Recommendations For TSPs - Risk Assessment
Recommendations For TSPs - Risk Assessment
Recommendations For TSPs - Risk Assessment
About ENISA
The European Union Agency for Network and Information Security (ENISA) is a centre of network
and information security expertise for the EU, its member states, the private sector and Europe’s
citizens. ENISA works with these groups to develop advice and recommendations on good practice in
information security. It assists EU member states in implementing relevant EU legislation and works
to improve the resilience of Europe’s critical information infrastructure and networks. ENISA seeks
to enhance existing expertise in EU member states by supporting the development of cross-border
communities committed to improving network and information security throughout the EU. More
information about ENISA and its work can be found at www.enisa.europa.eu.
Authors
Iñigo Barreira, Izenpe
Tomas Gustavsson, Primekey
Alexander Wiesmaier, AGT International
Contact
For contacting the authors please use [email protected]
For media enquires about this paper, please use [email protected].
Acknowledgements
ENISA would like to thank the numerous experts who reviewed this paper for their contributions.
We also thank the following organizations for voluntarily taking part in the survey on security
aspects of trust service providers launched by ENISA. The survey was conducted during the months
of June and July 2013, 46 respondents from different organisations completed the survey. The list of
the organisations taking part in this exercise is available in Annex 4 of this document.
1
Seconded National Expert at ENISA during the time of the study
Page ii
Risk assessment
Guidelines for trust services providers – Part 2
Legal notice
Notice must be taken that this publication represents the views and interpretations of the authors and
editors, unless stated otherwise. This publication should not be construed to be a legal action of ENISA or
the ENISA bodies unless adopted pursuant to the Regulation (EU) No 526/2013. This publication does not
necessarily represent state-of the-art and ENISA may update it from time to time.
Third-party sources are quoted as appropriate. ENISA is not responsible for the content of the external
sources including external websites referenced in this publication.
This publication is intended for information purposes only. It must be accessible free of charge. Neither
ENISA nor any person acting on its behalf is responsible for the use that might be made of the information
contained in this publication.
Copyright Notice
© European Union Agency for Network and Information Security (ENISA), 2013
Reproduction is authorised provided the source is acknowledged.
Page iii
Risk assessment
Guidelines for trust services providers – Part 2
Executive summary
E-Government services have significant potential to make public services more efficient for the
benefit of citizens and businesses in terms of time and money. And while these benefits are
increasingly being felt nationally, e-Government services still face administrative and legal barriers
on a cross-border level, although pan-European projects like STORK have shown that technical issues
of interoperability of electronic identifications can be overcome. In order to remove existing barriers
for cross-border e-ID based services the European Commission has proposed in June 2012 a draft
regulation on electronic identification and trust services for electronic transactions in the internal
market [38], which will replace the existing Electronic Signature Directive 1999/93/EC [37]. The main
goals of this action are to:
ensure mutual recognition and acceptance of electronic identification across borders
give legal effect and mutual recognition to trust services
enhance current rules on e-signatures
provide a legal framework for electronic seals, time stamping, electronic document
acceptability, electronic delivery and website authentication.
ensure minimal security level of trust services providers systems
enforce obligation of notifications about security incidents at trust services providers
In Article 15 of the above mentioned draft regulation the EC proposes that trust services providers
have to demonstrate due diligence, in relation to the identification of risks and adoption of
appropriate security practices, and notify competent bodies of any breach of security or loss of
integrity that has a significant impact on the trust service provided and on the personal data
maintained therein.
In this context, the European Union Agency for Network and Information Security (ENISA) developed
in 2013 the Guidelines for trust services providers, discussing the minimal security levels to be
maintained by the trust services providers. The study is split into three parts:
Security framework: describing the framework surrounding trust service providers (TPSs), focusing
on EU standards, but taking into account others where relevant.
Risk assessment: discussing the principles and concepts of managing the risks applicaple to TSPs by
defining and controlling threats and vulnerabilities.
Mitigating the impact of security incidents: recommending measures to mitigate the impact of
security incidents on trust service providers (TSP) by proposing suitable technical and organisational
means to handle the security risks posed to the TSP.
All three parts can also be used separately, as they address different issues and target different
audience, so the introductory sections overlap.
This document, Part 2: Risk Assessement, covers the following aspects:
Assets: identification, classification and evaluation
Threats to assets: classification and evaluation
Vulnerabilities present in the environment
Probability or frequency of the threat
The impact that the exposure can have on the organization
Countermeasures that can reduce the impact
The residual risk, risk acceptance, risk treatment plan, etc.
Page iv
Risk assessment
Guidelines for trust services providers – Part 2
Table of Contents
Executive summary iv
4 TSP infrastructure 5
5 Analyse risk 25
6 Evaluate risk 29
Risk 1: Compromise of a Certification Authority 29
Risk 2: Compromise of the cryptographic algorithms 30
Risk 3: Compromise of a Registration Authority 31
Risk 4: Compromise of the revocation services 32
Risk 5: Personal data breach 33
Risk 6: Impersonation 33
Risk 7: Loss of availability of the certification services 34
Risk 8: Repudiation claim by certificate subject 35
Risk 9: Compromise of a subject’s key pair 36
Risk 10: Compromise of a Validation Authority 36
Risk 11: Compromise of a Time Stamping Authority 37
Page v
Risk assessment
Guidelines for trust services providers – Part 2
7 Conclusions 39
Annex 1 – Definitions 40
Annex 2 – Abbreviations 42
Annex 3 – Bibliography 44
Page vi
Risk assessment
Guidelines for trust services providers – Part 2
Page 1
Risk assessment
Guidelines for trust services providers – Part 2
In the context of authentication, when an entity A presents itself to another entity B with its
electronic certificate, entity B can verify that the entity A is actually who it claims to be by checking
that entity A is in possession of the private key associated with the public key included in the
certificate.
In the case of encryption, electronic certificates can also be used to provide confidentiality. The use
of public key cryptography for the exchange of session keys ensures the confidentiality of the
communication. Here, the session key is the entity that carries out the encryption of the messages.
The service of Certificate Service Providers can be broken down into the following component
services
Registration service: verifies the identity and, if applicable, any specific attributes of a
subject. The results of this service are passed to the certificate generation service.
Certificate generation service: creates and signs certificates based on the identity and other
attributes verified by the registration service.
