Dr. István Zsolt BERTA

I was born in 1978, Debrecen, Hungary. I received MSc in Technical Informatics (computer science) at the Budapest University of Technology and Economics (BME). I have started working in the field of IT security in 1999 when I joined the CrySyS (former Ebizlab) laboratory of IT security at BME. I wrote my PhD dissertation in the CrySyS laboratory on the dangers of creating electronic signatures at untrusted terminals.

I received MBA at Buckinghamshire Chilterns University College in 2004. I became CISA in 2006.

I work at Microsec Ltd., e-Szignó Certification Authority as
Director of R&D.

My fields of interest are

PKI and electronic signatures,
Long-term validity and long-term archiving of electronically signed documents,
Electronic signatures at untrusted terminals,
Smart card security.

Contact information:
e-mail: istvan (at) berta.hu
tel: +36302483630

My presentation on secure signature creation devices

2011-12-02

The Polish EU presidency organized a conference on electronic signatures in Warsaw. I held a presentation on various different approaches to secure signature creation devices.

The slides of my presentation are available here.

Attack on Diginotar

2011-08-30

There has been an attack on Diginotar, a Dutch CA. It led to the issuance of fake Google certificates.

New ETSI ALGO paper

2011-08-23

The European Telecommunications Standardization Institute has recently published a new version of its "ALGO paper" (ETSI TS 102 176-1), a technical specification containing a list of cryptographic algorithm sets suitable for creating electronic signatures.

The major changes are that 1024-bit-RSA and SHA-1 have been removed from the list of suitable algorithms.

My presentation at EFPE 2011

2011-06-22

I gave a presentation at the European Forum on Electronic Signature and PKI 2011 with the title: Managing SHA-2 migration - Replacing foundations of a PKI. Slides are available here.

The set of cryptographic algorithms usable for creating electronic signatures is going to change. 1024-bit-RSA and SHA-1 are being phased out in favor of 2048-bit-RSA and SHA-2 (SHA-256 in particular). I spoke about how we prepared at Microsec our certificate authority and signature creation application for this change so that it would mean as little trouble for end-users as possible.

I was not aware of any similar paper/presentation/checklist when we started working on this project, but it would have helped a lot. I hope my presentation shall be of help for others who will face similar problems in the future.

ETSI standard for secure electronic data archives

2011-05-27

The European Telecommunications Standards Institute (ETSI) has issued standards on the long-term preservation of electronic documents.

As I was involved in the design of the first Hungarian qualified archiving service provider operating according to the Hungarian electronic signatures act, I also took part the ETSI specialist task force elaborating the ETSI standards on information preservation.

Working together with colleagues from Italy, Spain and Austria, we created the following two specifications:

ETSI TS 101 533-1 Information Preservation Systems Security - Part 1: Requirements for Implementation and Management: This is an extension of ISO 27001, it specifies additional controls that are applicable to information preservation systems.

ETSI TR 101 533-2 Information Preservation Systems Security - Part 2 Guidelines for Assessors: This recommendation provides a checklist assessors of information preservation systems should follow during their audit.

The above standards rely on electronic signatures as a tool for ensuring the integrity and authenticity of the preserved information.

Now that there are European standards for information preservation systems, it shall be possible to use them instead of the current Hungarian specifications for qualified archiving service providers.

More entries...