Paršovs, Arnis, juhendajaŠterna, Elizabete LieneTartu Ülikool. Loodus- ja täppisteaduste valdkondTartu Ülikool. Arvutiteaduse instituut2023-08-252023-08-252022https://hdl.handle.net/10062/91762The eParaksts mobile is a Latvian eID solution that is used for authentication and electronic signature creation with more than 187 000 users. It can be used to access government e-services in Latvia and create qualified electronic signatures with the same legal strength as handwritten signatures. Since eParaksts mobile is not an open-source solution, there is no publically available information describing the architecture of eParaksts mobile. Therefore, in this thesis, network traffic analysis is performed to understand and describe how the authentication and electronic signature creation schemes are implemented. This analysis depicts in detail the enrollment, authentication and electronic signature creation processes and shows that eParaksts mobile has a hybrid architecture – partly device-based, partly server-based. The private key for the authentication scheme is kept on the user’s device, while the private key for signature creation is kept on an HSM on the server-side. Additionally, a discussion of security implications emerging from the architecture of eParaksts mobile is provided. Moreover, this thesis provides a foundation for future studies of security analysis of the eParaksts mobile solution.engopenAccessAttribution-NonCommercial-NoDerivatives 4.0 InternationalAuthenticationcloud-based digital signatureelectronic signatureeParaksts mobilemobile eIDremote QSCDtrusted execution environment (TEE)magistritöödinformaatikainfotehnoloogiainformaticsinfotechnologyThesis