Dissemination service: disseminates certificates to subjects, and if the subject consents,
makes them available to relying parties. This service also makes available the CA's terms and
conditions, and any published policy and practice information, to subscribers and relying
parties.
Revocation management service: processes requests and reports relating to revocation to
determine the necessary action to be taken. The results of this service are distributed
through the revocation status service.
Revocation status service: provides certificate revocation status information to relying
parties. This may be based upon certificate revocation lists or a real time service which
provides status information on an individual basis. The status information may be updated
on a regular basis and hence may not reflect the current status of the certificate.
and optionally:
Subject device provision service: prepares and provides a signature-creation device to
subjects.
Page 2
Risk assessment
Guidelines for trust services providers – Part 2
Page 3
Risk assessment
Guidelines for trust services providers – Part 2
Page 4
Risk assessment
Guidelines for trust services providers – Part 2
4 TSP infrastructure
The first step in the risk assessment process is to determine the scope included in the risk
assessment and its boundaries. The TSP shall define the entities involved in the trust services it
provides and the role of each entity.
To support the system scope delimitation process, a list of examples of common entities and
processes involved in the operations of a TSP have been produced, which can be found below. This
list is informative and should only be used as a generic reference.
2
Further definitions can be found in ISO/IEC 13335 [1], ISO/IEC 24760 [3], ISO/IEC Guide 73 [4], RFC 3647 [23],
ETSI TS 102158 [14], ETSI TS 102042 [16], Directive 1999/93/EC [37]
Page 5
Risk assessment
Guidelines for trust services providers – Part 2
thus allowing a revoked public key certificate to be used for verifying signatures created prior to the
time of revocation.
The TSA shall generate a digitally-signed time-stamp that includes the time of the request; the
information that securely binds the stamp to the electronic document; and a unique registration
number for auditing purposes.
3
Please also refer to the “Guidelines for trust service providers – Mitigating the impact of security incidents”
Page 6
Risk assessment
Guidelines for trust services providers – Part 2
The validation process: The validation process comprises all actions from users or trust service
providers on requesting / providing the status of the digital certificates. This can be done e.g.
through:
CRL (Certificate Revocation List)
OCSP (Online Certificate Status Protocol)
The time stamping process: The time stamping process comprises all action from users and trust
service providers that want to add time stamps to electronic documents or transactions.
The information and condition process: These processes comprise all actions to protect external
and internally the TSP infrastructure.
The operational process: These operational processes comprise all actions related to procedures
and policies established by the TSP to perform its activities.
Primary assets
Information assets: Information assets include all data that are handled by the TSP, either produced
by it or handled by third parties. In this category the TSP should include at least all the information
related to the certificates (public and private keys, certificate content, etc.) as well as all the logs of
the system (CA operation logs, OCSP logs, etc.). Examples of information assets in a TSP are:
Page 7
Risk assessment
Guidelines for trust services providers – Part 2
CA certificate
CA private key
RA certificate
RA private key
VA certificate
VA private key
TSA certificate
TSA private key
Subjects’ certificates
Subjects’ private keys
Registration archives
Audit logs of the different involved entities
Certificate revocation status request logs
Certificate revocation lists
Business processes: The TSP should identify all the business processes that are conducted in the
organization. The list should include all certificate lifecycle management processes, plus any
additional processes the TSP may have depending on the additional services (validation,
preservation, etc.) that the organization is offering. Examples of business processes in a TSP are:
The registration process
The CA key pair generation
The CA key pair storage, backup and recovery
The CA certificate dissemination
The CA key pair usage
The CA private key destruction
The VA key pair generation
The VA key pair storage, backup and recovery
The VA certificate dissemination
The VA key pair usage
The VA private key destruction
The TSA key pair generation
The TSA key pair storage, backup and recovery
The TSA certificate dissemination
The TSA key pair usage
The TSA private key destruction
The subject device provisioning
The subject certificate generation and delivery to subject
The subject key pair generation
The subject certificate renewal, rekey and update
The subject certificate dissemination
The validation management process
The revocation management process
The revocation status dissemination process
These business processes have support processes that can perform additional activities that can be
also vulnerable and can affect the business processes.
Page 8
Risk assessment
Guidelines for trust services providers – Part 2
Supporting assets
Software, hardware and networks: The TSP shall include in the asset inventory all software
applications; all hardware infrastructures (servers, user equipment, cryptographic modules, etc.) and
all network infrastructures that are used in the TSP. Examples of software, hardware and networks
assets are:
Hardware
o CA equipment: servers for CA root and subordinates CAs
o Other CA necessary equipment, e.g. LDAP
o RA equipment: PCs, printers, etc.
o VA equipment
o TSA equipment
o Subject devices: smartcards, USB tokens, etc.
o Hardware Security Modules (HSMs)
o Web servers
Software
o CA key management applications
o CA backup applications
o Other CA applications
o RA applications
o VA management applications
o TSA management applications
Network Infrastructure
o Communication lines
Locations and sites: The TSP shall include in this category all facilities where the CA operation is
conducted, where other non-CA related operations are performed, as well as RA offices. Examples of
location assets are:
TSP primary premises
TSP back up sites
RA offices
Personnel: The TSP shall include in this category all different roles involved in the TSP processes and
the access rights to the different assets. Examples of personnel assets are:
TSP trusted roles for CA, VA and TSA
Other operational roles
RA operators
Different administrators at OS, DB, etc. level
Other assets: The TSP should identify all other assets not included in the above categories that have
a value for the organization. Examples of other assets are:
TSP reputation
TSP legal compliance
TSP trust relationships (e.g. to business partners, providers and suppliers or relying parties
like governments, software application vendors)
TSP customer base
Page 9
Risk assessment
Guidelines for trust services providers – Part 2
Page 10
Risk assessment
Guidelines for trust services providers – Part 2
Eavesdropping
Cryptanalysis
Threat agents: Intentional threats are caused by threat agents. Human made threats are usually
classified in terms of intentional or accidental, although in some cases natural hazards and loss of
essential services can also be intentionally caused by a threat agent. Additionally to threats, threats
agents are also important to be considered (especially their motivation and their opportunity). Some
examples of threat agents are:
Hackers
Computer criminals
Intelligence organizations
Disgruntled employees
Terrorists
Page 11
Risk assessment
Guidelines for trust services providers – Part 2
Registration records: RAs shall keep adequate records of the registration documents, as deficiencies
in the archival of registration records by the RA could lead to repudiation by the certificate subject.
