Cybernetica has successfully completed additional technical delivery of the CDOC2 project for the Estonian Information System Authority (RIA), implementing a comprehensive upgrade to Estonia's national file encryption standard that addresses critical security requirements and enables long-term secure document storage.
CDOC - Crypto DigiDoc - is the file format used to store encrypted DigiDoc files. The objective of the CDOC2 project was to replace the previous CDOC 1.0 standard. It became clear during the 2017 ROCA cryptographic vulnerability crisis that additional protections are necessary. Updates to the standard are two-fold:
- modernising the encrypted file format and adding additional encryption algorithm support
- providing additional protection against harvest-now-decrypt-later attack and preparing CDOC system for quantum computer threat
"Looking ahead, CDOC2 positions Estonia at the forefront of secure digital document management. This upgrade ensures our nation's critical information remains protected and accessible for years to come, setting a new standard for digital governance," said Sven Heiberg, Head of Digital Identity Technologies at Cybernetica.
Comprehensive solution delivery
Cybernetica's technical contribution included developing the core CDOC 2.0 cryptographic framework, implementing reference library and demonstration clients, and establishing the long-term storage architecture. The company also provided comprehensive environment setup and deployment support to ensure smooth operational transition.
A key outstanding advancement in CDOC 2.0 is supporting encryption and decrypting documents with Mobile-ID and Smart-ID eID means. Estonian citizens will be able to securely encrypt and decrypt documents directly on Android and iOS platforms, without relying on ID-cards and significantly expanding accessibility beyond traditional desktop environments. This phase is set to be completed by May 2026.
Once released to production by RIA, the CDOC 2.0 standard significantly expands access to secure document encryption across Estonia's digital society. Citizens can then safely transmit encrypted files and decrypt them with their ID-card, Mobile-ID, or Smart-ID, while enjoying the flexibility to encrypt and decrypt documents directly from mobile devices.