910/2014 - Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing directive 1999/93/EC

This European Standard specifies a protection profile for trustworthy systems supporting time stamping.

This document specifies a protection profile for trustworthy systems supporting time stamping.

The scope of proposed 419 241 part 2 (PP TSCM) covers security requirements to reach compliance with Annex II of Regulation No 910/2014 of the remote (qualified TSP operated) parts of the system, other than those relating to Signature Activation Data (SAD) management and the operation of the Signature Activation Protocol (SAP), assuming use of a cryptographic module conforming to EN 419 221-5. EN 419 241 part 2 will be balloted simultaneously with EN 419241 Part 3 Protection profile for Signature Activation Data management and Signature Activation Protocol(PP-SAD+SAP). These two new parts of EN 419 241, used in conjunction with the protection for PP for Cryptographic Module for Trust Services (EN 419 221-5), will contain security requirements for level 2 (sole control) as specified in TS 419 241 in a formal manner aligned with common criteria. These two new parts of EN 419 241, with EN 419 221-5, will support the certification of a system for remote qualified electronic signature or seal creation devices (remote QSCD) which meet the requirements of EU Regulation No 910/2014: The electronic signature creation data can be reliably protected by the legitimate signatory (sole control) against use by others, where the generation and management of the signature creation data is carried out by a qualified trust service provider on behalf of a signatory.

The scope of proposed 419 241 part 2 (PP TSCM) covers security requirements to reach compliance with Annex II of Regulation No 910/2014 of the remote (qualified TSP operated) parts of the system, other than those relating to Signature Activation Data (SAD) management and the operation of the Signature Activation Protocol (SAP), assuming use of a cryptographic module conforming to EN 419 221-5. EN 419 241 part 2 will be balloted simultaneously with EN 419241 Part 3 Protection profile for Signature Activation Data management and Signature Activation Protocol(PP-SAD+SAP). These two new parts of EN 419 241, used in conjunction with the protection for PP for Cryptographic Module for Trust Services (EN 419 221-5), will contain security requirements for level 2 (sole control) as specified in TS 419 241 in a formal manner aligned with common criteria. These two new parts of EN 419 241, with EN 419 221-5, will support the certification of a system for remote qualified electronic signature or seal creation devices (remote QSCD) which meet the requirements of EU Regulation No 910/2014: The electronic signature creation data can be reliably protected by the legitimate signatory (sole control) against use by others, where the generation and management of the signature creation data is carried out by a qualified trust service provider on behalf of a signatory.
The scope of proposed 419 241 part 3 (PP-SAD+SAP) covers security requirements to reach compliance with Annex II of Regulation No 910/2014 on the management of the SAD and the operation of the SAP used to provide sole control of the signatory or seal creator for the remote QSCD signing or sealing functions. The proposed parts 2 and 3 are to be independent of specific authentication mechanism and signature activation protocol to allow maximum flexibility with respect to future solutions and to allow supporting several authentication mechanisms. The proposed part 3 is to take into account: a) potential implementations that require dedicated functional components, owned by the signatory or seal creator, which are for the purposes of ensuring sole control, and b) potential implementations that do not require such dedicated functional components but still ensuring sole control of the signatory or seal creator. The proposed part 3 covers requirements up to the interface to the signatory or seal creator needed for authentication and the interface to the signature creation application for selection, checking and display of data to be signed (e. g. a signature creation application as defined in EN 419 111) while requirements on the signature creation application itself are out of scope. It is proposed that part 3 (PP-SAD+SAP) forms the prime reference for server signing that may be certified according to Regulation No 910/2014 including Annex II, and that this part requires components certified according to part 2 (PP TSCM) and EN 419221-5.

This Technical Report aims to help citizens to understand the relevance of using electronic signature within their day-to-day lives. It explains the legal and the technical backgrounds of electronic signatures.
This document gives guidance on the use of electronic signatures and addresses typical practical questions the citizen may have on how to proceed to electronically sign, where to find the suitable applications and material.
NOTE   It is probably more valuable for citizens to understand the value of electronically signing or sealing than understanding the standardization landscape in background.

