Skip to content

Demo for polymorphic encryption and pseudonymisation (PEP)

Notifications You must be signed in to change notification settings

stevenvegt/pep-go

Repository files navigation

PEP Go

This repo contains example code for me to better understand the concepts of polymorphic encryption and pseudonymisation (PEP) based on the Paper The polymorphic eID scheme by Eric R. Verheul.

What is it?

It simulates the interaction between 4 components:

Key Management Authority (KMA)

The Key Management Authority is responsible for ditributing the correct keys between the parties. It ensures every party gets the correct keys according to its role. By doing so, it enforces the governance behind the system.

Activation Service

The Activation Service takes a BSN from an authentication service and transforms it to a polymorphic identity (PI).

Authentication Service

The Authentication Service authenticates a user, determins its BSN and "activates" it by calling the activation service. This results in a polymorphic identity which it can store for later use. It can than later transform the PI to a form for a specific service provider.

Service provider

Needs the BSN but cannot authenticate the user itself. It relies on the authentication provider to generate a PI which it can decrypt.

How to use?

Run the following commands:

$ go run ./cmd/.

What is supported?

  • Creating PIs for specific APs
  • Transforming PIs to EIs for specific SPs
  • Decrypting EIs by specific SP
  • Creating PPs
  • Transforming PPs to EPs for specific SPs
  • Decrypting EPs by specific SP

About

Demo for polymorphic encryption and pseudonymisation (PEP)

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages