Chris%20Marinak - PowerPoint PPT Presentation

About This Presentation
Title:

Chris%20Marinak

Description:

Saud Bangash. Mon. December 3, 2001. A Secure National ID Card. 2. Outline ... A standard national identification card with biometric data ... – PowerPoint PPT presentation

Number of Views:34
Avg rating:3.0/5.0
Slides: 28
Provided by: capit7
Category:

less

Transcript and Presenter's Notes

Title: Chris%20Marinak


1
A Secure National ID Card
Group 8 Chris Marinak Mike Cuvelier Adam
Sowers Saud Bangash
2
Outline
  • Why do we need a national identity card?
  • Brief background / history
  • How our design works
  • Security vs. Privacy
  • Questions

3
The Problem
  • Lots of people wish they could be Dave Evans

4
The Problem
  • Naturally, there are many imposters

5
The Solution
  • A standard national identification card with
    biometric data
  • All citizens and immigrants will be required to
    have an ID card
  • Use will be mandatory in various critical
    locations
  • Card readers have connection to general
    authorization database

6
Background
  • More than 100 other nations have a national ID
    system
  • Most European Nations
  • Nothing has ever materialized in the United
    States
  • Closest was 1996 Immigration Bill
  • Recent Congressional Hearings

7
The Basic Goal
  • To establish a system that can accurately verify
    a person is who they say they are

???
8
System Requirements
  • Card can securely hold personal identification
    information
  • System of readers can be used to verify
    cardholder matches card data
  • Airports
  • Firearms background check, etc.
  • Central database maintains a list of flags for
    each person

9
System Requirements
  • Readers and database can securely communicate
  • Government agencies can securely access the
    database flags
  • Wanted criminal
  • Suspected terrorist, etc.
  • A nationwide network to support communication
    (public or private)

10
Infrastructure
  • This system will be very expensive to create (
    3 Bil.) and maintain (???)
  • Communication network
  • Cards
  • Card Readers
  • Card Makers
  • Maintenance and Support Personnel

11
System Design
Card Maker
Card Reader
Govt Database

FBI
NSA
CIA
12
Levels of Security
  • Low security face of card
  • Basic identification information (photo, address,
    DOB, )
  • Used at bars, banks, etc.
  • High security smart card
  • Holds similar information, but also stores
    thumbprint and voice print.

13
Security Implementation
  • Card
  • The card data is encrypted with private key from
    RSA key pair.
  • Database
  • We will assume the database is perfectly secure

Why??
Because he says so
14
The Secure Channel
  • Uses a scheme similar to SSH
  • Each reader has an RSA key pair and
    identification number
  • The database also has an RSA key pair
  • Database and reader use RSA to establish a secret
    key and use AES for data exchange

15
Security vs. Privacy
  • As always, increased security has its price on
    privacy
  • Our card will only be used in areas that already
    invade on privacy
  • Airports
  • Gun background checks
  • No data will be logged so citizens cannot be
    tracked

16
Final Thoughts
  • A secure national ID system is feasible (check
    out our report for more info)
  • We have tried to minimize any invasions of
    privacy, but some things are impossible to
    prevent
  • Debates are likely to heat up in the coming months

Is the added security worth inherent losses in
privacy???
17
Questions???
18
The Card
  • For most purposes, the card will be used like a
    drivers license
  • For high-security areas, a reader that connects
    to the database will decrypt the card data
  • Only government authorized sites will have a card
    reader

19
The Reader
  • Cardholder will put thumb on reader
  • Reader will check thumbprint against print on the
    card
  • Reader will check the database to authenticate
    the cardholder
  • Reader will display pass or fail

20
Low Security
  • Many applications will maintain same security as
    today
  • Alcohol Purchases
  • Check Cashing
  • Similar security as existing state IDs (except
    better tamper-proofing)

21
High Security
  • Areas of high security will receive added
    security with the card
  • Many already require privacy infringements
  • Airports
  • Gun purchases
  • Nuclear facilites, etc.
  • Cardholder will be aware of high-security check
    (by authorizing connection)

22
The Secure Channel
Reader
Database
Reader requests a connection - sends unique
reader ID.
Random string encrypted with readers public key
Reader sends back random string encrypted with
database public key
Random string is used as key for symmetric
encryption using AES
Reader sends persons ID and card serial
If a match, database sends back persons public
key for decryption and any flags
23
The Database
  • Every card issued will have a record in the
    database

Persons ID Card Serial Number Public Key Flags
  • Each card reader also has a record

Readers Location (IP Addr.) Reader Serial Number Public Key Access Perm.
24
The Database
  • Each personal record has flag fields
  • Convicted felon
  • Wanted criminal
  • Suspected terrorist, etc.
  • Flag field only contains binary flag, no details
  • Flags can only be seen and modified by proper
    agency
  • FBI, CIA, NSA, etc.

25
The Database
  • Knows network location of reader
  • Securely stores the public key of each reader
  • Will send only relevant flags
  • Airports will not know whether a person is
    authorized to purchase a gun

26
Anticipated Attacks
  • Fake card faces
  • Will not work for high security
  • Recreated IDs with Smart Cards
  • Different card serial number
  • Wont have private key associated with public key
    in database
  • Spoofed Readers
  • Will not be in proper network location
  • Will not have readers private key

27
Anticipated Attacks (contd)
  • Readers log personal information
  • Readers made by third party
  • Attacks on database security
  • We will assume the database is perfectly secure

Why??
Because he says so
Write a Comment
User Comments (0)
About PowerShow.com