Abstract
Aadhaar is the national identities project of Government of India. The main benefit of Aadhaar is expected to be better decision making using modern analytics as citizens use such an identity to avail services from various government as well as private service providers; this necessarily involves building a huge store with necessary information on citizens such as mapping of ids to biometrics. Such stores raise many security and privacy concerns and therefore should be designed and analyzed very carefully. The threat model for such systems should address both internal and external attackers. Previous writings and research work [12] in this area have discussed problems such as illegal profiling and tracking of individuals, authentication without consent, collusion of multiple service providers leading to correlation of user data, and use of fake biometrics. While some analyses have focussed on cryptography to provide a solution, a comprehensive and workable solution for, say, illegal profiling, is still lacking, and there are also many problems from a systems perspective that need to be addressed such as access control models to constrain the access to sensitive data as well as integrity of its metadata. In this paper, we discuss solutions to such problems, esp illegal profiling.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Rajput, A., Gopinath, K.: ProVerif files (2017). https://github.com/the-elves/ICISS-codes
Sinha, S.K.A.: Information security practices of Aadhaar (or lack thereof). Technical report, The Center for Internet and Society. https://cis-india.org/internet-governance/information-security-practices-of-aadhaar-or-lack-thereof/at_download/file
Angell, I.: The identity project an assessment of the UK identity cards bill and its implications. Technical report, London School of Economics (2005). http://www.lse.ac.uk/management/research/identityproject/identityreport.pdf
BBC: Turkish authorities ‘probing huge ID data leak’ (2016). http://www.bbc.com/news/technology-35978216
Blanchet, B., Cheval, V., Allamigeon, X., Smyth, B.: Proverif: cryptographic protocol verifier in the formal model (2010). http://prosecco.gforge.inria.fr/personal/bblanche/proverif
GoI: The Aadhaar (targeted delivery of financial and other subsidies, benefits and services) act, 2016. Act in Govt. of India, by Ministry of Law and Justice (2016)
Jemel, M., Azzouna, N.B., Ghedira, K.: Towards a dynamic access control model for e-government web services. In: 2010 IEEE Asia-Pacific Services Computing Conference (APSCC), pp. 433–440. IEEE (2010)
Maheswaran, J.: Building privacy-preserving cryptographic credentials from federated online identities. Ph.D. thesis, Yale University (2015)
Maheswaran, J., Jackowitz, D., Zhai, E., Wolinsky, D.I., Ford, B.: Building privacy-preserving cryptographic credentials from federated online identities. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy (2016)
Meyer, R.: Long-range iris scanning is here (2015). https://www.theatlantic.com/technology/archive/2015/05/long-range-iris-scanning-is-here/393065/
Sharma, A.: Direct benefit transfer leads to Rs. 50,000-crore savings for government in 3 years (2016). http://economictimes.indiatimes.com/news/economy/finance/direct-benefit-transfer-leads-to-rs-50000-crore-savings-for-government-in-3-years/articleshow/57240387.cms, The Economic Times
Agrawal, S., Banerjee, S., Sharma, S.: Privacy and security of Aadhaar: a computer science perspective. http://www.cse.iitm.ac.in/~shwetaag/papers/aadhaar.pdf
The-Economic-Times: UIDAI lodges FIR against Axis Bank and two more firms for tampering with Aadhaar biometrics (2017). http://economictimes.indiatimes.com/articleshow/57325951.cms
The-Guardian: India goes from village to village to compile worlds biggest ID database (2016). https://www.theguardian.com/world/2016/jun/28/india-village-compile-worlds-biggest-id-database-aadhaar
UIDAI: The rule of thumb in identity (2016). https://uidai.gov.in/images/news/rule_of_Thumb_in_identity_13042017.pdf
Akhtar, Z., Micheloni, C., Foresti, G.L.: Biometric liveness detection: challenges and research opportunities. IEEE Secur. Priv. 13(5), 63–72 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Crypto-book Algorithm
A Crypto-book Algorithm
Architecture of Crypto-book places in
The architecture of Crypto-book is shown in Fig. 3. The description of the 4 entities in Crypto-book are as follows:
-
1.
The federated identities producer(F): like UIDAI, Facebook, Google who provide identities and provide single sign on service
-
2.
Credential Producer(CP): who verifies federated identities and provides partially blind credentials to consumer
-
3.
Credential Consumer (CC): who takes as input the credentials produced by credential producer to produce pseudonyms that are presented to third party applications
-
4.
Third party applications (A): These applications use the identities provided by F, after authentication by the user at interface provided by F.
Crypto-book uses blind signatures to produce pseudonyms which are presented to third party applications. Blind signatures are cryptographic primitive in which a requester can request a signer to sign a message where signer does not learn the content of the signed message. For blind signature, requester first obscures the message m with some secret to produce \(m'\) which is then signed by the signer to produce blinded signature \(s'\); Because requester knows the secret he can remove the blinding factor and send m and unblinded signature s to the receiver. A verifier can then verify the signature using public key of the signer [8]. The following are important steps in Crypto-book; here, the client is the user, credential producer is the signer and credential consumer is the verifier.
1.1 A.1 Producing Credentials
To obtain a t “at-large” credential for use with consumer with identity idc, a client first generates a random value r which identifies the credential. The client hashes this value r with the identity of the consumer to produce message \(m =H(r, idc)\). The client then contacts at least t of the n credential producers with signature requests, uniquely blinding the message m to produce \(m'\) for each request. Before signing the message, each credential producer verifies the client’s federated identity and, if successful, returns blinded signature \(s'_i\) to the client. The client unblinds the signatures from each of the credential producers to obtain a vector of unblinded signatures \(s_1, s_2, ... s_t\) which serves at the at-large credential for anonymous identity r with credential consumer c.
1.2 A.2 Consuming Credentials
To authenticate with a credential consumer requiring a threshold t at-large credential, a client must provide the credential consumer with the value r defining their anonymous identity along with a vector \(s_1, s_2, ... s_t\) of signatures from at least t unique credential producers. The consumer first hashes this value with its own identity to produce message \(m = H(r, idc)\). The consumer, using the public keys of the credential producers, then verifies that each signature is, in fact, valid for message m and, if successful, authenticates the client as anonymous identity r.
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Rajput, A., Gopinath, K. (2017). Towards a More Secure Aadhaar. In: Shyamasundar, R., Singh, V., Vaidya, J. (eds) Information Systems Security. ICISS 2017. Lecture Notes in Computer Science(), vol 10717. Springer, Cham. https://doi.org/10.1007/978-3-319-72598-7_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-72598-7_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72597-0
Online ISBN: 978-3-319-72598-7
eBook Packages: Computer ScienceComputer Science (R0)