Lessons Learned from the Estonian National ID Security Flaw

18 December 2017

Estonia recently suffered a major flaw in the security of their national ID card. This article discusses the fix and the lessons learned from the incident:

In the future, the infrastructure dependency on one digital identity platform must be decreased, the use of several alternatives must be encouraged and promoted. In addition, the update and replacement capacity, both remote and physical, should be increased. We also recommend the government to procure the readiness to act fast in force majeure situations from the eID providers.. While deciding on the new eID platforms, the need to replace cryptographic primitives must be taken into account — particularly the possibility of the need to replace algorithms with those that are not even in existence yet.

Read full news article on Schneier on Security

Date:

18 December 2017

Categorie(s):

NEWS

Tag(s):

Algorithms, Estonia, ID, Lessons Learned, Security Flaws

Ransom recovery costs reach $2.73 million3 May 2024
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks3 May 2024
Indonesia sneakily buys spyware, claims Amnesty International3 May 2024
Most companies changed their cybersecurity strategy in the past year3 May 2024
What is cybersecurity mesh architecture (CSMA)?3 May 2024