Electronic data exchange with the German Pension Insurance

Recently, together with the B-I-T GmbH Information and processes from Hanover worked on implementing the electronic data exchange with the statutory health insurance funds and the pension insurance from one application.

Here, a combination of authenticated data transmission of both signed and encrypted messages is used. PKI technologies are used in all these cases.

The message format used is here documented.

Continue reading „Elektronischer Datenaustausch mit der Deutschen Rentenversicherung“

Change the signing algorithm of a certification authority hierarchy without issuing new certification authority certificates

Sometimes it may be necessary to change the Signature algorithm to subsequently change an already installed certification authority hierarchy.

This is often the case because one has installed them with PKCS#1 version 2.1 and unfortunately finds out afterwards that not all applications are compatible with the resulting certificates, and thus cannot use the hierarchy.

While it is relatively easy to change the signature algorithm for certificates issued by a certification authority, it is more difficult to do so for certification authority certificates.

Continue reading „Den Signaturalgorithmus einer Zertifizierungsstellen-Hierarchie ändern, ohne neue Zertifizierungsstellen-Zertifikate auszustellen“

Deploy PKCS#1 version 2.1 for a root CA (owned and issued certificates)

Before the Installation of a standalone root certification authority (Standalone Root CA) the question arises as to which cryptographic algorithms should be used.

Continue reading „PKCS#1 Version 2.1 für eine Stammzertifizierungsstelle (Root CA) einsetzen (eigenes und ausgestellte Zertifikate)“

Basics: key algorithms, signature algorithms and signature hash algorithms

When planning a public key infrastructure, the question arises as to which cryptographic algorithms it should use.

The main principles are explained below.

Continue reading „Grundlagen: Schlüsselalgorithmen, Signaturalgorithmen und Signaturhashalgorithmen“