Key changes for Health Departments
Health Departments public and private keys are the cornerstone of the entire Luca privacy "guarantee". Since these keys are generated by a system component under Luca's control, e.g. the Health Department web application, changes to key material issued for Health Departments need to be closely observed.
We have noticed a key material change for Health Department "Gesundheitsamt Diepholz" among others. The public/private key pair for this Health Department has been updated / exchanged. Our data indicates, that this has happened to more than a single Health Department.
Therefore I kindly ask you to respond to the following:
- Which events can cause a key exchange for Health Departments in general and what specifically happened in the "Diepholz" case?
- Outline the process for Health Department key replacements in general. For the "Diepholz" case specifically, please explain who triggered the key replacement and how did Luca facilitate the request.
- Since replacing cryptographically relevant keys is essential for the security of the overall system, please explain whether the Bundesdruckerei has been involved into the "Diepholz" key replacement.
- What happened to the pre-existing "Diepholz" keys?
- In case the pre-existing "Diepholz" keys were lost by the Health Department, what does this mean for the potentially epidemiologically relevant data encrypted with these pre-existing "Diepholz" keys?
- Is Luca planning to transparently report all Health Department key replacements publicly and in an automated fashion? Since each constitutes a potential security breach, these events should be taken seriously.
Thanks for looking into this.