cryptovision - Experts & Thought Leaders

Boldon James Ltd, a technology company providing data classification and military messaging solutions which enable customers to effectively protect data, enforce controls and manage data distribution, announces it has partnered with Germany’s solutions specialists for cryptography and Public Key Infrastructure, cv cryptovision GmbH. This partnership will provide government agencies and defence organisations with the ability to email securely across different security domains. The two organisations have been collaborating to develop a software component system which has now been deployed into a major German government agency. Enforcing communication protocols With enterprises, government agencies and institutions increasingly challenged with sending secure emails across multiple domains, Boldon James and cryptovision have integrated their respective products to deliver a combined solution to meet the growing need to protect data as it is used in increasingly remote and complex environments. Boldon James SAFEmail Military Messaging enforces communication protocols and delivers 'defence ready' secure messaging to NATO and other defence forces. For the past 20 years, Boldon James has been pioneering the way with Military Messaging Handling Systems (MMHS) using Microsoft Exchange as the core messaging service. SAFEmail enables the safe handling and control of a wide range of sensitive data from unclassified data to the high levels of restricted Government classifications across a variety of messaging environments. Strongest encryption methods Cryptovision’s GreenShield Suite is a complete solution for email encryption and digital signatures Cryptovision’s GreenShield Suite is a complete solution for email encryption and digital signatures, delivering the highest level of security and user convenience. It is approved by the BSI (German Federal Office for Information Security) for VS-NfD, NATO and EU-restricted communication. The solution offers end-to-end encryption with the strongest encryption methods currently available in the market. The GreenShield Suite consists of two products, GreenShield File and Mail, seamlessly integrated in Microsoft Outlook, IBM Notes and Microsoft Windows. Both products work collaboratively to ensure files can be encrypted and securely managed in the usual working environment. These are integrated into the respective email systems and enable the secure processing of emails including attachments. High levels of confidentiality Alan Borland, SAFEmail Product Manager at Boldon James, said: “With government and military agency emails in danger of falling into the wrong hands, Boldon James is keen to innovate to meet the demands we see in this space. By integrating our military messaging and data classification solutions with cryptovision’s encryption and security functionalities, this enables us to offer a solution that supports the needs of this growing marketplace.” Ralf König, Senior Product Manager at cryptovision comments: “This integration enables cryptovision to deliver a solution where intended email recipients are able to decrypt and read the message in a safe and secure environment. With Boldon James we aim to ensure the high levels of confidentiality required by many of our military and government clients based in NATO and EU member states.”

The POSeIDAS project aimed to provide a prototype eIDAS server and a simulation environment on a chip card The "Regulation on electronic identities and trust services (eIDAS)" published by the European Union in July 2014 forms the legal basis for the secure handling of electronic transactions between businesses, citizens and public authorities or institutions within the EU. The French Agence nationale de la sécurité of systèmes d'information (ANSSI) and the German Federal Office for Information Security (BSI) have jointly developed the smart card specification (BSI TR-03110 Version 2.20). It is based on the technology that is already used in the German identity card. POSeIDAS project to develop eIDAS prototype Given these developments, the BSI commissioned the POSeIDAS project to HJP Consulting, cv cryptovision and Governikus. The project aimed to provide a prototype eIDAS server and a simulation environment for simulating the functions of an eIDAS token and the implementation of eIDAS functions on a chip card. HJP provided the simulation environment for simulating the eIDAS functions based on BSI TR-03110. This open source smart card simulator – PersoSim – was developed by HJP and certified by the BSI. PersoSim emulates the functions of an electronic identity card and is already used by eID client developers and the BSI among others. PersoSim now includes features such as Chip Authentication in version 3, pseudonyms signature’s and attribute extensions (ERA). The new features represent a complete eIDAS token according to BSI TR-03110. "With POSeIDAS we have successfully realised the first global implementation of the new security features for future ID cards." says Holger Funke, HJP Consulting. Electronic identities within eIDAS regulation The Governikus KG delivered an open source version of an eID server and a corresponding eID client that are used for the verification of the interoperability of the electronic identities (Proof of Concept) within the eIDAS regulation. Starting with the eID server and the eID client that already supported the infrastructure of the online ID function of the German ID card, the extensions for the eIDAS token were implemented successively to support all requirements given by the Technical Guideline BSI TR-03110 version 2.20. cryptovision delivered the first implementation of the new eIDAS functions on a chip card. The implementation is based on the product "ePasslet Suite", a modular Java Card-based application suite for multi-functional national ID documents, which is already used in over 20 eID projects worldwide. ePasslet Suite provides a set of Java Card applets for passports, eID cards, electronic driving licenses, signature cards and other applications, and is also the foundation for the implementation of the eIDAS functionality. Therefore the innovative eIDAS functions can soon be used for international eID document projects in a very flexible manner.

