The Challenges of Certifying the EUDI Wallet: A Deep Dive

As the European Union solidifies the framework for the EUDI (European Digital Identity) wallet, the certification process outlined in the Implementing Acts has made significant progress. By establishing the certification requirements for the Wallet Secure Cryptographic Device (WSCD) and the Wallet Secure Cryptographic Application (WSCA), the act lays down important steps toward ensuring the security of this critical digital identity solution. However, challenges remain—particularly in how these certifications interact and how the evolving nature of mobile applications like the WSCA might create bottlenecks in achieving a truly secure and agile EUDI wallet. 

In this post, we explore both the achievements and the gaps in the Implementing Acts, emphasizing the need for an independent cryptographic layer and agile certification processes to handle the fast-paced development environment of the WSCA. We also provide recommendations for enhancing the certification framework to better serve the dynamic needs of the EUDI wallet. 

Key Achievements in the ImplementING ActS 

The draft Implementing Acts for the EUDI wallet outlines several critical steps forward in establishing a certification process that addresses both functionality and security. Some of the key achievements include: 

• The Implementing Acts requires that the WSCD, responsible for managing cryptographic secrets, must be certified under Common Criteria. This is a significant step in ensuring that the hardware component of the EUDI wallet is thoroughly evaluated against stringent security standards, providing a strong foundation for securing sensitive cryptographic operations. 

• The Implementing Acts details specific evaluation activities for the WSCD and WSCA. These evaluations are critical for verifying that the components meet established security standards. However, certifying both the WSCD and WSCA together introduces challenges related to composite evaluation. 

• The Act also includes provisions to ensure that end-user devices hosting the EUDI wallet comply with security standards. This includes requirements for devices to receive regular security updates and include certified secure elements, ensuring they are protected from common vulnerabilities. 

• Regular vulnerability assessments are mandated as part of the certification process. This ensures that the EUDI wallet is continuously evaluated for potential weaknesses, a critical aspect of maintaining the security integrity of the wallet over time. 

Challenges in Certifying Both WSCD and WSCA 

While the WSCD certification under Common Criteria is a positive step forward, there are significant challenges when it comes to certifying both the WSCD and WSCA as part of the same system. This is particularly evident when considering composite evaluation in the Common Criteria framework. 

• The Common Criteria Composite Evaluation process allows the certification of a dependent component (like WSCA) to reuse the certification of a base component (like WSCD). However, this requires that the exact version and vendor of the WSCD be specified in the WSCA's certification process. 

• This approach is problematic because the WSCA, as a mobile app or embedded as part of the manufacturer OS, follows an agile development lifecycle, requiring frequent updates and patches. Every time the WSCA or WSCD is updated, the composite system needs to be re-certified, slowing down the process and increasing costs. 

• Certifying both the WSCD and WSCA together under Common Criteria presents a conflict between the long, detailed certification process and the fast-paced, agile nature of mobile applications. Each update to the WSCA, even minor patches, could trigger the need for re-certification, which is both costly and time-consuming. 

• Further, Common Criteria Flaw Remediation processes do not allow uncertified patches to be issued. This means that when a flaw is discovered in the WSCA, the wallet cannot be patched without undergoing maintenance certification, leaving potential vulnerabilities exposed for extended periods. 

Recommendations: A Layered Approach to EUDI Wallet Security 

To address these challenges, it’s crucial to reimagine the certification and security model for the EUDI wallet, particularly by considering the introduction of an independent cryptographic layer. This approach, as proposed in Blog Post #3, offers a solution that could mitigate the bottlenecks created by composite evaluation and the frequent need for re-certification. 

• By introducing an independent cryptographic layer between the WSCA and WSCD, the WSCA’s security requirements can be separated from the cryptographic operations handled by the WSCD. This way, the WSCA can focus on access control to cryptographic operations, while the cryptographic operations themselves remain in the domain of the WSCD. 

• This would significantly reduce the need for composite certification and allow the WSCA to update and patch more frequently without requiring re-certification of the entire system. The cryptographic layer would ensure that even in the event of a device compromise, the secrets stored in the WSCD remain secure. 

• Instead of binding security requirements for cryptography within the WSCA, those requirements should be moved to the security objectives for the environment. This would make the WSCD responsible for cryptographic operations, and the WSCA would focus on managing access control to those operations. By doing so, the cryptographic protection provided by the WSCD can be reused across different versions of the WSCA without triggering the need for re-certification. 

• To accommodate the fast-paced development environment of the WSCA, the certification process should allow for more flexible flaw remediation and patching without the need for constant re-certification. One way to achieve this could be through the development of lean evaluation and certification methods, such as ISO/IEC TS 9569, which aims to extend Common Criteria for patch management. This would allow for quicker evaluations of patches and updates, ensuring that the WSCA remains secure without causing delays in certification. 

Conclusion 

The EUDI wallet certification process, as outlined in the Implementing Acts, represents significant progress in securing digital identities across Europe. The requirement for WSCD certification under Common Criteria is a positive step in ensuring the security of the hardware components. However, challenges arise when both the WSCD and WSCA need to be certified together, especially given the agile nature of mobile application development. 

To address these challenges, introducing an independent cryptographic layer and adopting a more flexible certification process for the WSCA are crucial next steps. These improvements would allow for faster updates, more agile development, and a stronger security posture overall, ensuring that the EUDI wallet remains secure and resilient against emerging threats. 

As the Implementing Acts is currently under review, this is the perfect opportunity to advocate for these enhancements and ensure that the EUDI wallet meets the dynamic security needs of today’s digital landscape. 

The feedback Cryptomathic submitted to the Commission is available for download via the button below. If you have any similar views or concerns, we would be happy to hear from you.