Skip to content

Latest commit

 

History

History
41 lines (25 loc) · 1.51 KB

README.md

File metadata and controls

41 lines (25 loc) · 1.51 KB

PEP Go

This repo contains example code for me to better understand the concepts of polymorphic encryption and pseudonymisation (PEP) based on the Paper The polymorphic eID scheme by Eric R. Verheul.

What is it?

It simulates the interaction between 4 components:

Key Management Authority (KMA)

The Key Management Authority is responsible for ditributing the correct keys between the parties. It ensures every party gets the correct keys according to its role. By doing so, it enforces the governance behind the system.

Activation Service

The Activation Service takes a BSN from an authentication service and transforms it to a polymorphic identity (PI).

Authentication Service

The Authentication Service authenticates a user, determins its BSN and "activates" it by calling the activation service. This results in a polymorphic identity which it can store for later use. It can than later transform the PI to a form for a specific service provider.

Service provider

Needs the BSN but cannot authenticate the user itself. It relies on the authentication provider to generate a PI which it can decrypt.

How to use?

Run the following commands:

$ go run ./cmd/.

What is supported?

  • Creating PIs for specific APs
  • Transforming PIs to EIs for specific SPs
  • Decrypting EIs by specific SP
  • Creating PPs
  • Transforming PPs to EPs for specific SPs
  • Decrypting EPs by specific SP