Why Asymmetric cryptography in ID applications?
All the major ID applications (ID cards, signature application, passport…) do rely on asymmetric cryptography. The symmetric cryptography can not be envisioned for these large scale usages. First of all, it requires an a priori unique identification of the card. As the use of contactless cards is getting more and more fashionable, it can not be envisioned as it would enable any attacker to uniquely identify a card holder by scanning a crowd. Moreover, the eService willing to communicate needs to possess the symmetric key to use. It may either request the services of on online HSM, which would provide all the cryptographic services needed to communicate with the microchip, or use the keys it stores in a secure storage area. It requires either a permanent online link to a cryptographic services provider and/or the diffusion of the cryptographic keys to all the e-Services. It mandates either a very constraining infrastructure design or, in the second case, introduces a major treat in th