Examples of vulnerabilities in the accountability of the registration process are:
Lack of appropriate procedures for registration documents archival
Insufficient protection of registration records
Page 12
Risk assessment
Guidelines for trust services providers – Part 2
Page 13
Risk assessment
Guidelines for trust services providers – Part 2
well, handle diligently its key pair to avoid misuse. Examples of vulnerabilities in the subject’s private
key usage are:
Lack of protection measures for the subject key pair activation
Negligent handling of private key by subject
Lack of guidelines to train subject on subject key pair custody
Page 14
Risk assessment
Guidelines for trust services providers – Part 2
lead to revoked certificates being used in a fraudulent way. Lack of appropriate security measures to
guarantee the integrity and authenticity of the distributed certificate revocation list may lead to
forgery by a malicious individual. Examples of vulnerabilities in the certificate revocation status
dissemination process are:
Lack of an appropriate revocation list update policy
Lack of enforcement of the revocation list update policy (including frequency)
Insecure dissemination of the certificate revocation list
Failure to update the status of the certificate
Failure to check revocation status by relying parties
Failure (e.g. downtime, DOS) of revocation dissemination service
Page 15
Risk assessment
Guidelines for trust services providers – Part 2
Page 16
Risk assessment
Guidelines for trust services providers – Part 2
TSP operational procedures: TSP policies shall be enforced through operational procedures followed
on daily operations to avoid security incidents. Examples of vulnerabilities affecting CA operational
procedures are:
Lack of Standard Operational Procedures for TSP operations
Lack of Incident Response Procedures
Lack of Business Continuity and Contingency Plans
Lack of quality assurance plans for issued certificates
TSP personnel: TSP personnel, especially those whose work in the TSP operations (trusted roles),
shall have an appropriate level of training and experience in order to avoid potential errors that
could cause compromise or malfunction of systems. A lack of separation of duties or incorrect audit
procedures can lead to abuse of the system without detection by the organization. Examples of
vulnerabilities affecting CA personnel are:
Lack of appropriate training of personnel operating CA related activities
Lack of separation of duties among trusted roles
Lack of enforcement of the information security policy
Lack of clear job descriptions for CA roles
Lack of employment screening of personnel performing trusted roles
Lack of adequate supervision
TSP facilities: Physical vulnerabilities derive from a lack of appropriate protection of the TSP
facilities, especially those dealing with CA operations. Malicious activities in the perimeter or natural
hazards can lead to a compromise or malfunction of TSP systems or assets. Examples of
vulnerabilities affecting TSP facilities are:
Physically insecure CA key generation environment
Lack of a secure perimeter to protect CA operation areas
Lack of protection measures from natural hazards
Lack of contingency plans against loss of essential services
Page 17
Risk assessment
Guidelines for trust services providers – Part 2
All registration records (supporting documents for the registration process) are kept under
security measures to guarantee their confidentiality and integrity, and shall follow data
protection regulations.
The RA systems are protected against malicious software.
The communication channel between RA and CA is secured to ensure the confidentiality,
integrity and authenticity of certificate requests.
RA systems are protected against unauthorized access
RA logging, auditing and supervision procedures are in place and up to date
Skilled/trained trustworthy personnel
Page 18
Risk assessment
Guidelines for trust services providers – Part 2
Page 19
Risk assessment
Guidelines for trust services providers – Part 2
If the certificate subject is not the source of the certificate revocation request, this shall be
informed of the request.
The channel established with the certificate revocation requester is secure.
The TSP is able to revoke any certificate that it has issued, even after a disaster.
All events related to a certificate revocation request are logged.
Certificate revocation status dissemination service
Certificate revocation status is disseminated with the update frequency stated in the
Certificate Practice Statement.
When certificate revocation is disseminated through CRLs, the authenticity and integrity of
the CRL is ensured, by, for example, an electronic signature of the list.
Certificate revocation status service is available to relying parties on a 24x7 basis.
The channel between the revocation management service and the certificate revocation
status service is secured and the authenticity of the messages ensured.
When certificate revocation status requests are made through an online service, the
responses are signed by the CA to guarantee their integrity and contain the exact time.
All events related to certificate revocation status requests or accesses to the CRLs are
logged.
Page 20
Risk assessment
Guidelines for trust services providers – Part 2
TSP software applications are separated from public networks by the appropriate perimeter
security mechanisms to restrict the visibility among internal and external hosts.
The TSP implements access right management procedures to ensure user accounts to access
information systems are properly managed.
All users are authenticated and shall possess adequate authorization before granted to
access the TSP information systems and their actions shall be logged.
The TSP conducts periodical vulnerability assessments to detect potential security flaws in its
information systems.
The TSP has an enforced audit logging policy. The policy shall state:
o The events recorded
o The security measures applied to protect them
o The roles authorized to access and modify logs
o The retention time for logs
The TSP logs at least the following events:
o All login events (successful and unsuccessful) to CA operation related systems (CA
key lifecycle management, subject certificate generation and revocation
management).
o All changes to the audit function.
o All key generation, key usage, cert generation, revocation, … (basically everything)
All audit logs are protected from unauthorized modification and all changes to the audit
functions should be recorded.
Logs should contain at least who, when, what, where …
TSP software is kept up to date with security fixes.
TSP hardware
Equipment is protected from environmental threats.
Equipment is protected from theft and tampering by implementing the appropriate physical
security measures.
The TSP maintains a hardware inventory.
Equipment which is not in use shall be stored in locked facilities separated from public areas.
Security sensitive hardware, such as HSMs, smartcards, etc., are certified with appropriate
levels (CC [42], FIPS [36], …)
Any information with might remain on hardware to be disposed is securely destroyed, e.g.
wiping and shredding of hard disks.
TSP communication networks
The TSP communication networks are protected to ensure confidentiality and integrity of
the information transmitted.
The TSP has taken the appropriate measures to ensure the communication networks are
sufficient to handle the TSP traffic and are redundant in case of a disaster.
Page 21
Risk assessment
Guidelines for trust services providers – Part 2
The TSP has produced and approved an Information Security Policy and a Business
Continuity Plan
Policies are enforced
TSP operational procedures
The TSP has produced and regularly tests and reviews business continuity plans to ensure
continuity of operations after incidents.
