Development Read More »

Tagged with: , ,

Latest news on smart card based security solutions tells that once again one vendor has produced low quality firmware for RSA key generation. What makes it even worse is that this hazard was caught up only after cards had been …

ROCA – Vulnerable RSA Key Generation on Some Smart Cards Read More »

Tagged with: ,

One of the main discussion topics in new Kiuru MSSP deployments has been the number of keys on the SIM card. Should there be a separate key for signing and authentication? How many PINs can the user actually remember? What …

Number of PKI Keys in Mobile ID Service Read More »

Tagged with: , , , , ,