This Technical Report aims to be the entry point in relation to electronic signatures for any SME that is considering to dematerialize paper-based workflow(s) and seeks a sound legal and technical basis in order to integrate e-Signatures in this process. It is not intended to be a guide for SMEs active in the development of electronic signatures products and services - they should rather rely on the series EN 319 x00 for building their offer - but it is a guide for SMEs CONSUMING e-Signature products and services.
This document builds on FprCEN/TR 419040, "Guidelines for citizens", explaining the concept and use of electronic signatures, to further help SMEs to understand the relevance of using e-Signatures within their business processes. It guides SMEs in discovering the level of electronic Signatures which is appropriate for their needs, extends the work to specific use-case scenarios, paying special attention to technologies and solutions, and addresses other typical concrete questions that SMEs need to answer before any making any decisions (such as the question of recognition of their e-Signature by third parties, within their sector, country or even internationally).
Once the decision is taken to deploy e-Signatures in support of their business, SMEs will then typically collaborate with their chosen providers of e-Signature products or services, which can be done on the basis of ETSI 19 100, "Business driven process for implementing generation and validation of electronic signatures in electronic business", that helps enterprises fulfil their business requirements.  The present document presents the concept and use of the standards relevant for SMEs developed under the Rationalised Framework to SMEs.

1.1   General
This document specifies security requirements and recommendations for Trustworthy Systems Supporting Server Signing (TW4S) that generate digital signatures.
The TW4S is composed at least of one Server Signing Application (SSA) and one Signature Creation Device (SCDev) or one remote Signature Creation Device.
A remote SCDev is a SCDev extended with remote control provided by a Signature Activation Module (SAM) executed in a tamper protected environment. This module uses the Signature Activation Data (SAD), collected through a Signature Activation Protocol (SAP), in order to guarantee with a high level of confidence that the signing keys are used under sole control of the signer.
The SSA uses a SCDev or a remote SCDev in order to generate, maintain and use the signing keys under the sole control of their authorized signer. Signing key import from CAs is out of scope.
So when the SSA uses a remote SCDev, the authorized signer remotely controls the signing key with a high level of confidence.
A TW4S is intended to deliver to the signer or to some other application, a digital signature created based on the data to be signed.
This standard:
-   provides commonly recognized functional models of TW4S;
-   specifies overall requirements that apply across all of the services identified in the functional model;
-   specifies security requirements for each of the services identified in the TW4S;
-   specifies security requirements for sensitive system components which may be used by the TW4S.
This standard is technology and protocol neutral and focuses on security requirements.
1.2   Outside of the scope
The following aspects are considered outside of the scope of this document:
-   other trusted services that may be used alongside this service such as certificate issuance, signature validation service, time-stamping service and information preservation service;
-   any application or system outside of the TW4S (in particular the signature creation application including the creation of advanced signature formats);
-   signing key and signing certificate import from CAs;
-   the legal interpretation of the form of signature (e.g. electronic signature, electronic seal, qualified or otherwise).
1.3   Audience
This standard specifies security requirements that are intended to be followed by:
-   providers of TW4S systems;
-   Trust Service Providers (TSP) offering a signature creation service.

This Technical Report aims to help citizens to understand the relevance of using electronic signature within their day-to-day lives. It also explains the legal and the technical backgrounds of electronic signatures.
This document gives guidance on the use of electronic signatures and addresses typical practical questions the citizen may have on how to proceed to electronically sign, where to find the suitable applications and material.

This Technical Report aims to be the entry point in relation to electronic signatures for any SME that is considering to dematerialize paper-based workflow(s) and seeks a sound legal and technical basis in order to integrate electronic signatures or electronic seals in this process. It is not intended to be a guide for SMEs active in the development of electronic signatures products and services - they should rather rely on the series ETSI EN 319 for building their offer - but it is a guide for SMEs CONSUMING e-Signature products and services.
This document builds on CEN/TR 419040, "Guidelines for citizens", explaining the concept and use of electronic signatures, to further help SMEs to understand the relevance of using e-Signatures within their business processes. It guides SMEs in discovering the level of electronic Signatures which is appropriate for their needs, extends the work to specific use-case scenarios, paying special attention to technologies and solutions, and addresses other typical concrete questions that SMEs need to answer before any making any decisions (such as the question of recognition of their e-Signature by third parties, within their sector, country or even internationally).
Once the decision is taken to deploy electronic signatures or electronic seals in support of their business, SMEs will then typically collaborate with their chosen providers of e electronic signatures or electronic seals products or services, which can be done on the basis of ETSI TR 119 100 "Guidance on the use of standards for signature creation and validation", that helps enterprises fulfil their business requirements. The present document presents the concepts and use of the standards relevant for SMEs developed under the Rationalised Framework to SMEs.

