On Friday 07 May 2010 08:11:52 Raj Mathur wrote: > Finally, there is talk about having a technical meeting with the > UIDAI architects sometime in the future. If that materialises, I > request everyone here on behalf of Prabir, Nagarjuna and myself to > raise any technological concerns they may have which we can > represent to the UIDAI. Again, a Wiki page to record and discuss > the concerns may not be a bad idea.
Are we changing from why? to why not?. One of the minor reasons for asking WHY is that biometrics, except for a tightly controlled set of usage scenarios, is unuseable. The UIDAI fails to comprehend that a biometric based UID is broken in concept. The worst characteristic of a biometric id is inability to discard a compromised ID. If your identity is stolen, you will never be able to own a new id ever, unless you have plastic surgery and an iris transplant. Machine matching of finger prints involve algorithmic extraction of minutae and pattern information from the center of the fingertip. Essentially xy coords of vertices, whorl and loop centers , pores, ridges etc. It is known as a template. The template size is between 256 and 8K bytes. A larger template indicates more compare points. The template size is a very large can of worms and ties in tightly to the initial capture and subsequent repeatability of capture environment. The stats of a worldwide competition is available here. http://bias.csr.unibo.it/fvc2006/results/O_res_db1_a.asp One might note that the FP database used here is as good as it gets. The more the datum points the higher is the False Rejection ratio (rejecting a valid finger). Lesser the datum points means higher False Acceptance Ratio (acceptance of an invalid finger). The UIDAI became aware that spoofing a single finger is trivial in a unmanned or compromised setup, so as a security measure mandated storing all ten finger prints. Mandating ten fingers does not improve anything, simply because even in ideal conditions a substantial portion of the population requires repeated swipes even for a single finger. Using more than one finger for authentication, increases FRR disproportionately. So, while reducing the spoof vulnerability (a little, they have reduced auth capability to unuseable levels. Prol'y in response to the above mess, UIDAI has now asked for iris scans. This is even worse than finger prints. All you need is a good camera to photograph someones eyes. Then get the pattern transferred to a contact lens (there are innumerable services doing this on the net). Wear the lens and voila I am you or he, or someone else - anyone but me. In their infinite wisdom the UIDAI thinks that two weak links when strung together will make a strong link. There are even more tech issues with the maths. A FAR of .00012% with iris and .0006% with fingerprints. So far authentication methods (wether iris, or multiple fingers) have not been specified - all ten fingers and both eyes being the maximum they can do and would take forever to produce a match. But even a very conservative, verifiably un compromised database of 1.2 billion will return a humongous number of false positives. Not content with this mess, the UIDAI is now hard selling this to banks, wherein UIDAI will undertake authentication. the banks are only too happy to get rid of the idiotic KYC processes and pass it on to someone else. Once the UIDAI achieves it's man in the middle role, Every one of your transactions are traceable by the man in the middle, without due process. So even if we smugly assumed that the government infrastructure has no leakages, the tech is so borked that short of enrollement officials being highly intrusive (like poking my eyes and peeling my finger skin), they would be hard pressed to prevent multiple ids. Biometric access control systems work well for a tiny random set of the population, in a very tightly controlled capture environment. Vary the environment or increase the size beyond a few thousand, and you hit a hard rock. There are various efforts underway that try to use the biometric data + some secret sauce algos that mangle the original biometric data, then use this new data set as a key generator. This is to overcome the inability to discard a compromised biometric data set. So far they are lab curiosities. -- Rgds JTD _______________________________________________ network mailing list [email protected] http://lists.fosscom.in/listinfo.cgi/network-fosscom.in
