The eIDAS2.0 regulation requires all EU member states to provide a digital identity solution – the EU Digital Identity Wallet (EUDI) – by the end of 2026. Using a digital identity system and strong authentication can improve security, but its ubiquitous manner also poses a risk to privacy when implemented in the wrong way. Therefore, eIDAS2.0 mandates several core privacy principles that the EUDI wallet must satisfy, such as selective disclosure and unlinkability of presentations.

While technical solutions exist that would naturally satisfy these requirements, the EU has decided to not use them (yet), and build the wallet entirely from classic signatures such as ECDSA. These signatures can be amended to provide some privacy, but inherently lack the support of unlinkability when issuers are corrupt: that is, a malicious issuer of a digital credential can always trace its usage when colluding with the services that accept them. The most obvious attack would require the issuer to store all issued credentials and compare them against all presentations based on them, which is often ruled out as too “impractical” or cumbersome to happen.

In this master project, we want to show that there are more clever ways that allow malicious issuers to track their users. Issuers can deviate from the protocol specification in a way that is indistinguishable from the users view, yet allows convenient surveillance and tracking through malicious entities. After developing these attacks, we also want to propose counter measures on how to thwart or detect them.

For more details see here: [Poster] [Description]