Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash.

Published byKenneth Higgins Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash."— Presentation transcript:

1 1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash

2 2 Mon. December 3, 2001A Secure National ID Card Outline Why do we need a national identity card? Brief background / history How our design works Security vs. Privacy Questions

3 3 Mon. December 3, 2001A Secure National ID Card The Problem… Lots of people wish they could be Dave Evans

4 4 Mon. December 3, 2001A Secure National ID Card The Problem… Naturally, there are many imposters

5 5 Mon. December 3, 2001A Secure National ID Card The Solution A standard national identification card with biometric data All citizens and immigrants will be required to have an ID card Use will be mandatory in various critical locations Card readers have connection to general authorization database

6 6 Mon. December 3, 2001A Secure National ID Card Background More than 100 other nations have a national ID system –Most European Nations Nothing has ever materialized in the United States –Closest was 1996 Immigration Bill Recent Congressional Hearings

7 7 Mon. December 3, 2001A Secure National ID Card The Basic Goal To establish a system that can accurately verify a person is who they say they are ???

8 8 Mon. December 3, 2001A Secure National ID Card System Requirements Card can securely hold personal identification information System of readers can be used to verify cardholder matches card data –Airports –Firearms background check, etc. Central database maintains a list of flags for each person

9 9 Mon. December 3, 2001A Secure National ID Card System Requirements Readers and database can securely communicate Government agencies can securely access the database flags –Wanted criminal –Suspected terrorist, etc. A nationwide network to support communication (public or private)

10 10 Mon. December 3, 2001A Secure National ID Card Infrastructure This system will be very expensive to create (~ $3 Bil.) and maintain (???) –Communication network –Cards –Card Readers –Card Makers –Maintenance and Support Personnel

11 11 Mon. December 3, 2001A Secure National ID Card System Design Card Reader Gov’t Database Card Maker FBINSACIA …

12 12 Mon. December 3, 2001A Secure National ID Card Levels of Security Low security – face of card –Basic identification information (photo, address, DOB, …) –Used at bars, banks, etc. High security – smart card –Holds similar information, but also stores thumbprint and voice print.

13 13 Mon. December 3, 2001A Secure National ID Card Security Implementation Card –The card data is encrypted with private key from RSA key pair. Database –We will assume the database is perfectly secure Why?? Because he says so…

14 14 Mon. December 3, 2001A Secure National ID Card The Secure Channel Uses a scheme similar to SSH Each reader has an RSA key pair and identification number The database also has an RSA key pair Database and reader use RSA to establish a secret key and use AES for data exchange

15 15 Mon. December 3, 2001A Secure National ID Card Security vs. Privacy As always, increased security has its price on privacy Our card will only be used in areas that already invade on privacy –Airports –Gun background checks No data will be logged so citizens cannot be tracked

16 16 Mon. December 3, 2001A Secure National ID Card Final Thoughts A secure national ID system is feasible (check out our report for more info) We have tried to minimize any invasions of privacy, but some things are impossible to prevent Debates are likely to heat up in the coming months Is the added security worth inherent losses in privacy???

17 17 Mon. December 3, 2001A Secure National ID Card Questions???

18 18 Mon. December 3, 2001A Secure National ID Card The Card For most purposes, the card will be used like a driver’s license For high-security areas, a reader that connects to the database will decrypt the card data Only government authorized sites will have a card reader

19 19 Mon. December 3, 2001A Secure National ID Card The Reader Cardholder will put thumb on reader Reader will check thumbprint against print on the card Reader will check the database to authenticate the cardholder Reader will display pass or fail

20 20 Mon. December 3, 2001A Secure National ID Card Low Security Many applications will maintain same security as today –Alcohol Purchases –Check Cashing Similar security as existing state IDs (except better tamper-proofing)

21 21 Mon. December 3, 2001A Secure National ID Card High Security Areas of high security will receive added security with the card Many already require privacy infringements –Airports –Gun purchases –Nuclear facilites, etc. Cardholder will be aware of high-security check (by authorizing connection)

22 22 Mon. December 3, 2001A Secure National ID Card The Secure Channel ReaderDatabase Reader requests a connection - sends unique reader ID. Random string encrypted with reader’s public key Reader sends back random string encrypted with database public key Random string is used as key for symmetric encryption using AES If a match, database sends back person’s public key for decryption and any flags Reader sends person’s ID and card serial #

23 23 Mon. December 3, 2001A Secure National ID Card The Database Every card issued will have a record in the database Person’s ID Card Serial Number Public KeyFlags Each card reader also has a record Reader’s Location (IP Addr.) Reader Serial Number Public Key Access Perm.

24 24 Mon. December 3, 2001A Secure National ID Card The Database Each personal record has flag fields –Convicted felon –Wanted criminal –Suspected terrorist, etc. Flag field only contains binary flag, no details Flags can only be seen and modified by proper agency –FBI, CIA, NSA, etc.

25 25 Mon. December 3, 2001A Secure National ID Card The Database Knows network location of reader Securely stores the public key of each reader Will send only relevant flags –Airports will not know whether a person is authorized to purchase a gun

26 26 Mon. December 3, 2001A Secure National ID Card Anticipated Attacks Fake card faces –Will not work for high security Recreated ID’s with Smart Cards –Different card serial number –Won’t have private key associated with public key in database Spoofed Readers –Will not be in proper network location –Will not have reader’s private key

27 27 Mon. December 3, 2001A Secure National ID Card Anticipated Attacks (cont’d) Readers log personal information –Readers made by third party Attacks on database security –We will assume the database is perfectly secure Why?? Because he says so…

Download ppt "1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash."

Similar presentations

What is. Digital Certificate It is an identity.

What is. Digital Certificate It is an identity.
Securing the Worlds Information Secure Dynamic Credit and Debit Cards Stop Credit Card and Identity Theft Andre Brisson Stephen Boren Co founders/ Co.

Securing the Worlds Information Secure Dynamic Credit and Debit Cards Stop Credit Card and Identity Theft Andre Brisson Stephen Boren Co founders/ Co.
SCSC 455 Computer Security

SCSC 455 Computer Security
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
CP3397 ECommerce.

CP3397 ECommerce.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.

Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.

Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Similar presentations

Ads by Google