Secure Data Access Method based on electronic identity for Mobile Internet

Network electronic Identity is convenient and secure for citizens’ online remote authentication. With the rapid development of Mobile Internet, the pervasive use of mobile devices brings new security and privacy risks. Electronic identity will have a wider application space on the mobile Internet. This paper introduces a remote secure storage protocol as the technology of electronic Identity security function using NFC-enabled mobile devices. This protocol is security and globally accessible so as to provide strong privacy protection and key management performance, which will bring new development opportunities for application developers.


Introduction
With the rapid development of mobile network technology, mobile devices, such as smart phones, Pads, or other tablet computers, play an increasingly important role in people's daily life [1]. Although many mobile devices' apps provide convenient solutions, and use mobile devices as a secure authentication channel, the leaking of users' identities and sensitive data become more and more serious.
Electronic identity technology was introduced to China in 2010. Chinese citizens may use electronic identity in the network as remote digital identity certificates. The electronic Identity constitute a big opportunities for the government, the public, service providers and application developers [2,3]. Mobile devices clearly offer a compelling proposition for governments seeking to provide citizens with secure and convenient access to online public services. During the past years, numerous mobile eID and e-signature solutions have been proposed, tested, and deployed in various European countries [4][5][6][7][8].
In this paper we look for a new way to use electronic identity and mobile devices to accomplish the secure electronic authentication, aiming to solve the defects of privacy. A service is defined to allow users to securely store and update their data (such as the password, key, accounts, etc.) remotely. Electronic identity cards can be used at any time to access the service. Also, the data on the server are invalid to both internal and external attackers.

Electronic identity technology
Electronic identity cards is the smart cards according to smartcard standards (such as ISO/IEC 14443 and GB/T 16649, etc.), which citizens can verify their self-online remotely, and achieve actual and 2 digital identity certification. There are identity documents in electronic identity cards, which contain the hash value of the basic identity information and personal information certificates. These certificates are signed by the Ministry of Public Security Citizen network Identification System (MCIS). The electronic identity card is secure and the access to the private key is protected with a secret PIN.
The private key SKAuth for certification is stored in the tamper-proof portion of the chip in electronic identity cards, which can only be activated by the PIN code. The corresponding PKAuth is authorized by the same certificate. Each certificate also holds the cardholder's name and a unique identification number named eID_code.
A software kit (SDK) is developed to set up the interaction between the electronic identity card and the mobile devices. SDK contains a graphical interface that allows users to read documents and certificates stored in their electronic identity cards, even to change the PIN. SDK also serves as an intermediary for other applications to access to electronic identity cards. When certificating documents, SDK will transfer the hash value of authentication information to the electronic identity card. When applications use the electronic identity card to authenticate a document, SDK will ask the user for the PIN code and send it forward to the electronic identity card. SDK can also check the validity of the certificate using CRL or OCSP. Note that the SDK is not necessary and applications can achieve the same function and interact directly with the electronic identity card.
Certificates in electronic identity cards have a layered infrastructure. Certificates for signature and certification are issued by citizen CA, and the certificates of citizen CA are issued by the root CA on the top of layers. CRL is defined which contains the revoked certificate serial numbers.

Symbol
The following are symbols using in this paper: P 1 ↔ P 2 : eID_code ← authenticate eID ( ): An interactive protocol, which P1 authenticates P2 with SKAuth then gets the eID_code of P2; P: sig ← sign eID (hash(M)) : Users sign information M with the key SKSig and send its hash value; P: K ← createSymmetricKey(PRG, ): A pair of keys K are created by users using a random number generator PRG and a seed seed .The same PRG and the seed seed bring the same K. P: store(data; index): Data data are stored at index index in the database.

Sensitive data access protocol
Information Society is full of sensitive data access from different locations. Sensitive data (such as personal information, bank accounting, etc.) must be securely stored on a remote server accessible, so protecting the sensitive data safety is the basic function of sharing sensitive information resource. Before being stored on the server, data are encrypted by the owner. Encrypted data are of no use both to the server or any attacker. This section discusses the electronic identity-based secure storage mode of sensitive data via NFC-enabled or Bluetooth-enabled mobile devices. For example, user places mobile devices on NFC reader and enters secret PIN at PIN-card terminal (or on the phone). Server reads all necessary information from the user's mobile devices/ID card (via NFC/Internet connection).
The most direct solution is to use the public key of the certificate to encrypt data and use the corresponding private key to decrypt data. However, encryption and decryption using the electronic identity card is not possible. When the card is lost, encrypted information earlier cannot be decrypted at present. Therefore, this paper proposes a new solution using the electronic identity card as a starting program. The symmetric key is generated from the electronic identity card signature, which is used to encrypt the data before storing. When the user wants to restore its encrypted information, access to encrypted information from the server, decrypt, regenerate the same data using electronic identity card.
The following will detail the protocol about how to store and recover sensitive data.  Figure 1 shows the steps of sensitive data storage protocol. Electronic identity users (U) provide the data they wish to store and a private tag as the name or alias of the data, that is storeSensitveData(data,tag) . The steps are as follow:

Storage Protocol
(1) Message header is generated with the 'KEYGEN', eID_code, electronic identity card number and other specific user information. The hash value HkeyGen of fixed format message is calculated using the SDK.
(2) Sign HkeyGen with the signature key in electronic identity card to get a 1024/2048-bit signature sig. Fixed format message can prevent an attacker using forged requesting signatures to get sig. In addition to this protocol, any message signed by the electronic identity card is not conform to this format. Usually, sig is the seed to generate two symmetric keys KS and KD.
(3) -(4) In order to generate the same key regardless of platform, a special pseudo-random number generator PRG is called in createSymmetricKey function. As the same time, the hash function is also fixed. KS is used to encrypt the private tag that associated with data and KD is used to encrypt the data. The key is passed by the hash value of sig. Encrypted tag Etag is used in step 10 which transfers index to the server database.
(5) When the data is stored (i.e. calling the protocol), a new random number R is generated to associated with it.
(6) The encryption key KD is transferred via the hash value of R and sig. (7) The data is encrypted and the cipher text is Edata. In order to prevent the accession between the same encrypt data in different positions, each time calling the storeSensitiveData function will use a new key to encrypt data. (8) Encrypted data Edata are stored in remote server S. Only the electronic identity card owner U can restore his data after U achieves identity authentication through the electronic identity card.
(9) U sends encrypted tag Etag and ciphertext Edata to remote server S. (10) Server S calculates the hash value of Etag and eID_code together as the index where Edata will be stored in the database. NRN will be public during the identity authentication. For different Etag will generate different index, index is specific. In another words, using encrypted tag Etag can protect the privacy of U. If S is credible and eID_code and Etag are not stored, index is safe from exponent attack. Even if the attacker can access all database, the users' data cannot be visited.
(11) Encrypted data and the random number R are both stored at index in the database. R is necessary for the data owner to transmit the key to decrypt Edata.
(12) U receives a receipt from the server to prove that the encrypted data is stored well.

Restoration Protocol
When the sensitive data is stored on a remote server, it can be restored from any location by the owner. Figure 2 shows the restoration process.
(4) Private tag is encrypted by KS.
(5) User is authenticated with the electronic identity card.
(6) Send encrypted tag Etag to the remote server S and request the corresponding records. (7) The record consists of encrypted data and the random number. The database on S selects the matched records at the index index and sends the records to the data owner U.
(8) U gets specific key KD from the hash value of sig and R.

Restoration of key
The proposed solution takes the advantage of the property that the determinate signature is calculated in the electronic identity card. When a signature is created with electronic identity card, the same HkeyGen always get the same signature sig. Thus, the same PRG and the same hash function(hashA,…,hashD) will regenerate the same keys KS and KD regard to the same random number

R.
If the electronic identity card is lost or updated, PKSig、SKSig and card number will be changed. In this condition, a different sig* is gained instead of sig, which prevent the stored message to be localized and decrypted. To protect important data, it will create a security backup when the signature sig is generated at the first time. In case that the electronic identity card is lost or updated, the signature sig is stored repeatedly from the backup, and the key is also can be restored. The guaranteed backup is provided by the third-party key services.

Analysis and conclusions
The discussed extended safety function above indicates the new opportunities of electronic identity technology. The electronic identity card not only can be used for digital signatures and authentication, but also can be used to store and recover sensitive data. Users can simply use the electronic identity card via NFC-enabled mobile devices to access the encrypted data stored at the remote server. However, the attacker still can send continuous defiant information to the electronic identity card in order to get the key. To avoid this threat, the signature in the electronic identity card is used in this given solution. PIN code is required for each signature, but authenticate key only need PIN code once. In addition, the fixed format of the message is also can prevent Trojans or malicious applications that request user's signature.
To support the recovery of sensitive data when the electronic identity card is lost or updated, a secure backup is created as signature sig is generated at the first time. However, users still have to be responsible for security backup. Another method is to set a key escrow system. Using secret sharing algorithm separates signature sig into n parts. Each part is stored on a different hosting server. To rebuild confidential content, it is necessary to get n parts from the hosting server and combine them to the complete data. In order to make sure that users only get their own key, these hosting servers will get to verify through electronic identity card. Further, the hash value of eID_code and electronic identity card serial number could add to the head of confidentiality contents. And every citizen can inquiry his current and previous electronic identity card number from the registration or management of electronic identity online.
This paper reveals the extended and reusable technology of electronic identity card with which users can access remote storage service securely at anywhere and manage their sensitive data securely, also brings new development opportunities for application developers.