The TSP has backup procedures.
Backed up data are stored in an area physically separated from primary information
processing facilities.
Backed up data are logically and physically protected from unauthorized access.
The TSP has produced and maintains an incident response plan which clearly states
responsibilities in incident management.
The TSP keeps a record of incidents and reviews this information periodically to ensure the
implementation of corrective measures.
TSP personnel
The TSP has produced documents that clearly state job descriptions, especially those related
to trusted roles operating the CA operation related systems (CA key lifecycle management,
subject certificate generation and revocation management).
TSP personnel receive the appropriate training regarding security procedures.
The TSP implements a policy of separation of duties among trusted roles.
Background checking of personnel in security sensitive areas
Adequate (technical and organizational) supervision of personnel
TSP facilities
TSP facilities are protected from unauthorized access.
TSP facilities are protected from natural hazards such as fire and flooding.
CA operation related activities (CA key lifecycle management, subject certificate generation
and revocation management) are conducted in physically protected areas with access only
by authorized individuals.
The TSP has produced and maintains contingence plans to respond to essential services
failure (electricity, air conditioning).
Page 22
Risk assessment
Guidelines for trust services providers – Part 2
Fraudulent use of valid certificates: Incidents related to the subject’s custody of legitimate issued
certificates or vulnerabilities in the subject device or keys can lead to a malicious individual use in
order to impersonate the data subject. This impersonation could be used to intercept private
communications, to forge electronic signatures or to decipher previously encrypted messages.
Fraudulent use of revoked certificates: Incidents affecting the revocation management system
could lead to the inability to process certificate revocation requests, to disseminate their status, etc.
Inability to issue subjects’ certificates: Incidents affecting availability or integrity of the RA or the CA
information systems can lead the TSP not being able to issue new certificates.
Inability to use valid certificates: Some scenarios like the loss of availability of the certificate
revocation status may lead to inability to check the validity of certificates. Compromises of the CA or
RA can also lead to inability to use valid certificates due to the loss of trust or possibility of
compromise.
Inability to revoke certificates: A failure or compromise of the revocation management systems
could lead to subjects’ willing to revoke certificates not being able to do so, which could facilitate
fraudulent use.
Repudiation by certificate subject: Lack of proper registration policies and record preservation can
lead to a subject claiming repudiation of the actions performed with its certificate. Other integrity
compromises in the certification chain may lead to the same repudiation claim.
Loss of accountability of actions: In case of an incident, existing logs, as well as their protection
again manipulation, are an important tool to be able to determine the nature and source of the
incident. Lack of an appropriate level of logging, loss of existing logs or lack of protection of logs can
lead to the impossibility to determine user actions.
Liability: Any security incident or breach of the certification policies that carries a negative effect on
subjects can lead to legal and financial liability for the TSP.
Loss of reputation: Any security incident, especially those affecting the integrity of the CA
operations and the confidentiality of private keys, could cause a loss of reputation of the TSP that
would negatively affect subject trust.
Loss of qualification status: Lack of compliance with qualification requirements, failure to conduct
the necessary audits or negligence in managing the security of the certificate lifecycle can lead to the
loss of qualification status.
4
Please also refer to the “Guidelines for trust service providers – Mitigating the impact of security incidents”
Page 23
Risk assessment
Guidelines for trust services providers – Part 2
Compromise of the cryptographic algorithms or use of inadequate key lengths (or other
parameters)
Compromise of the revocation systems
Repudiation claim by certificate subject
Accidental loss of availability of the certification services
Personal data breach
Incidents affecting RAs
Compromise of a RA
Impersonation
Repudiation claim by certificate subject
Personal data breach
Incidents affecting the subject certificate
Compromise of the subject’s key pair
Compromise of the cryptographic algorithms or use of inadequate key lengths (or other
parameters)
Repudiation claim by certificate subject
Personal data breach
Incidents affecting VAs
Compromise of the VA
Compromise of the cryptographic algorithms or use of inadequate key lengths (or other
parameters)
Accidental loss of availability of the validation services
Incidents affecting TSAs
Compromise of the TSA
Compromise of the cryptographic algorithms or use of inadequate key lengths (or other
parameters)
Accidental loss of availability of the time stamping services
Page 24
Risk assessment
Guidelines for trust services providers – Part 2
5 Analyse risk
Once all the parameters that influence the risk calculation have been identified (assets, threats,
vulnerabilities, existing controls, consequences, and incident scenarios) the TSP has enough
information to start the risk analysis process. Risk analysis (the term risk analysis is sometimes
interchanged with risk assessment) is defined as a systematic use of information to identify sources
and to estimate the risk, where source is defined as an item or activity having a potential for a
consequence (ISO/IEC Guide 73 [4]).
Risk assessment also takes into account special circumstances under which assets may require
additional protection, such as with regulatory compliance.
During the risk analysis phase the TSP will use all the identified sources (assets, vulnerabilities,
threats) to estimate the risk, in terms of impact and probability.
5
For the in-depth description of the study, please refer to the document “TSP services, standards and risk
analysis report”, ENISA 2013. The participants are mentioned in the acknowledgements at the beginning of
this document.
Page 25
Risk assessment
Guidelines for trust services providers – Part 2
7,0 7,6
6,0 6,7 6,6
5,0 5,7 5,4
4,0 4,7 4,5
3,0 4,3
2,0
1,0
0,0
Page 26
Risk assessment
Guidelines for trust services providers – Part 2
3,5 4,0
3,8
3,0 3,5 3,4
2,5 3,1 2,9
2,7
2,0 2,4
1,5
1,0
0,5 0,9
0,0
This figure shows that the probability of a compromise of a CA is quite small taking into account that
this scenario is one of the worst that can happen to a TSP and according to the survey is indicated by
the TSPs that one scenario which is likely to occur is the repudiation claim done by the certificate
subject, mainly, claiming didn´t request for a certificate.
The answers of respondents (depicted by colours) show that the probability of these scenarios is
judged being unlikely to occur.
Based on the identified impact and probability scores on ENISA survey responses, the identified risks
would have the level of risk depicted on the Figure 4 (values as on Figures 2 and 3).
