epa-sgd-crypt draft
This commit is contained in:
jaseg
parent
9ee28abd50
commit
bce789de7b
1 changed files with 64 additions and 0 deletions
64
content/blog/epa-sgd-crypto/index.rst
Normal file
64
content/blog/epa-sgd-crypto/index.rst
Normal file
|
|
@ -0,0 +1,64 @@
|
|||
---
|
||||
title: "75 Million Lives, Two Keys"
|
||||
date: 2025-01-05T23:42:00+01:00
|
||||
draft: true
|
||||
---
|
||||
|
||||
2025 has begun. In this new year, with its new national healthcare record system, the country of Germany will start one
|
||||
of the largest rollouts of a cryptographic system in history. While the system has received scrutiny as well as
|
||||
resulting harsh criticism from a number of parties ranging from NGOs to everyday civilians, the system has received
|
||||
surprisingly little attention from the academic applied cryptography crowd. Additionally, previous criticism of
|
||||
the system has largely revolved around organizational issues. While valid, we belive that some cryptographic issues at
|
||||
the core of the system have escaped attention unitl now. In particular, at the core of the system is a key escrow system
|
||||
that contains several questionable design choices and that in its overall design seems out of place in 2025.
|
||||
|
||||
The aim of the system is to serve as a shared storage for all healthcare records of a person. In the system, a person's
|
||||
entire patient file with all documentation on the treatment process including test results, images and other raw data
|
||||
will be stored in something vaguely resembling cloud storage such that all healthcare providers that the person visits
|
||||
can access the entire file. This centralized, synchronized storage eliminates the need for transferring this data
|
||||
between hospitals and doctors offices by fax, mail or physical media as it was common practice until now. After a
|
||||
development and testing phase lasting approximately five years, the German government decided to roll out the system to
|
||||
everybody insured under Germany's mandatory national health insurance scheme, totalling approximately 75 million people,
|
||||
on January 15th 2025.
|
||||
|
||||
In this article, we will give an overview of the system's cryptographic design before highlighting a few odd
|
||||
design choices that could amount to a viable attack vector to the powerful adversaies
|
||||
|
||||
## Context and involved parties
|
||||
|
||||
Germany has a national, mandatory health insurance system. The system is open to any permanent resident of the country
|
||||
irrespective of citizenship. The system is mandatory in that while residents can choose between a number of both
|
||||
publically owned as well as private healthcare providers, it is not possible to opt out of the system. The public health
|
||||
insurance providers cover approximately 90% of German residents. These providers are organized in an umbrella
|
||||
organization named "GKV Spitzenverband". The resposibility of this umbrella organization largely revolves around
|
||||
negotiating prices with pharmaceutical companies and with healthcare providers as a publically sanctioned cartel, but
|
||||
also includes the specification and operation of shared IT infrastructure for billing and data exchange between
|
||||
healthcare providers.
|
||||
|
||||
While GKV Spitzenverband is the party that ultimately holds responsibility for the regulatory administration of national
|
||||
healthcare IT infrastructure, it has delegated large parts of both the technical specification of this infrastructure as
|
||||
well as its day-to-day operation to Gematik GmbH, a state-owned limited liability corporation created specifically for
|
||||
the purpose of developing and implementing national healthcare IT standards. The electronic healthcare record system we
|
||||
describe in this article was standardized and implemented by Gematik GmbH under the direction of GKV Spitzenverband.
|
||||
|
||||
Healthcare providers in Germany need to be registered with GKV Spitzenverband to serve members of public health
|
||||
insurance providers. Since these public providers constitute approximately 90% market share, the vast majority of
|
||||
healthcare providers are registered this way.
|
||||
|
||||
## Design principles
|
||||
|
||||
## Cryptographic design
|
||||
|
||||
## The implied adversary model
|
||||
|
||||
While Gematik GmbH publishes detailed specifications of the systems they standardize, these specifications and some
|
||||
associated implementation guidelines are about the extent of public information. Software implementations are being kept
|
||||
secret, and while standardization results are available, a large fraction of design rationale is discussed behind closed
|
||||
doors. From an academic perspective, the most glaring omission in Gematik GmbH's public documents is any definition of a
|
||||
threat model or an adversary model. As a result of this, we will deduce an adversary model below by contextualizing the
|
||||
published standards in the national healthcare setting. We will base our further analysis of the system on this
|
||||
adversary model.
|
||||
|
||||
## Previous reviews and audits of the system
|
||||
|
||||
[0] https://www.destatis.de/DE/Themen/Arbeit/Arbeitsmarkt/Qualitaet-Arbeit/Dimension-2/krankenversicherungsschutz.html
|
||||
Loading…
Add table
Add a link
Reference in a new issue