This part of EN 419221 specifies a Protection Profile for cryptographic modules suitable for use by trust service providers supporting electronic signature and electronic sealing operations, certificate issuance and revocation, time stamp operations, and authentication services, as identified by the (EU) No 910/2014 regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (eIDAS) in [Regulation]. The Protection Profile also includes optional support for protected backup of keys.
The document follows the rules and conventions laid out in Common Criteria part 1 [CC1], Annex B "Specification of Protection Profiles".

This part specifies mechanisms for SEs to be used as privacy-enabled devices in the context of IAS, and fulfil the requirements of Article 5 of the so-called eIDAS Regulation about data processing and protection.
It covers:
- Age verification
- Document validation
- Restricted identification
- eServices with trusted third party based on ERA protocol

This part of this series contains Identification, Authentication and Digital Signature (IAS) services in addition to the QSCD mechanisms already described in Part 1 to enable interoperability and usage for IAS services on a national or European level.
It also specifies additional mechanisms like key decipherment, Client Server authentication, identity management and privacy related services.

This part specifies mechanisms for SEs to be used as qualified signature creation devices covering:
•   Signature creation and mobile signature creation
•   User verification
•   Password based authentication
The specified mechanisms are suitable for other purposes like services in the context of EU Regulation 910/2014 of the European Parliament and the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.
The particular case of seal is also covered by the specification. The differences between seal and signature are exposed in Annex B. Annex B also explains how the mechanisms for SEs as qualified signature creation devices can be used for SEs as qualified seal creation devices.
Mobile signature is an alternative to the classical signature case which is performed by a secure element. Mobile signature is encouraged by the large widespread of mobile devices and the qualification authorized by the eIDAS Regulation. The particular case of remote signature (or server signing) is covered by this specification in Annex C.
In the rest of this document, except Annex B, there will be no particular notion of a seal since it technically compares to the signature.

This part is an informative introduction into the following parts. It gives guidance to the following parts in order to allow an efficient usage of the provided information. Therefore Part 1 provides history, application context, market perspective and a tutorial about the basic understanding of electronic signatures.
-   Clause 3 provides "Terms and definitions" covering all parts of this standards. The specific parts will contain a similar section which refers to the clause of this Part 1.
-   Clause 4 provides "Symbols and abbreviations" covering all parts of this standards. The specific parts will contain a similar section which refers to the clause of this Part 1.
-   Clause 5 provides a Management Summary that describes the market context in which electronic signatures are typically
-   Annex A provides the algorithm identifies for all parts of the standard.
-   Annex B provides the algorithm identifies for all parts of the standard.
-   Annex C provides the build scheme for object identifiers for all parts of the standard.
-   Annex D "Tutorial on Signature Technology" provides a tutorial which helps the first reader to get familiar with signature technology and its relation to the society that it serves.
-   Annex E "Guide to the EN 419212" explains the historical and technical evolution of the ESIGN activities which did finally lead to this version of the signature standard.

This part specifies device authentication to be used for QSCDs in various context including
   Device authentication protocols
   Establishment of a secure channel Data structures
CV-certificates Key management
The device authentication protocols shall apply to sole-control signature mandated by the EU-regulation eIDAS.

The regulation on electronic identification and trusted eServices (eIDAS regulation) clearly extends the current Electronic Signature Directive from electronic signature towards electronic identification and electronic authentication. These two topics are closely linked to electronic signature and are considered in this context in this document. There are many documents, standards, industrial initiatives and European projects on identification and authentication, but the scope here is limited to electronic signature context, and wider to electronic transactions in the internal market.
The present Technical Report is twofold.
It firstly does a brief analysis of the implementing acts on electronic identities CIR 2015/1501 [29] and CIR 2015/1502 [30] and how this is addressed by the eID interoperability framework [31]. It secondly establishes what areas of existing standards are impacted by the eID framework and what further areas of standardization could assist nations in providing eID services.

The present Technical Report provides guidance on the selection of standards and options for the signature/seal creation and other related devices (area 2) as identified in the framework for standardization of signatures: overview ETSI/TR 119 000 [16].
The present Technical Report describes the Business Scoping Parameters relevant to this area (see Clause 5) and how the relevant standards and options for this area can be identified given the Business Scoping Parameters (Clause 6).
The target audience of this document includes:
-   business managers who potentially require support from electronic signatures/seals in their business and will find here an explanation of how electronic signatures/seals standards can be used to meet their business needs;
-   application architects who will find here material that will guide them throughout the process of designing a system that fully and properly satisfies all the business and legal/regulatory requirements specific to electronic signatures/seals, and will gain a better understanding on how to select the appropriate standards to be implemented and/or used;
-   developers of the systems who will find in this document an understanding of the reasons that lead the systems to be designed as they were, as well as a proper knowledge of the standards that exist in the field and that they need to know in detail for a proper development.

