Eurosmart | The voice of the Digital Security Industry | Quantum computers will compromise the security of identity documents

09 Nov 2021 Quantum computers will compromise the security of identity documents

Posted at 10:33h in CDI, News, Position Papers byadmin8520

In this new publication, Eurosmart explains that the advent of quantum computers would be a significant threat to the security of identity documents. Such an advent might seem distant, but current research shows that progress is taking place at a fast pace. The question is not anymore about “if” but when quantum computers will arise.

This paper takes the specific angle of identity documents, in particular eMRTDs*, i.e. documents equipped with a secure chip containing the information of the holder (biographic data but also biometric data: portrait and potentially fingerprint). The security of eMRTDs largely relies on asymmetric cryptography. Quantum computers with sufficient capabilities could revert back to the private key from the public key, hence breaking asymmetric cryptography. Thus, with quantum computers, a fundamental pillar of digital security is at risk of falling apart.

Identity documents contain sensitive information, such as biometric data. Such data is used for identity checks and travel. Although data is communicated in an encrypted manner, an attacker could capture and store the encrypted data today, waiting for the advent of quantum computing to decrypt the data. This attack would be particularly problematic for biometric data that remain static over time, such as fingerprints. In addition, all mechanisms put in place to demonstrate the authenticity of the identity information stored in the eMRTD, and the eMRTD itself, rely on asymmetric cryptography. Quantum computing would ruin all these security features. Thus, the advent of quantum computers would entail worrying risks of document forgery and identity theft.

Therefore, Eurosmart urges the EU and the eMRTD community, including ICAO, to consider this problem as soon as possible. The migration towards quantum-safe eMRTDs will take decades; therefore, it is essential to organise it now. More precisely, there is considerable work to do in the standardisation field.

For further information, please consult below our full paper.

Eurosmart_positionpaper_post_quantum_crypto_FINAL_22102021

Print page

Eurosmart welcomes the recent adoption of the Cyber Resilience Act and the Artificial Intelligence Act by the European Parliament

Eurosmart Unveils Ground-breaking PP-0117 V2 Secure Sub-System in System-on-Chip (3S in SoC) Protection Profile

Eurosmart Welcomes Adoption of the EUCC Scheme, Advocates Collaborative Approach for Sustainable Implementation

Eurosmart welcomes the recent adoption of the Cyber Resilience Act and the Artificial Intelligence Act by the European Parliament

Eurosmart Unveils Ground-breaking PP-0117 V2 Secure Sub-System in System-on-Chip (3S in SoC) Protection Profile

Eurosmart Welcomes Adoption of the EUCC Scheme, Advocates Collaborative Approach for Sustainable Implementation

Revision of the Cybersecurity Act (CSA) – The importance of maintaining efficient governance

Eurosmart’s priorities for the Cyber Resilience Act

Eurosmart’s Comments on the Cyber Resilience Act (CRA) proposal.

EU Common Criteria (EUCC) Certification Scheme

Revision of the Directive on Driving Licences – Eurosmart’s Answer to Public Consultation

European Digital Identity Wallet: Why do we need level “high” (eIDAS) & level “high” (Cybersecurity Act)?

Quantum computers will compromise the security of identity documents

09 Nov 2021 Quantum computers will compromise the security of identity documents

Recent news

Follow us on X