Cybernetica completed an additional technical delivery of the CDOC2 project for the Estonian Information System Authority (RIA), upgrading Estonia’s national file encryption standard. According to Cybernetica, the upgrade addresses critical security requirements and enables long-term secure document storage. CDOC (Crypto DigiDoc) is the file format used to store encrypted DigiDoc files across Estonia’s digital infrastructure.
Updates to the standard include modernizing the encrypted file format, adding additional encryption algorithm support, providing protection against harvest-now-decrypt-later attacks, and preparing the CDOC system for the quantum computer threat. The project originated from lessons learned during the 2017 ROCA cryptographic vulnerability crisis, which revealed that additional protections were necessary.
A remaining phase, expected to be completed by May 2026, will add support for encrypting and decrypting documents with Mobile-ID and Smart-ID on Android and iOS platforms. Once released to production by RIA, the CDOC 2.0 standard will expand access to secure document encryption, allowing citizens to use their ID-card, Mobile-ID, or Smart-ID for encryption and decryption directly from mobile devices.