Reading of an attribute from an ID token

The invention claimed is: 1. A method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, said method comprising: determining, by a terminal, whether a contact-based interface of the ID token is available for data exchange with the terminal; if the ID token does not have the contact-based interface available providing data exchange with the terminal, the following are carried out: implementing a zero-knowledge authentication protocol via a contactless interface of the terminal and a contactless interface of the ID token in order to prove to the ID token that the terminal is in possession of a static secret, without transmitting this static secret to the ID token, wherein the static secret is a secret shared between the user and the ID token, wherein the implementing comprises generation of a first public cryptographic key (OS_IDT2) separately by the ID token and the terminal based on a random number generated by the ID token and transmitted to the terminal in an encrypted format, wherein the random number is encrypted using the static secret, and wherein the implementing the zero-knowledge authentication protocol comprises the authentication of the user to the ID token via the contactless interface based on the generated first public cryptographic key (OS_IDT2); and deriving of an ID token identifier by the terminal from the first public cryptographic key (OS_IDT2); if the ID token has the contact-based interface capable of data exchange with the terminal: authenticating the user to the ID token by transmission of the static secret from the terminal to the ID token via the contact-based interface; accessing an ID token identifier by the terminal, wherein the accessing comprises: reading of a data value, which was already stored on the memory of the terminal prior to the determination, from this memory, wherein the data value is also stored on a memory of the ID token prior to the determination, and using the data value as the ID token identifier by the terminal and by the ID token; or in response to the determination, generating a data value by the terminal, transmitting the data value from the terminal to the ID token, and using the generated data value as the ID token identifier by the terminal and by the ID token; or generating a data value by the ID token, transmitting the data value from the ID token to the terminal, and using the generated data value as the ID token identifier by the terminal and by the ID token; sending of the ID token identifier from the terminal to an ID provider computer; authenticating, the ID provider computer to the ID token using the ID token identifier; following successful authentication of the user and the ID provider computer to the ID token: providing read access to the ID provider computer to the at least one attribute stored in the ID token; the ID provider computer signing the at least one attribute; and transferring the signed at least one attribute to a further computer. 2. The method according to claim 1 , wherein the implementing the zero-knowledge authentication protocol comprises: implementing a first Diffie-Hellman key exchange (DH I) with use of the static secret by the ID token and by the terminal for generation of a first shared temporary base point (B′); implementing a second Diffie-Hellman key exchange (DH II) with use of the first shared temporary base point (B′), wherein the second Diffie-Hellman key exchange comprises generation of the first public cryptographic key (ÖS_IDT2) and a second public cryptographic key (ÖS_T2) and an exchange of the first and second public cryptographic keys between the terminal and the ID token; establishing a secure first data transfer channel (V1) between ID token and terminal with use of the first and second public cryptographic key; deriving an authentication key (AuS) from the first public cryptographic key (ÖS_IDT2) by the terminal; and using the authentication key by the terminal to authenticate the user to the ID token via the first protected connection. 3. The method according to claim 2 , wherein the first and second public cryptographic key are session-bound keys. 4. The method according to claim 2 , wherein the implementing the zero-knowledge authentication protocol comprises: transferring domain parameters (B), which define an elliptic curve, from the ID token to the terminal, wherein the domain parameters contain a static base point (B) of the elliptic curve; generating a random value (s) by the ID token; encrypting the random value (s) with the aid of the static secret (PIN) stored in the ID token to generate an encrypted random value (Enc(s)); transferring the encrypted random value (Enc(s)) from the ID token to the terminal; using the static secret (PIN) input by the user via the terminal to decrypt the encrypted random value (Enc(s)) for reconstruction of the random value by the terminal; generating a first private token key (PS_IDT1) by the ID token; deriving a first public token key (OS_IDT1) from the first private token key (PS_IDT1) and the base point by the ID token, wherein the first private and the first public token key form an asymmetric cryptographic key pair; transferring the first public token key (OS_IDT1) from the ID token to the terminal during the course of the first Diffie-Hellman key exchange; generating a first private terminal key (PS_T1) by the terminal; deriving a first public terminal key (OS_T1) from the first private terminal key and the static base point (B) by the terminal, wherein the first private terminal key (PS_T1) and the first public terminal key (OS_T1) form an asymmetric cryptographic key pair; transferring the first public terminal key from the terminal to the ID token during the course of the first Diffie-Hellman key exchange; computing a blinding point (BL) from the first private terminal key and the first public token key by the terminal; computing the first shared temporary base point (B′) from the random value (s), the static base point (B) and the blinding point (BL) by the terminal; computing the blinding point (BL) from the first private token key (PS_IDT1) and the first public terminal key (OS_T1) by the ID token; computing the first shared temporary base point (B′) from the random value (s), the static base point (B) and the blinding point (BL) by the ID token; generating a second private terminal key (PST2) by the terminal; deriving a second public terminal key (OS_T2) from the second private terminal key and from the first shared temporary base point (B′) by the terminal, wherein the second private terminal key and the second public terminal key together form an asymmetric cryptographic key pair; transferring the second public terminal key (OS_T2) from the terminal to the ID token during the course of the second Diffie-Hellman key exchange (DH II); generating a second private token key (PS_IDT2) by the ID token; deriving a second public token key (OS_IDT2) from the second private token key (PS_IDT2) and the first shared temporary base point (B′) by the ID token, wherein the second public token key and the second private token key together form an asymmetric cryptographic key pair; transferring the second public token key (OS_IDT2) from the ID token to the terminal, wherein the second public token key (OS_IDT2) serves as the first public key, which is used as ID token identifier; computing a session key (SSYM, SiS) from the second public token key and the second public terminal key by the ID token; computing the session key (SSYM, SiS) from the second public token key and the second public terminal key by the terminal; computing the authentication key (AuS) from the session key (SSYM) by the terminal; computing the authentication key (AuS) from the session key (SSYM) by the ID token in