Page 27
Risk assessment
Guidelines for trust services providers – Part 2
Risk estimation
6,0
Probability
4,0
2,0
0,0
0,0 1,0 2,0 3,0 4,0 5,0 6,0 7,0 8,0 9,0 10,0
Level of impact
Compromise of the Certificate Authority
Compromise of the Cryptographic Algorithms
Compromise of a Registration Authority
Compromise of the Revocation Services
Personal Data Breach
Impersonation
This figure shows the level of impact caused by these possible scenarios and indicates that the
compromise of a CA has the highest level of impact in the TSP business followed by a compromise of
the cryptographic algorithms.
On the other hand, the compromise of a subject key pair and the claiming to repudiate the
certificate subject has a low level of impact in the TSP business.
This level of risk shall be reduced by applying the correspondent countermeasures.
Page 28
Risk assessment
Guidelines for trust services providers – Part 2
6 Evaluate risk
Risk evaluation is the process of comparing the estimated risk against given risk criteria to determine
the significance of risk (ISO/IEC Guide 73 [4]).
Risk criteria can include associated cost and benefits, legal and statutory requirements, socio-
economic aspects, the concerns of stakeholders, priorities and other inputs to the assessment
(ISO/IEC Guide 73 [4]). Risk criteria are closely linked to the TSP business environment and should be
determined by the TSP.
To support the risk evaluation process, we have produced examples of evaluations, based solely on
the risk estimation, of the main risks TSPs face, which can be found below. The list is informative and
should only be used as a reference. The TSP shall produce their own risk universe which corresponds
to its actual business and operational environment, including the risk criteria of its own organization
in the final evaluation.
For each identified risk, a description and a characterization has been made, in order to provide a
better understanding of the factors the that can have any effect on the potential materialization of
the risk. The following factors have been taken into account:
Description: Brief description of the characteristics of the identified risk and its likelihood
and impact score.
Related assets: Examples of the assets that could be affected by the incident scenarios
involved in the risk.
Possible vulnerabilities: Examples of vulnerabilities that, if being exploited, could lead for a
materialization of the risk.
Potential threats: Examples of threats that could cause the materialization of the risk.
Possible consequences: Examples of consequences that the materialization of the risk could
have.
Page 29
Risk assessment
Guidelines for trust services providers – Part 2
CA signing key is generated with a weak key generation algorithm or insufficient key length
(or other parameters) for the TSP business requirements
CA private signing key is not kept in a physically or logical secure environment
CA private signing key is not backed up
Back-up copies of the CA private signing key are not stored securely
CA key generation is not performed by trusted individuals
CA key is not generated in a secure device
CA private keys are disposed or archived in non-secure manner
CA private signing key is not kept in a physically or logical secure environment
Lack of enforcement of the information security policy in the CA
Lack of technical measures to protect the CA from malicious software
Usage of insecure or weak random number generator
Selection of weak algorithm (or parameters) the keys are generated for
Lack of appropriate software to protect the CA operations from malicious software
Potential threats
All intentional human made threats
Possible consequences
Fraudulent issuance of subjects’ certificates
Inability to issue subject’s certificates
Inability to use valid certificates
Liability
Loss of reputation
Loss of qualification status
Page 30
Risk assessment
Guidelines for trust services providers – Part 2
Attack vectors that make the cryptographic algorithms used to generate the subject key pair
insecure are discovered
Attack vectors against certificate signature algorithms making it possible to forge certificates
Usage of insecure or weak random number generator
Selection of weak algorithm (or parameters) the keys are generated for
Potential threats
All intentional human made threats
Possible consequences
Fraudulent use of valid certificates
Inability to issue subjects’ certificates
Inability to use valid certificates
Repudiation by certificate subject
Loss of accountability of actions
Loss of reputation
Page 31
Risk assessment
Guidelines for trust services providers – Part 2
Page 32
Risk assessment
Guidelines for trust services providers – Part 2
Risk 6: Impersonation
Probability Possible
Impact Medium
Description: Impersonation occurs when a malicious individual attempts to supplant another
individual personal identity or to fraudulently claim legal representation of an organization in order
to obtain a rogue electronic certificate perform some fraudulent actions.
Related assets
The registration process
RA operators
Related vulnerabilities
Page 33
Risk assessment
Guidelines for trust services providers – Part 2
Page 34
Risk assessment
Guidelines for trust services providers – Part 2
Natural hazards
Loss of essential services
Unintentional human made threats
Possible consequences
Inability to issue subjects’ certificates
Inability to use valid certificates
Inability to revoke certificates
Loss of reputation
Page 35
Risk assessment
Guidelines for trust services providers – Part 2
Page 36
Risk assessment
Guidelines for trust services providers – Part 2
VA signing key is generated with a weak algorithm or insufficient key length (or other
parameters) for the TSP business requirements
VA private signing key is not kept in a physically or logical secure environment
VA private signing key is not backed up
Back-up copies of the VA private signing key are not stored securely
VA key generation is not performed by trusted individuals
VA key is not generated in a secure device
VA private keys are disposed or archived in non-secure manner
VA private signing key is not kept in a physically or logical secure environment
Lack of enforcement of the information security policy in the VA
Lack of technical measures to protect the VA from malicious software
Lack of technical measures to protect the communication channel between the VA and the
requester
Differences between the CRL and the OCSP
Usage of insecure or weak random number generator
Selection of weak algorithm (or parameters) the keys are generated for
Lack of appropriate software to protect the VA operations from malicious software
Potential threats
All intentional human made threats
Possible consequences
Fraudulent validation of subjects’ certificates
Inability to validate subject’s certificates
Inability to use valid certificates
Liability
Loss of reputation
Loss of qualification status
Page 37
Risk assessment
Guidelines for trust services providers – Part 2
TSA signing key is generated with a weak algorithm or insufficient key length (or other
parameters) for the TSP business requirements
TSA private signing key is not kept in a physically or logical secure environment
TSA private signing key is not backed up
Back-up copies of the TSA private signing key are not stored securely
TSA key generation is not performed by trusted individuals
TSA key is not generated in a secure device
TSA private keys are disposed or archived in non-secure manner
TSA private signing key is not kept in a physically or logical secure environment
Lack of enforcement of the information security policy in the TSA
Lack of technical measures to protect the TSA from malicious software
Lack of technical measures to protect the communication channel between the TSA and the
requester
Lack of use of a trustworthy source of time
Usage of insecure or weak random number generator
Selection of weak algorithm (or parameters) the keys are generated for
Lack of appropriate software to protect the TSA operations from malicious software
Potential threats
All intentional human made threats
Possible consequences
Fraudulent issuance of time stamp tokens
Liability
Loss of reputation
Loss of qualification status
Page 38
Risk assessment
Guidelines for trust services providers – Part 2
7 Conclusions
In this document we discussed the principles and concepts of managing the risks applicaple to TSPs
by defining and controlling threats and vulnerabilities.
