This article describes the compliance of the Smart ID Digital Access component to security standards and NIST-approved cryptographic algorithms.
Security standards
-
PKI – Public Key Infrastructure, see https://en.wikipedia.org/wiki/PKCS
-
Javascript Object Signing and Encryption (JOSE), see https://www.iana.org/assignments/jose/jose.xhtml
-
RSA2048 key size, or higher.
-
RSA PKCS#1 signature with SHA-256, see https://tools.ietf.org/html/rfc8017
-
AES encryption, see https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf
-
X.509 certificates support, see https://tools.ietf.org/html/rfc2459
-
PKCS#10 Certificate Signing Request, see https://tools.ietf.org/html/rfc2986
-
PKCS#12 archive file format bundling private keys with X.509 Certificates, see https://tools.ietf.org/html/rfc7292