Initial commit

.gitignore

@@ -0,0 +1,8 @@
+*.aux
+*.bbl
+*.bcf
+*.blg
+*.log
+*.out
+*.run.xml
+version.tex

Makefile

@@ -0,0 +1,27 @@
+
+SHELL := bash
+.ONESHELL:
+.SHELLFLAGS := -eu -o pipefail -c
+.DELETE_ON_ERROR:
+MAKEFLAGS += --warn-undefined-variables
+MAKEFLAGS += --no-builtin-rules
+
+main_tex ?= paper
+
+VERSION_STRING := $(shell git describe --tags --long --dirty)
+
+all: ${main_tex}.pdf
+
+%.pdf: %.tex paper.bib version.tex
+	pdflatex -shell-escape $<
+	biber $* 
+	pdflatex -shell-escape $<
+
+version.tex: ${main_tex}.tex paper.bib
+	echo "${VERSION_STRING}" > $@
+
+.PHONY: clean
+clean:
+	rm -f ${main_tex}.aux ${main_tex}.bbl ${main_tex}.bcf ${main_tex}.log ${main_tex}.blg
+	rm -f ${main_tex}.out ${main_tex}.run.xml texput.log 
+

paper.tex

@@ -0,0 +1,131 @@
+\documentclass{llncs}
+
+\usepackage[T1]{fontenc}
+\usepackage[
+    backend=biber,
+    style=lncs,
+    natbib=true,
+    url=false, 
+    doi=true,
+    eprint=false
+    ]{biblatex}
+\addbibresource{paper.bib}
+\usepackage{amssymb,amsmath}
+\usepackage{eurosym}
+\usepackage{wasysym}
+\usepackage[binary-units]{siunitx}
+\usepackage{commath}
+\usepackage{graphicx,color}
+\usepackage{colortbl}
+\usepackage{subcaption}
+\usepackage{placeins}
+\usepackage{array}
+\usepackage{censor}
+\usepackage{hyperref}
+\usepackage{makecell}
+
+\DeclareSIUnit{\baud}{Bd}
+\DeclareSIUnit{\year}{a}
+\DeclareSIUnit{\rpm}{rpm}
+\renewcommand{\floatpagefraction}{.8}
+\newcommand{\degree}{\ensuremath{^\circ}}
+\newcolumntype{P}[1]{>{\centering\arraybackslash}p{#1}}
+\newcommand{\partno}[1]{\textsf{\small#1}}
+\newcommand{\price}[2]{#1 #2}
+\newcommand{\todo}[1]{\textbf{TODO}\footnote{#1}}
+
+\begin{document}
+
+\author{Jan Sebastian Götte\inst{1} \and Björn Scheuermann\inst{2}}
+\institute{Technical University of Darmstadt, Darmstadt, Germany, \email{research@jaseg.de}\and
+    Technical University of Darmstadt, Darmstadt, Germany, \email{bjoern.scheuermann@kom.tu-darmstadt.de}}
+\title{Position Paper: Germany Is Rolling Out Nation-Scale Key Escrow And Nobody Is Talking About It}
+\maketitle
+\keywords{Physical Security\and Tamper Resistance\and Hardware Security Module
+            (HSM)\and Cryptography\and Governance\and Healthcare}
+
+\begin{abstract}
+    Germany is currently rolling out a nation-scale database of the medical records of the majority of its population,
+    particularly of vulnerable people. While there has been considerable criticism of the system coming from civil
+    society, independent academic analysis of the system by the cryptography and information security community has been
+    largely non-existent. In this paper, we want to raise awareness of the system's existance, and we want to point out
+    a number of \emph{spicy} cryptographic engineering decisions: The most sensitive, long-term user keys in the system
+    are derived by a cryptographically primitive centralized key escrow system from a per-user cleartext salt and only
+    1024 bit of entropy shared across all users. Physically, only the insecure level 3 of the obsolete FIPS 140-2
+    security standard is required in the system's standardization, leaving it open to attacks by nation-state and other
+    well-funded adversaries.
+\end{abstract}
+
+\section{Introduction}
+
+Beginning end of April 2025, after several delays, Germany has started the nation-scale rollout of its new electronic
+health record system. The aim of this system is to have a national database of all electronic medical records of all
+publically insured people living in Germany that can be accessed by any healthcare provider. The system aims to replace
+paper-based workflows that are error-prone and lead to healthcare providers often only having access to a subset of
+patient's medical records. Data in scope for the system includes, among others, medical letters, laboratory results, and
+imaging results.
+
+Due to Germany's mandatory health insurace laws, the system's user base encompasses the majority of all German
