Daily Keypair Rotation¶
As Health Departments are federated in Germany, they need to share a common keypair (namely the daily keypair). This keypair is generated and distributed among all Health Departments on a daily basis. For the distribution, we use the HDEKPs (that are uniquely owned by each health department) to encrypt the daily keypair’s private key for each Health Department. These encrypted private key objects are then uploaded to luca.
The following secrets are involved in this process:
Use / Purpose
Private key is accessible to all Health Departments
Daily Public Key Rotation¶
The rotation will be performed by any Health Department that logs in after the last daily keypair expired. The private key is encrypted and shared by all participating Health Departments using their associated HDEKPs (Health Department Encryption Key Pair) via the Luca Server. The public key (and its creation date) are signed with the HDSKP (Health Department Signing Key Pair) and distributed to all Guest Apps via the Luca Server. This effectively replaces the old daily keypair. All described cryptographic actions are performed in the Health Department Frontend, the Luca Server never learns the daily keypair private key in plaintext form.
Measures are taken to solve race conditions if multiple Health Departments try to perform the key rotation simultaneously. Eventually, all Health Departments share the knowledge of the new daily keypair and are ready to decipher Contact Data of Check-Ins performed on that day.
Private keys of daily keypairs that are older than the epidemiologically relevant time span (specifically, four weeks) can be destroyed. The Luca Server removes all such encrypted private keys for all Health Departments. Furthermore, the Health Department Frontend removes all locally stored copies of such private keys.
Authenticity of HDSKP and HDEKP¶
Each Health Department owns a pair of keypairs, namely HDSKP and HDEKP. Those keypairs are used to authenticate and distribute newly generated daily keypairs. Both HDSKP and HDEKP are generated in the Health Department Frontend during the registration process and remain known exclusively to the respective Health Department. In a future version of _luca_, we plan to certify the public keys of HDSKP and HDEKP by an independent trusted certificate authority to further strengthen their authenticity guarantees.