DevPortalPagoPA




Table of contents

How to present the cryptographic information - pseudonymization

Exposition of the cryptographic information

The provider exposes an operation to read the cryptographic information so that the user can use it to read the signals and guarantee the confidentiality of the information. Pseudonymization is mandatory for personal data.
The producer identifies the pseudonymization algorithm with seeds and the parameters for its execution (seeds). This selection must be proportional to the type of personal data or the confidentiality of the information subject to the status and facts to which the variations can refer.
The value of the algorithm and the seed is univocal per e-service: all consumers will obtain the same algorithm and the same seed. The consumer must keep the received information confidential.

Selection of the algorithm and the seed

For the selection of the algorithm and the seed, and as a reference for updates and evolutions, refer to:
The recommendations of [LG PDND 4] "7.1.1. Pseudonymization algorithm” are provided below.

Selection of the algorithm

The recommended pseudonymization algorithms, or cryptographic hashing functions, are:
  • SHA-2: a set of cryptographic hash functions designed by the National Security Agency (NSA) to improve the security properties of its predecessor SHA-1
    • SHA-256
    • SHA-512/256
    • SHA-384
    • SHA-512
  • SHA-3: a set of cryptographic hash functions designed by the NIST (National Institute of Standards and Technology) to improve the security properties of its predecessor SHA-2:
    • SHA3-256
    • SHA3-384
    • SHA3-512
    • SHAKE128
    • SHAKE256

Selection of the seed

The pseudonymization algorithms recommended in the previous paragraph must be reinforced with the use of a secret.
With regard to the secret, it is recommended to:
  • rotate it at regular time intervals, below “rs” is used to indicate the number of days of rotation of the secret;
  • ensure an appropriate level of its entropy, below “be” is used to indicate the number of characters of the secret (employed as a set of characters [A-Za-z0-9]).
The recommendation for the producer is provided below in consideration of the type of data used for the e-services.
type of dataalgorithm versionseed rotation ddseed dimension
Data used for the indirect identification of the physical personNo specific recommendation
Data used for the direct identification of the physical personNo specific recommendation<= 120 dd>= 16 characters
Sensitive data of the physical person (racial or ethnic origin, religious, philosophical beliefs, political opinions, trade union membership, regarding health or sex life)
  • SHA-384
  • SHA-512
  • SHA3-384
  • SHA3-512
  • SHAKE128
  • SHAKE256
<= 80 dd>= 32 characters
Legal data of the physical person (existence of certain legal measures subject to entry in the criminal record)
  • SHA-512
  • SHA3-512
  • SHAKE128
  • SHAKE256
<= 60 dd>= 64 characters
Other data of the physical person (concerning electronic communications and that permit geolocalization)No specific recommendation<= 120 dd>= 16 characters

Implementation of the sharing of cryptographic information

The producer informs the consumer of their selection of the pseudonymization algorithm and the parameters for its execution through the presentation of a specific operation on the provided e-service.
The producer must make it possible for the consumer to calculate the same digest by applying the hash function on the concatenation of the input string and seed.
The order in which the input and seed should be concatenated should be communicated (in the documentation).
The producer exposes an endpoint of this type (they provide an illustrative, non-reference operation for the implementation) for sharing the cryptographic information:
1  /pseudonymization:
2    get:
3      summary: Gets a pseudonymization info
4      description: Info about crypto hash function and seed
5      responses:
6        "200":
7          description: Success
8          content:
9            application/json:
10              schema:
11                type: object
12                properties:
13                  seed:
14                    example: 3b9942ce-1f07-4512-8f34-f31b1a7b0061
15                    type: string
16                  cryptoHashFunction:
17                    example: sha256
18                    type: string
19                required:
20                  - seed
21                  - cryptoHashFunction
22                description: Success
23
24

Need help?

Open a ticket using the dedicated feature inside your Reserved Area

Tell us what you think

To report problems or give feedback, you can open a report on GitHub