The present Technical Report provides guidance on the selection of standards and options for the signature/seal creation and other related devices (area 2) as identified in the framework for standardization of signatures: overview ETSI/TR 119 000 [16].
The present Technical Report describes the Business Scoping Parameters relevant to this area (see Clause 5) and how the relevant standards and options for this area can be identified given the Business Scoping Parameters (Clause 6).
The target audience of this document includes:
-   business managers who potentially require support from electronic signatures/seals in their business and will find here an explanation of how electronic signatures/seals standards can be used to meet their business needs;
-   application architects who will find here material that will guide them throughout the process of designing a system that fully and properly satisfies all the business and legal/regulatory requirements specific to electronic signatures/seals, and will gain a better understanding on how to select the appropriate standards to be implemented and/or used;
-   developers of the systems who will find in this document an understanding of the reasons that lead the systems to be designed as they were, as well as a proper knowledge of the standards that exist in the field and that they need to know in detail for a proper development.

The regulation on electronic identification and trusted eServices (eIDAS regulation) clearly extends the current Electronic Signature Directive from electronic signature towards electronic identification and electronic authentication. These two topics are closely linked to electronic signature and are considered in this context in this document. There are many documents, standards, industrial initiatives and European projects on identification and authentication, but the scope here is limited to electronic signature context, and wider to electronic transactions in the internal market.
The present Technical Report is twofold.
It firstly does a brief analysis of the implementing acts on electronic identities CIR 2015/1501 [29] and CIR 2015/1502 [30] and how this is addressed by the eID interoperability framework [31]. It secondly establishes what areas of existing standards are impacted by the eID framework and what further areas of standardization could assist nations in providing eID services.

This Technical Specification specifies a protection profile for cryptographic modules used by certification service providers (as specified in Directive 1999/93) for signing operations, without key backup. Target applications include root certification authorities (certification authorities which issue certificates to other CAs and is at the top of a CA hierarchy) and other certification service providers where there is a high risk of direct physical attacks against the module.

This Technical Specification specifies a protection profile for cryptographic modules used by certification service providers (as specified in Directive 1999/93) for signing operations, with key backup. Target applications include root certification authorities (certification authorities who issue certificates to other CAs and who are at the top of a CA hierarchy) and other certification service providers where there is a high risk of direct physical attacks against the module.

This Technical Specification provides an overview of the protection profiles specified in other parts of CEN/TS 419221.

This Technical Standard specifies a protection profile for cryptographic module for CSP key generation services.

This European Standard:
-   specifies terms used in specifying protection profiles for secure signature creation devices,
-   specifies functional and operational requirements for secure signature creation devices,
-   describes the targets of evaluation for these protection profiles.

This European Standard specifies a protection profile for a secure signature creation device that may import signing keys and communicate with the signature creation application in protected manner: secure signature creation device with key import and trusted communication with signature creation application (SSCD KI TCSCA).

This European Standard specifies a protection profile for a secure signature creation device that may generate signing keys internally and communicate with the signature creation application in protected manner: secure signature creation device with key generation and trusted communication with signature creation application (SSCD KG TCSCA).

This European Standard specifies a protection profile for a secure signature creation device that may generate signing keys internally and export the public key in protected manner: secure signature creation device with key generation and trusted communication with certificate generation application (SSCD KG TCCGA).

This European Standard specifies a protection profile for a secure signature creation device with signing keys import possibility: SSCD with key import (SSCD KI).

This European Standard specifies a protection profile for a secure signature creation device that may generate signing keys internally: secure signature creation device with key generation (SSCD KG).

This European Standard contains packages that define security requirements for an authentication device. This document is Part 3. Part 1 and Part 2 are Protections Profiles - PP - based on the packages defined in this document. Packages contained in this document can be added in a Security Target - ST- claiming PP of Part 1 or Part 2.

This European Standard is a Protection Profile that defines the security requirements for an authentication device.

This European Standard is a Protection Profile that defines the security requirements for an authentication device.