Technologies

Mobile ID can turn your favorite smartphone or tablet to a full-featured mobile cryptographic device (mainly PKI). To implement cryptographic operations at a software level, a big set of technologies is required, including:

  • X.509 public key certificates
  • Advanced mechanism for key pair storage. Private keys are stored encrypted, on the mobile device, communication with an SPI (Server Protected Identification) server is required for decryption and use
  • One-Time-Pad is used for encryption of private key, resulting in a more robust security scheme
  • RSA 2048 bits, RSA-OAEP, AES 256 bits, SHA 512 bits, for the data transfer (communication channel)
  • Secure Storage Area inside the mobile device, encrypted with One-Time-Pad enhancing security of stored data
  • Authentication to SPI servers using One-Time-Passwords, minimizing the risk of man-in-the-middle attacks.
  • Integration with a certification authority
  • CMIS Support for documents distribution

The following technologies are also used (for various operations: UI view operations, file operations and more)

  • API: ability of 3rd party applications to use Mobile ID as middleware, for their PKI operations
  • Digital signatures
  • Certificate keyring
  • PDF document standard: visible signatures in PDF documents, PAdES Long-Term validation, time-stamped signatures, PDF signatures validation
  • S/MIME for emails: encrypted/digitally signed email handling
  • XML for transactions: ability to sign and validate XML documents
  • CMS enveloping
  • OCSP internet protocol