[1]: https://github.com/eu-digital-green-certificates/dgc-overvie...
[2]: https://datatracker.ietf.org/doc/draft-faltstrom-base45/
Especially when they could have avoided % and space.
If you were using binary storage, you wouldn't use "the JWS character set" (aka base64). You'd store it directly and have 0 wasted bits.
Also, they're not acknowledging the bits wasted by their current system. Numeric mode in QR codes spends 3.33 bits per digit. At two digits per character, they're spending 6.67 bits to store only 6 bits of information.
At some level "compatibility" is correct. System 1 outputs binary data, system 2 takes that and turns it into JSON, system 3 encodes that in base64, system 4 turns that into QR codes, and system 4 was what was mandated for producing all of the organisation's QR codes.
It starts with JWT. JSON is a human readable format (in utf-8), if humans don't need to read, the data could be binary, and the format could be exact. JSON isn't an exact spec, which is mostly inherited from JavaScript (there's no such thing as an integer only floating point, so 1e3==1000==1000.0==1.00e3 in human-readable form, as a stored number they are identical). Then there's differences in white-space (new lines, indentation) - although this could likely be overcome with convention. Because of this the JWT creators said instead of signing the data, we'll sign the exact representation in the payload - but of course with white-space and formatting variance (including a deserialize/serialize loops changing representations, or - in the case of bearer tokens, the HTTP spec allowing newlines/white space to be inserted at the protocol level) they had to encode it as non-human readable (base64). Now everyone agrees you're signing that exact Base64 representation of the JSON object. But! We've build a(n arguably verbose) human readable format that isn't readable by humans.
The SHC spec (common in North America) actually holds a JWT that's signed by an elliptic curve private key. You can validate the signature with a public key. The public/private choice here is great, the JWT is terrible.. they've doubled down on the mistakes. Further to keep the QR smallish, they zipped the payload portion (which is supported by JWT - this is done before the base64 stage), and use only the minimum QR resilience setting (which is fine if it's on a screen, if it's printed this may lead to reading problems). Now we have human readable (JSON) compressed in machine readable (deflate) in machine readable (base 64) in machine readable (QR) - for machine reading purposes. They didn't even trim the fluff (every SHC begins with 56 because.. you guessed it, the `{` character), or use sensible choices (they don't use IssuedAt/iat, but NotBefore/nbf to indicate the generation date). Anyway, SHC (reasonably) noticed because of the (mostly) base64 encoding the character set is only 64 characters (6 bits) which doesn't use the ASCII space (7 bits) very well, so they store the first 'shc://' in ASCII and the rest is a number (there are three modes in QR: ASCII, binary, numeric - the density loosely matches binary representations - a numeric digit (0-9) takes 4 bits, ascii char takes 7 and binary takes 8).
ASCII doesn't support the world very well, UTF8 isn't supported by QR (except as binary).
In the SHC case, because it's signing a specific format/output of the JSON data, it doesn't have the white-space formatting concerns that JWTs have to overcome. If they wanted to stick with a JWT like format (JSON object), they could have skipped the base64 before sign step, at which point they might as well get rid of the header (we're no longer to JWT spec), deflate the message to be signed, and put the signature after the deflated message. All the same data, less of the overhead, and better use of the binary space.
The article was about RSA 512 which has been known to be weak and crackable for a long time [2].
[0]: https://github.com/eu-digital-green-certificates/dgc-partici...
[1]: https://www.gnupg.org/faq/gnupg-faq.html#no_default_of_rsa40...
[2]: https://it.slashdot.org/story/99/08/29/0213230/512-bit-rsa-k...
Seems like a lot of hassle for a vaccine that is safe and will save your life.
https://threatpost.com/eus-green-pass-vaccination-id-private...
Afaik it was a leaked login, not a leak of the keys.
Passes have been sold (through the clear web and the dark web) but many have also been revoked since. As far as I know, the certificates being sold right now are either someone else's certificate (for places that don't check your ID when you walk in) and certificates generated by people working for places that also give out legitimate certificates, such as some pharmacies and hospitals.
There have been fraudulently obtained passes sold on the dark web. There have also been numerous arrests throughout the whole of Europe for this.
The vast majority of the dark-web suppliers are scammers - many of the adverts include a mix of QRs people have posted to social media and a large number of example QR. Including examples that I have generated in the past and used in presentations / on github.
Originally the certificates were simple "yeah, they are vaccinated" PDFs that people would alter, which was a pretty low bar.
In discussions like this I think we really need to frame this in the proper context. We're talking about a certificate saying that you did something that you could do for free, which has significant personal benefits, and even greater social benefits, and that a large majority of the public is entirely behind. Making a fake vaccination certificate is like making a fake Grade school graduation certificate -- if someone is at that point in their life, something has gone seriously wrong.
