Standard

ETSI TR 119 476-1

Published

Singles purchase not accessible

This standard can not be purchased as a single sales.

Abstract

The present document analyses cryptographic schemes for selective disclosure and their potential application for privacy of electronic attestation attributes in line with the expected requirement of the proposed regulation amending Regulation (EU) No 910/2014 (commonly called eIDAS2) [i.103]. NOTE 1: The term selective disclosure is a collective term that may also include various concepts of unlinkability, and predicates such as range proofs, depending on the context of the specific cryptographic scheme. The scope of the present document is primarily to describe selective disclosure and unlinkability properties of each analysed cryptographic scheme.  NOTE 2: Range proofs, and more general predicate proofs as well as general-purpose ZKPs are out of scope in the ARF [i.71]. If an analysed cryptographic scheme relies on any of these features, they will be described in the context of that particular cryptographic scheme. The present document aims at providing a comprehensive overview of existing cryptographic schemes for selective disclosure and the formats and protocols associated with these cryptographic schemes. The aim of the present document is first to provide input to ETSI standardization relating to how selective disclosure may be applied to the eIDAS2 (Qualified) Electronic Attribute Attestations ((Q)EAA) and Person Identification Data (PID). More specifically, the present document may serve as input to (Q)EAA issuance policies as being specified in ETSI TS 119 471 [i.96] and (Q)EAA profiles as being specified in ETSI TS 119 472-1 [i.97]. Second, the present document will also analyse the policy requirements for (Q)TSPs and PID providers issuing (Q)EAAs or PIDs with selective disclosure capabilities to EUDI Wallets. Third, the present document analyses how the user of an EUDI Wallet can present selected attributes of a (Q)EAA or PID to relying parties (or (Q)TSPs acting as relying parties). Consequently, the present document can highlight needs that may require future standardization efforts. The present document analyses the concepts of selective disclosure, unlinkability, and predicates (including range proofs) in the following main clauses:  • Selective disclosure signature schemes (clause 4): This clause describes the academic research of the cryptographic algorithms and schemes that shape the foundation for selective disclosure signature schemes.  • Selective disclosure (Q)EAA formats (clause 5): This clause describes the (Q)EAA formats that have been developed and standardized based on the aforementioned selective disclosure signature schemes.  • Selective disclosure protocols and systems (clause 6): This clause describes the complete protocols and /or systems that have been developed and standardized based on the aforementioned selective disclosure signature schemes and (Q)EAA formats. Since the ARF [i.71] specifies the PID to be issued to an EUDI Wallet as mdoc [i.181] (with MSO for selective disclosure) or W3C Verifiable Credentials (with SD-JWT for selective disclosure), these formats and protocols are analysed in more detail in clause 7.

Document information

  • Standard from ETSI_AC
  • Published:
  • Version: 0
  • Document type: IS
  • Additional information
  • V1.3.1