Security management ensures that the risks are identified and an adequate control environment is
established to mitigate these risks. There is a need to manage the risks by defining and controlling
threats and vulnerabilities. To achieve this, it is important to understand the principles behind the
management of risk and the concepts underlying the risk management process.
The choice of the appropriate methodology to perform the risk assessment should be made by the
organisation itself. This study has provided a general overview of how a risk assessment can be
conducted and how to identify risks specific to trust service providers. It can serve as a guide to
assist providers when conducting an assessment.
Page 39
Risk assessment
Guidelines for trust services providers – Part 2
Annex 1 – Definitions
Asset: any person, facility, material, information or activity that has value to the organization, its
business operations and their continuity, including Information resources that support the
organization's mission.
Authentication: process that allows the validation of the electronic identification of a natural or
legal person; or of the origin and integrity of an electronic data;
Certificate: Electronic attestation which links electronic signature or seal validation data of a natural
or a legal person respectively to the certificate and confirms those data of that person;
Certification Authority: An entity trusted to issue certificates. A certification service provider may
have one or several Certificate Authorities. It is generally a trusted party or trusted third party that
accepts the responsibility of managing the certificate process by issuing, distributing and verifying
certificates.
Certification Service Provider: An entity or a legal or natural person who issues certificates or
provides other services related to electronic signatures.
Contingency Plan: A plan for emergency response, backup operations, and post-disaster recovery in
a system, as part of a security program, to ensure availability of critical system resources and
facilitate continuity of operations in a crisis.
Cryptographic module: An umbrella term covering:
cryptographic algorithms (e.g. encryption, hashing, key generation, ...)
cryptographic parameters (e.g. key length, elliptic curve, ...)
cryptographic protocols (e.g. key exchange, ...)
cryptographic implementations (e.g. software libraries, HSMs, …)
Data Availability: The fact that data is accessible and services are operational. It can be described as
the property of being accessible and useable upon demand by an authorized entity. In the context of
service level agreements, availability generally refers to the degree to which a system may suffer
degradation or interruption in its service to the customer as a consequence of failures of one or
more of its parts.
Data Confidentiality: The protection of communications or stored data against interception and
reading by unauthorized persons. Confidentiality means keeping the content of information secret
from all entities except those that are authorized to access it.
Data Integrity: The confirmation that data which has been sent, received, or stored are complete
and unchanged, which implies that the items of interest (facts, data, attributes etc.) have not been
subject to manipulation by unauthorized entities.
Electronic seal: Data in electronic form which are attached to or logically associated with other
electronic data to ensure the origin and the integrity of the associated data; (Proposal eSignatures)
Electronic Signature: Data in electronic form which is attached to or logically associated to other
electronic data and serves as a method of authentication.
From a legal perspective, an electronic signature is not necessarily considered equivalent to a
handwritten signature. When it meets a number of conditions, it can be put on par with a
handwritten one.
Event: Occurrence of a particular set of circumstances
Page 40
Risk assessment
Guidelines for trust services providers – Part 2
Evidence: Information that either by itself or when used in conjunction with other information is
used to establish proof about an event or action. Evidence does not necessarily prove truth or
existence of something but contributes to establish proof.
Hash Function: A mathematical function which maps values from a large (possibly very large)
domain into a smaller range. A "good" hash function is such that the results of applying the function
to a set of values in the domain will be evenly distributed and apparently at random over the range.
Impact: The result of an incident.
Incident: An event that has been assessed as having an actual or potentially adverse effect on the
security or performance of a system.
Mitigation: Limitation of any negative consequence of a particular event
Probability: Extent to which an event is likely to occur.
Private Key: In a public key cryptosystem, that key of a user's key pair which is known only by that
user
Public Key: In a public key cryptosystem, that key of a user's key pair which is publicly known.
Public Key Infrastructure (PKI): The infrastructure able to support the management of public keys
able to support authentication, encryption, integrity or non-repudiation services.
Relying Party: A user or agent that relies on the data in a certificate in making decisions.
Risk: The potential that a given threat will exploit vulnerabilities of an asset or group of assets and
thereby cause harm to the organization.
Risk Analysis: A process that examines an organization´s information resources, its existing controls,
and its remaining organization and computer system vulnerabilities.
Risk Assessment: A process used to identify and evaluate risk and their potential effects
Risk Management: The discipline of identifying and measuring security risks associated with an
information system, and controlling and reducing those risks to an acceptable level. The goal of risk
management is to invest organizational resources to mitigate security risks in a cost-effective
manner, while enabling timely and effective mission accomplishment.
Signature Creation Data: Unique data, such as codes or private cryptographic keys, which are used
by the signatory to create an electronic signature
Signature Creation Device: Configured software or hardware used to create an electronic signature
Subject: Entity identified in a certificate as the holder of the private key associated with the public
key given in the certificate.
Threat: Any circumstance or event with the potential to adversely impact an asset through
unauthorized access, destruction, disclosure, modification of data, and/or denial of service.
Trust Service: Any electronic service consisting in the creation, verification, validation, handling and
preservation of electronic signatures, electronic seals, electronic time stamps, electronic documents,
electronic delivery services, website authentication, and electronic certificates, including certificates
for electronic signature and for electronic seals
Vulnerability: The existence of a weakness, design, or implementation error that can lead to an
unexpected, undesirable event compromising the security of the computer system, network,
application, or protocol involved.
