August 09, 2004
Architecting an ID card

As part of the discussion ensuing the announcement of new Estonian ID cards on Slashdot, member 0x0d0a posted an insightful yet basic list of requirements for "the ideal ID card":

A good ID verifying-device (card, token, whatever):
  • Does not contain or rely on biometrics. Generally can change, and once copied/forged one can never change the identifying information.
  • Is capable of doing public-key encryption on-card. The information that identifies the person never leaks to the device. (Technically, this can be done with symmetric encryption as well in conjunction with a trusted centralized server, but this has some drawbacks.)
  • Has a PIN, so that stealing the card is not sufficient to impersonate a person.
  • Has a PIN entry keypad *on-card*, so that false readers and bogus ATMs cannot steal PINs.
  • If any data must go back to the card owner, has a rudimentary display *on-card* (say, a calculator-style LCD display), so that a false reader or bogus ATM cannot say that someone is paying "$10.00 to WalMart" for something and actually having them pay "$14.00 to Joe Hacker".
  • Should support a scheme where personal identity is not disclosed, but a persona is (my "persona" at the moment is "0x0d0a"). This is because any national ID card will naturally be used by other systems as well, and without this step, severe privacy abuses will occur. This requires use of a trusted, centralized server or of a card that can natively store multiple identities.
  • Allows one to disable the trusted nature of the the card quickly and easily if it is lost, and in a manner that cannot be easily done by others (which would allow a denial-of-service attack against the card owner).
  • Can handle water, crushing force, and high temperature.
  • Can fit in a wallet.
  • Should have the ability to log identity verification usage, so that the user can sync his card up with a computer or similar and check to see what he actually signed off on two days ago.
This certainly isn't a complete list of desireable characteristics, but it's a start.

Sponsored links
Related Entries
Comments
Post a comment
Name:


Email:
(Will not be displayed if you enter a website below. Otherwise, it will be displayed "spam protected")


Website:
(if you have one)


What do you want to say?
(please don't bother posting "spam" (pornography, viagra-sales etc - I will delete such comments anyway))


Remember info?



Referrers to this page
TrackBack URL for this entry:
http://www.jacobsen.no/cgi-sys/cgiwrap/anders/MT/mt-tb.cgi/985

23339 visits (1 today, 1 this week)

© Anders Jacobsen
[weblog / photography]