Nigerian eID is the first national project in the world that combines eID functionality with a payment system With 160 million inhabitants, Nigeria is the most populous country in Africa. Now this emerging country can claim another title. After several years of preparation time, the National Identity Management Commission of Nigeria (NIMC) has now launched the first national electronic identity card with a payment application. At the end of August 2014 the first residents of Nigeria received their copy of this multifunctional e-ID document, a contact smart card similar to a traditional credit card. This polycarbonate eID replaces the current printed plastic identification document. To make the card usable, a sophisticated eID infrastructure has been deployed, which includes registration authorities, identity management systems, and secure card production facilities. Additionally mobile devices for enrolling, reading and even updating some data stored on the card are important infrastructure components, as well. In the first phase, the Nigerian eID is used for three applications: as a proof of identity, for digital payment (based on the EMV standard), and for digital signature with biometrics. The Nigerian eID is the first national project in the world that combines eID functionality with a payment system. Following the motto “Bank the Unbanked” this feature provides first time access to electronic payment to millions of Nigerian citizens. In the next project phases the multifunction card will be extended to support additional electronic uses like driving license, health information card, tax record and voting functionality. Other technical aspects of the Nigerian eID project are impressive as well. With full card issuance it will represent one of the largest and most complex Public Key Infrastructures (PKI) deployed worldwide. This PKI is comprised eight certification authorities and will issue over 300 million certificates. This infrastructure is necessary to protect the eID system and the card itself from hacker attacks. "We are thrilled that our entire solution range is applied in this unique project" The various applications that run on the Nigerian eID card have been implemented with Java Card technology. This open standards based approach delivers a high level of transparency and independence for the customer. In addition, the modular architecture easily enables future extensions and changes. A new card profile was developed especially for the Nigerian identity card in order to support this functionality. Within this framework it is possible to implement such a large range of applications on a single smart card. To encourage the electronic uses of the eID card, every eID cardholder is entitled to use a special NIMC branded middleware which includes the necessary cryptotgraphic interfaces and libraries to use biometrics and digital signature on personal computers running Windows, OS X, or Linux. All aforementioned core software components (PKI, card applications, and smart card middleware) are delivered by cryptovision. “We are thrilled that our entire solution range is applied in this unique project,” says Markus Hoffmeister, CEO and managing director of the Gelsenkirchen-based company. cryptovision acts as key part of a consortium consisting of leading technology companies including; NXP, Trüb, Austria Card, MasterCard and Datacard. The cooperation of each of these different vendors has enabled this unparalleled scope of this project. This project approach requries the overall architecture of the eID system to be based on established standards and documented interfaces. Without a prime systems integrator, the major part of the deployment work takes place onsite in close cooperation of the consortium members. This paradigm facilitates the Nigerian government to develop in-house expertise and alleviates any dependence from the respective technology providers. This approach was favored over a turnkey solution delivered by a single vendor, as the complexity of the resulting system could be a major problem for the operator without in-house experience at all of the infrastructure components. Says Markus Hoffmeister: “We are greatly indebted to NIMC because they are not only a reliable partner, but also have the expertise and courage to implement such an innovative approach.”