Page 41
Risk assessment
Guidelines for trust services providers – Part 2
Annex 2 – Abbreviations
CA Certification Authority
CABF CA/Browser Forum
CC Common Criteria
CEN European Committee for Standardization (Comité Européen de Normalisation)
CIMC Certificate Issuance and Management Components
CP Certificate Policy
CPS Certification Practice Statement
CRL Certificate Revocation List
CSP Certification Service Provider
CWA CEN Workshop Agreement
EAL Evaluation Assurance Level
ECC Elliptic Curve Cryptography
ECDSA Elliptic Curve Digital Signature Algorithm
EN European Standard
ETSI European Telecommunications Standards Institute
FIPS Federal Information Processing Standards
GCD Greatest Common Divider
HSM Hardware Security Module
HTTP Hypertext Transfer Protocol
HTTPS HTTP Secure
HW Hardware
ISO International Organization for Standardization
NIST National Institute of Standards and Technology
OCSP Online Certificate Status Protocol
PDS PKI Disclosure Statement
PIN Personal Identification Number
PKI Public Key Infrastructure
PP Protection Profile
PSE Personal Security Environment
QCP Qualified Certificate Policy
RA Registration Authority
RFC Requests For Comments
RSA Rivest, Shamir and Adleman, the persons who first described the algorithm
Page 42
Risk assessment
Guidelines for trust services providers – Part 2
Page 43
Risk assessment
Guidelines for trust services providers – Part 2
Annex 3 – Bibliography
ISO
[1] ISO/IEC 13335-1:2004 Information technology – Security techniques – Management of
information and communications technology security – Part 1: Concepts and models for
information and communications technology security management
[2] ISO/IEC 27005:2011 Information technology - Security techniques - Information security risk
management
[3] ISO/IEC 24760:2011 Information technology - Security techniques - A framework for identity
management
[4] ISO/IEC Guide 73 Risk management – Vocabulary – Guidelines for use in standards
[5] ISO/IEC 9594-8:2008 Information technology -- Open Systems Interconnection -- The
Directory: Public-key and attribute certificate frameworks
[6] ISO/IEC 27000:2009 Information technology – Security techniques – Information security
management systems – Overview and vocabulary
[7] ISO/IEC 17021 Conformity assessment -- requirements for bodies providing audit and
certification of management systems
[8] ISO/IEC 10118-3:2004 Information technology -- Security techniques -- Hash-functions -- Part
3: Dedicated hash-functions
[9] ISO/IEC 15408 Series: Information technology -- Security techniques -- Evaluation criteria for
IT security. It consists of three parts:
[9a] ISO/IEC 15408-1:2009 establishes the general concepts and principles of IT
security evaluation and specifies the general model of evaluation given by various
parts of ISO/IEC 15408.
[9b] ISO/IEC 15408-2:2008 defines the content and presentation of the security
functional requirements to be assessed in a security evaluation using ISO/IEC 15408
[9c] ISO/IEC 15408-3:2008 defines the assurance requirements of the evaluation
criteria.
ETSI
[10]ETSI EN 319 401 Electronic Signatures and Infrastructures (ESI); General Policy Requirements
for Trust Service Providers supporting electronic signatures -
http://www.etsi.org/deliver/etsi_en/319400_319499/319401/01.01.01_20/en_319401v010
101c.pdf
[11]ETSI EN 319 412 Profiles for TSPs issuing Certificates
[11a] 319 412-1: Overview and common data structures
[11b] 319 412-2: Certificate profile for certificates issued to natural persons
[11c] 319 412-3: Certificate profile for certificates issued to legal persons
[11d] 319 412-4: Certificate profile for web site certificates issued to organisations
[11e] 319 412-5: Qualified certificate statements for qualified certificate profiles
[12] ETSI TS 101 456 Policy requirements for certification authorities issuing qualified
certificates:
http://www.etsi.org/deliver/etsi_ts/101400_101499/101456/01.04.03_60/ts_101456v0104
03p.pdf
[13]TR 102 437 Guidance on TS 101 456 (Policy Requirements for certification authorities issuing
qualified certificates)
http://www.etsi.org/deliver/etsi_ts/101800_101899/101862/01.03.03_60/ts_101862v0103
03p.pdf
Page 44
Risk assessment
Guidelines for trust services providers – Part 2
[14]TS 102 158 Policy requirements for Certification Service Providers issuing attribute
certificates usable with Qualified certificates
http://www.etsi.org/deliver/etsi_ts/102100_102199/102158/01.01.01_60/ts_102158v0101
01p.pdf
[15]TR 102 040 International Harmonization of Policy Requirements for CAs issuing Certificates
http://www.etsi.org/deliver/etsi_tr/102000_102099/102040/01.03.01_60/tr_102040v0103
01p.pdf
[16]ETSI TS 102 042 Policy requirements for certification authorities issuing public key
certificates:
http://www.etsi.org/deliver/etsi_ts/102000_102099/102042/01.01.01_60/ts_102042v0101
01p.pdf
[17]ETSI TS 101 862 Qualified Certificate profile:
http://www.etsi.org/deliver/etsi_ts/101800_101899/101862/01.03.03_60/ts_101862v0103
03p.pdf
[18]ETSI TS 102 176-1 Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash
functions and asymmetric algorithms
http://www.etsi.org/deliver/etsi_ts/102100_102199/10217601/02.00.00_60/ts_1
0217601v020000p.pdf
[19]TR 119 300 Business Driven Guidance for Cryptographic Suites
[20]TS 119 312 Cryptographic Suites for Secure Electronic Signatures
[21]EN 319 403 Trust Service Provider Conformity Assessment - Requirements for conformity
assessment bodies assessing Trust Service Providers
IETF
[22]RFC 5280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List
(CRL) Profile http://www.ietf.org/rfc/rfc5280.txt
[23]RFC 3647 Internet X.509 Public Key Infrastructure Certificate Policy and Certification
Practices Framework http://www.ietf.org/rfc/rfc3647.txt
[24]RFC 2560 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP
http://www.ietf.org/rfc/rfc2560.txt
[25]RFC 6960 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP
http://www.rfc-editor.org/rfc/rfc6960.txt
CEN
[26]CWA 14167 Security requirements for trustworthy systems managing certificates for
electronic signatures:
[26a] CWA 14167-1 Security Requirements for Trustworthy Systems Managing
Certificates for Electronic Signatures - Part 1: System Security Requirements
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1416
7-01-2003-Jun.pdf
[26b] CWA 14167-2 Security Requirements for Trustworthy Systems Managing
Certificates for Electronic Signatures - Part 2: Cryptographic Module for CSP signing
operations with backup - Protection profile (CMCSOB-PP)
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1416
7-02-2004-May.pdf
[26c] CWA 14167-3 Security Requirements for Trustworthy Systems Managing
Certificates for Electronic Signatures - Part 3: Cryptographic module for CSP key
generation services - Protection profile (CMCKG-PP)
Page 45
Risk assessment
Guidelines for trust services providers – Part 2
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1416
7-03-2004-May.pdf
[26d] CWA 14167-4 Security Requirements for Trustworthy Systems Managing
Certificates for Electronic Signatures - Part 4: Cryptographic module for CSP signing
operations - Protection profile - CMCSO PP
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1416
7-04-2004-May.pdf
NOTE: CEN Workshop Agreement 14167 is currently under revision to become the basis of a
European Norm in CEN TC 224.