The demand for certificates was just trying to entice the small percentage of holdouts, and of those surely there will be some who will go to great lengths, including committing pretty significant crimes, to avoid it. That pathology can't be fixed easily.
Here in the NL there have been tons of people that sold COVID passes, some working at vaccination places, others working at testing places. Instead of hacking anything, they've just been committing regular fraud. The street value of these passes seems to be round €300 to €500. The government has been blacklisting these passes ever since they were first spotted, leaving many of their "customers" angry now that they can no longer fraud their way through the necessary checks.
The problem is not so much a technical one, as modern crypto is quite unbreakable. The pass in the article is based on RSA-512, which has been proven to be breakable all the way back in 1999. With elliptic curve cryptography the system can still remain unbreakable even with shorter keys that can fit into a small QR code, though space is rarely a problem with these codes anyway.
Not sure if trolling, but in case not, vaccination has had “a substantial impact on mitigating COVID-19 outbreaks” in America [1].
People have resorted to downloading the PDF and "hacking it" (editing it in Acrobat).
Nobody ever actually checks whether the certificate is valid or not.
What do you win by using a fake certificate vs. getting protected by the vaccine?
The validation apps used a 512 bit RSA public key.
They used a factoring app and spend $200 on amazon to factor the private key from the public key.
They were then able to generate the COVID passes.
This is for the Honai Police Dept.
*Hanoi
They are easy to copy or fake.
Any scheme which simply puts a cryptographic number on a some Physical card - or behind a regular QR is not secure. A simple photocopy will work just as well as the original. Not to mention Photoshop.
But there is actually a new way to make physical things - like printed Covid vaccination cards - provably unique and authentic.
Much more powerful than holograms and also much more secure, unclonable and authenticatable.
Take a look at Blocktag (blocktag dot com) - Next gen QR codes that anyone can print, yet cannot be counterfeited. And of course linked to blockchain and ready for physical NFTs too.
For places that are 3G you have the option in the app to not disclose your vaccination status in the code. So the scanning entity will know ow if you have one of the 3 possible requirements. Vaccinated, recovered or tested.
meanwhile ime most places with vaccine requirement accept a photo on my cell phone - not exactly cryptographically signed stuff over here.
https://www.gizmodo.com.au/2017/07/prime-minister-says-the-l...
(Yeah, tongue firmly in cheek. Laws of math oddly enough seem to work just fine for taxation, depreciation, etc etc)
For non-Australians, our Liberals are your Republicans, with all their faults, and our Labor is your Democrats, with all their faults.
Our Greens seem to have broadened their platform to include social justice and true libertarianism, so they're no _as_ powerhungry.
It's essentially an animated gif.
Why not use a VM with older libraries and tools ?
Why does it still surprise me that that most software companies treat backwards compatibility as a joke?
Why reinvent crypto, PKI and all? Also solves updates/invalidation issues.
Also NFC tags could’ve been better solution, but probably would’ve sent too much Bill Gates vibes.
The projects are meant to present a standardized format for the provision of easily validated information about an individual in environments where low-end hardware is common and internet connectivity is unreliable.
The QR code was chosen as the standard form of information transfer because it can be printed on paper and remain easily validated if someone lacks a device to put it on.
The codes aren't primarily meant to control pandemic spread, this just happens to be the first thing driving their widespread adoption.
Cynic in me says - just disable cards for the unvacced at specific venues…
In hindsight, the washing was overreaction, but you do have to realize there wasn't enough knowledge in the beginning, and people were assuming the virus was like the influenza virus, and we usually (at least the common wisdom was) catch influenza through touching snot-laden surfaces. It didn't help when China was saying things like they found some viruses on surfaces after 3 days. Sure, but how much virus, i.e. would they be enough to make you sick? The lack of information also made the virus like a super monster, where any trace of it could be deadly...
Now that we've figured out the virus is airborne, I'm a bit disappointed that governments haven't focused on good ventilation, but still on disinfecting and keeping distance. Where I live the bus can be full of people but it seems the governments are saying "It'll be fine to sit so close to each other if you have a mask on", and people also don't know any better...
Revealing so many digits of the factors actually allows easily factoring the original number using a version of coppersmith's method (easy as in under a second on my laptop instead of the 9 hours on a distributed cluster the authors used). This is actually a pretty classic CTF exercise.
If I'm still nerdsniped by this tomorrow I'll try my hand at implementing this and factoring the number myself
> Next, the data was hashed using a custom hashing algorithm developed by lachongtech.
Yeahhhh.....soooo.......
