Keywords:
Security Professionals, Software Developer, Crypto
Type:
Internship
Location:
Enschede
Education:
Bachelor (EQF 6)
Published:
13/09/2018
Status:
Open
Apply before:
31/01/2019
Hours p/wk:
40
More information

Description:

InnoValor has developed ReadID, an SDK for for accessing the information stored in the embedded ICAO chip in ePassports. The app can be used on NFC capable Android handsets. The InnoValor app is available for free from the Play Store. Together with customers InnoValor is integrating the underlying functionality in existing identification solutions, e.g.: a cost effective means to enable police officers to identify citizens, high assurance KYC compliant online onboarding of consumers for banks, airlines, etc.

 

This assignment aims to assess the possibilities to extend this functionality to the German eID (the neuer Personalausweis).

 

The information in the ePassport chip is protected using cryptographic protocols that prevent the integrity and authenticity of the information (in order to be able to establish that the document is authentic) and the confidentiality of the information (in order to protect the user’s privacy).

 

The nPA uses some of the protocols used in ICAO ePassports, yet also adds some new protocols using advanced cryptographic primitives. In fact, the German standardization institute BSI has been driving a lot of the development in this area and protocols originally designed for the nPA are making their way into the ICAO specifications. Also, the new Dutch eID resembles the npa.

 

Goal

The goal of this assignment is to assess the possibilities of extending ReadID with functionality for accessing and verifying the German nPA.

 

Approach

  1. Create an overview of relevant standards and specifications. Primarily the set of standards describing the embedding of the nPA in online/Web scenario (BSI TR-03124 and related), the nPA itself (BSI TR-03110), and the underlying cryptography and its encoding (BSI TR-03111).
  2. Create an overview of existing software landscape (both open and closed source). Including possibilities for conformance and security testing of prototype software.
  3. Design possible nPA functionality, given the current roadmap and use cases of the InnoValor app.
  4. Prototype and test a selection of this functionality.In parallel to the above technical activities, determine use-cases and assess business models for a nPA smartphone app.

The ideal student has an affinity with software development and (applied) cryptographic protocols.

 

 

 

We offer graduation projects in multiple areas of study such as (technical) business administration, industial design, computer science and business information technology. Check out https://innovalor.nl/en/thesis-subjects for other thesis subjects.  Feel free to contact [email protected]

Security Talent is required by law to ask permission for using cookies. We use functional cookies, and cookies for managing website statistics.
The cookies are processed anonimously. By continuing on our website, you accept the use of cookies. 

Read our privacy and cookie policy for more information.

 

Close