[27]CWA 14169 Secure Signature-creation devices 'EAL 4+'
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa14169-00-
2004-Mar.pdf
[28]CWA 14355 Guidelines for the implementation of Secure Signature-Creation Devices
Description
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa14355-00-
2004-Mar.pdf
[29]CWA 14170 Security requirements for signature creation applications
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa14170-00-
2004-May.pdf
[30] CWA 14890 Application Interface for smart cards used as Secure Signature Creation
Devices
[30a] CWA 14890-1: Application Interface for smart cards used as Secure
Signature Creation Devices - Part 1: Basic requirements
[30b] CWA 14890-2: Application Interface for smart cards used as Secure
Signature Creation Devices - Part 2: Additional Services
[31]CWA 14172 European Electronic Signature Standardisation Initiative (EESSI) Conformity
Assessment Guidance. It is divided in 8 parts:
[31a] CWA 14172-1: EESSI Conformity Assessment Guidance - Part 1: General
introduction
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1417
2-01-2004-Mar.pdf
[31b] CWA 14172-2: EESSI Conformity Assessment Guidance - Part 2: Certification
Authority services and processes
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1417
2-02-2004-Mar.pdf
[31c] CWA 14172-3: EESSI Conformity Assessment Guidance - Part 3: Trustworthy
systems managing certificates for electronic signatures
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1417
2-03-2004-Mar.pdf
[31d] CWA 14172-4: EESSI Conformity Assessment Guidance - Part 4: Signature-
creation applications and general guidelines for electronic signature verification
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1417
2-04-2004-Mar.pdf
[31e] CWA 14172-5: EESSI Conformity Assessment Guidance - Part 5: Secure
signature-creation devices
ftp://ftp.cen.eu/CEN/Sectors/TCandWorkshops/Workshops/eSIGN_CWAs/cwa1417
2-05-2004-Mar.pdf
Page 46
Risk assessment
Guidelines for trust services providers – Part 2
CA/B Forum
[32]Baseline requirements for the issuance and management of publicly-trusted certificates
version 1.1.6 https://www.cabforum.org/Baseline_Requirements_V1_1_6.pdf
[33]EV SSL certificate guidelines version 1.4.3
https://www.cabforum.org/Guidelines_v1_4_3.pdf
NIST
[34]Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key
Lengths: http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
[35]NIST: Discussion Draft of the Preliminary Cybersecurity Framework, August 28, 2013.
http://www.nist.gov/itl/cyberframework.cfm
[36]FIPS PUB 140-2 (2001): "Security Requirements for Cryptographic Modules".
http://csrc.nist.gov publications fips fips140-2 fips1402annexd.pdf
Legislation
[37]Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999
on a Community framework for electronic signatures: http://eur-
lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31999L0093:EN:PDF
[38]Proposal for a Regulation of the European Parliament and of the Council on electronic
identification and trust services for electronic transactions in the internal market: http://eur-
lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0238:FIN:EN:PDF
[39]Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the
protection of individuals with regard to the processing of personal data and on the free
movement of such data:
http://europa.eu/legislation_summaries/information_society/data_protection/l14012_en.h
tm
Others
[40]EU Trusted Lists of Certification Service Providers: https://ec.europa.eu/digital-
agenda/en/eu-trusted-lists-certification-service-providers
[41]Trust Service Principles and Criteria for Certification Authorities Version 2.0:
http://www.cica.ca/resources-and-member-benefits/growing-your-firm/trust-
services/item10797.pdf
[42]The common criteria framework: http://www.commoncriteriaportal.org/
Page 47
Risk assessment
Guidelines for trust services providers – Part 2
[43]Notification with regard to electronic signatures in accordance with the Electronic Signatures
Act and the Electronic Signatures Ordinance
http://www.bundesnetzagentur.de/SharedDocs/Downloads/EN/BNetzA/Areas/ElectronicSig
nature/PublicationsNotifications/SuitableAlgorithms/2012_algokatpdf.pdf?__blob=publicati
onFile
[44]PKCS #1: RSA Cryptography Standard: http://www.rsa.com/rsalabs/node.asp?id=2125
[45]ECRYPT II European Network of Excellence in Cryptology II:
http://www.ecrypt.eu.org/documents/D.SPA.20.pdf
[46]RIPEMD (RACE Integrity Primitives Evaluation Message Digest):
http://homes.esat.kuleuven.be/~bosselae/ripemd160.html
[47]Fox-IT – RSA-512 Certificates abused in the wild. https://www.fox-it.com/en/blog/rsa-512-
certificates-abused-in-the-wild/
[48]Smartfacts – Factoring RSA keys from certified smart cards: Coppersmith in the wild.
http://smartfacts.cr.yp.to/smartfacts-20130916.pdf
[49]ANSI X9.79 Public Key Infrastructure (PKI) - Practices and Policy Framework
[50]CIMC Protection Profile: http://www.commoncriteriaportal.org/files/ppfiles/cert-issu-v15-
sec-eng.pdf
[51]EIFv2: http://ec.europa.eu/isa/documents/isa_annex_ii_eif_en.pdf
Page 48
Risk assessment
Guidelines for trust services providers – Part 2
Page 49
Risk assessment
Guidelines for trust services providers – Part 2
Page 50
Risk assessment
Guidelines for trust services providers – Part 2
Page 51
Risk assessment
Guidelines for trust services providers – Part 2
Page 52
Risk assessment
Guidelines for trust services providers – Part 2
ENISA
European Union Agency for Network and Information Security
Science and Technology Park of Crete (ITE)
Vassilika Vouton, 700 13, Heraklion, Greece
Athens Office
1 Vass. Sofias & Meg. Alexandrou
Marousi 151 24, Athens, Greece