+residents. People who have replaced their public health insurance with private insurance are not (yet) subject to the
+system. As private insurance tends to be more expensive than public insurance, this means that the system
+disproportionally affects people who have low income.
+
+While there has been loud criticism of the system's security from civil society organizations such as digital rights
+nonprofit Chaos Commputer Club (CCC) and several severe security flaws have been demonstrated practically, this
+criticism has largely been ignored by the political structures in charge. We observe that despite this civil society
+outrage, the system has received very little attention from the academic cryptography and information security
+community.
+
+In this paper, we wish to point out some \emph{spicy} cryptographic engineering decisions in the system. In particular,
+we point out that the system's core per-user secrets are kept in a crytographically primitive key escrow system.
+Furthermore, we observe that by specification, the individual user keys of the system are derived from a per-user
+cleartext salt and system-wide long-term secrets with only 1 kbit of entropy. Finally, we note that according to
+specification, the only physical security requirement for the protection of these highly sensitive secrets is a ``hard,
+opaque potting material'', with \emph{no} tamper detection and response required.
+
+Given that nation-state adversaries are well within the scope of an attacker model of the system, we conclude that the
+combination of a small amount of entropy as well as the system's bare minimum of physical security requirements are
+insufficient for the level of sensitive data processed in the system.
+
+We base our analysis on the system's publicly available standards in their latest version as of writing of this paper.
+We note that the implementation might well deviate from these standards and be more secure - however, with the system's
+history of flaws, we believe that is unlikely to be the case. As of now, there is no meaningful way for either the
+public or for researchers such as us to ascertain the concrete implementation security of the system.
+
+\section{ePA's Intended Operation}
+
+\section{Related Work}
+
+\section{A realistic attacker model}
+
+\section{ePA's Cryptographic Design}
+
+\section{ePA's Key Escrow System (``SGD'')}
+
+\section{Physical Security}
+
+\section{Conclusion}
+
+In conclusion, we observe that in Germany's ePA national medical record database, despite the decade-long
+standardization and implementation process, several questionable cryptographic compromises ended up in the system's
+final deployment. Even assuming that nation-scale key escrow is a good idea, the implementation of this key escrow
+system is questionable. With no justification given, the system uses secret keys with only 1 kbit of entropy to derive
+highly sensitive secret keys for several tens of millions of people. The cryptographic design of this escrow system is
+primitive, ignoring the past three decades in crytographic developments in particular in multiparty computation (MPC)
+and other secret sharing techniques in favor of a simplistic engineering approach. In the engineering dimension, the
+system's physical security is only held to the basic level 3 of the obsolete FIPS 140-2 standard, which is considerably
+less secure an average credit card payment terminal. The low-entropy secret keys are only protected by a ``hard, opaque
+potting material'' and no tamper detection and response is required. We estimate that the system poses an attractive and
+easy target to nation-state adversaries.
+
+\begin{credits}
+This is version \texttt{\input{version.tex}\unskip} of this paper, generated on \today. The git repository with the
+\LaTeX source for this paper, all hardware design files, and firmware and analysis source code can be found at:
+
+\center{Note: URL elided for peer review}
+% \center{\url{https://git.jaseg.de/ihsm-sampling-mesh-monitor-hw.git}}
+\end{credits}
+
+\printbibliography[heading=bibintoc]
+
+\end{document}