CDOC 2.0 is the codename for Estonia's new file encryption standard. The need for a new standard became clear during the 2017 ROCA crisis, when it was understood that the current solution (hereinafter CDOC 1.0) had serious shortcomings.
CDOC 1.0 uses the ID card as a storage for a static decryption key. If the ID card is destroyed or damaged, it will no longer be possible to open the encrypted files stored in the key. The same encryption-decryption key pair is used over many years. During that time many documents can be encrypted on a single key. If the secret of this key is violated, the confidentiality of all these documents will be lost at once. Also, the same encryption protocol is used in different scenarios with different security requirements (transmission of fine receipts vs. exchange of confidentiality information between force structures).
First of all, we note that the protection of the confidentiality of information has two different stages - firstly, protection during the transport of data and secondly, protection during long-term storage.
Therefore, in the first stage, we focused on the analysis of CDOC 2.0 as a transport format and protocol. In the course of the analysis, we conducted interviews with representatives of potential CDOC 2.0 user groups to identify usage patterns that need support. We placed emphasis on legal and technical requirements for information security, such as requirements for classification (eg duration of the need for confidentiality, management of the right to decrypt), as well as feasibility and usability (eg ability to use special solutions, requirements for user interface). As a result, we developed a general architecture for the CDOC 2.0 transport component.
The study was commissioned by Republic of Estonia Information System Authority.