1
   

Federal ID: The "Real-ID" ?

Forums: Politics
Email this Topic Print this Page
 
 
ebrown p
 
  1  
Reply Mon 7 May, 2007 06:32 pm
Quote:

There has to be some sort of system to transmit the private key (stored in the database at a remote location) to the ID reader, which then uses the public key to decrypt it. This transmission - which will occur millions of times daily - opens up the Man in the Middle attack as well as other lines of attack.


This is simply wrong.

The whole idea of assymetric encryption is that the reader only needs the public key. Only the writer needs the private key.

A Man in the Middle attack is very easy to design a counter to. You just need a trusted third party. Commericial systems use certificates for just this reason... and the open source encryption uses the "Web of Trust". These techniques work just fine.

I really don't think you know what you are talking about.
0 Replies
 
Cycloptichorn
 
  1  
Reply Mon 7 May, 2007 06:33 pm
ebrown_p wrote:
Quote:

There has to be some sort of system to transmit the private key (stored in the database at a remote location) to the ID reader, which then uses the public key to decrypt it. This transmission - which will occur millions of times daily - opens up the Man in the Middle attack as well as other lines of attack.


This is simply wrong.

The whole idea of assymetric encryption is that the reader only needs the public key. Only the writer needs the private key (which will open up some problems).

A Man in the Middle attack is very easy to design a counter to. You just need a trusted third party. Commericial systems use certificates for just this reason... and the open source ecryption uses the "Web of Trust". These techniques work just fine.

I really don't think you know what you are talking about.


Sorry, I appear to be confused as to how this system works.

What information is encrypted on the ID itself - the private key?

What happens if my information changes - do I need a whole new ID made from the central authority?

You say "(which will open up some problems)." What happens to all the IDs out there if the private key gets revealed, something which there would be a tremendous incentive for an unscrupulous and poor govt' employee to do?

Who will be the 'trusted third party?' If I understand the Web of Trust right.

There seem to be many more ways that this system could be wrecked then just straight hacking the code - though I don't believe that such a thing is impossible nor will be impossible in the future.

Cycloptichorn
0 Replies
 
USAFHokie80
 
  1  
Reply Mon 7 May, 2007 07:11 pm
ebrown_p wrote:
Quote:

There has to be some sort of system to transmit the private key (stored in the database at a remote location) to the ID reader, which then uses the public key to decrypt it. This transmission - which will occur millions of times daily - opens up the Man in the Middle attack as well as other lines of attack.


This is simply wrong.

The whole idea of assymetric encryption is that the reader only needs the public key. Only the writer needs the private key.

A Man in the Middle attack is very easy to design a counter to. You just need a trusted third party. Commericial systems use certificates for just this reason... and the open source encryption uses the "Web of Trust". These techniques work just fine.

I really don't think you know what you are talking about.


Amen.
0 Replies
 
USAFHokie80
 
  1  
Reply Mon 7 May, 2007 07:17 pm
Cycloptichorn wrote:
ebrown_p wrote:
Quote:

There has to be some sort of system to transmit the private key (stored in the database at a remote location) to the ID reader, which then uses the public key to decrypt it. This transmission - which will occur millions of times daily - opens up the Man in the Middle attack as well as other lines of attack.


This is simply wrong.

The whole idea of assymetric encryption is that the reader only needs the public key. Only the writer needs the private key (which will open up some problems).

A Man in the Middle attack is very easy to design a counter to. You just need a trusted third party. Commericial systems use certificates for just this reason... and the open source ecryption uses the "Web of Trust". These techniques work just fine.

I really don't think you know what you are talking about.


Sorry, I appear to be confused as to how this system works.

What information is encrypted on the ID itself - the private key?

What happens if my information changes - do I need a whole new ID made from the central authority?

You say "(which will open up some problems)." What happens to all the IDs out there if the private key gets revealed, something which there would be a tremendous incentive for an unscrupulous and poor govt' employee to do?

Who will be the 'trusted third party?' If I understand the Web of Trust right.

There seem to be many more ways that this system could be wrecked then just straight hacking the code - though I don't believe that such a thing is impossible nor will be impossible in the future.

Cycloptichorn


The problem here is that you don't understand how the encryption is done. And I'm not terribly sure you know what hacking is either. You can't "hack" code remotely. You can hack a system by finding a defect in security measures, but that's about it. To hack the code itself, you have to either patch it or make changes and recompile. You could possibly come up with a scheme to use a virus to patch an executable, but with the security that would accompany this system, that is unlikely.
0 Replies
 
Cycloptichorn
 
  1  
Reply Mon 7 May, 2007 07:24 pm
Quote:

The problem here is that you don't understand how the encryption is done.


Wrong

Quote:
And I'm not terribly sure you know what hacking is either.



Also wrong

Quote:
You can't "hack" code remotely.


I never claimed you could. You hack code through brute force attacks and through looking for errors in the system. Neither is a remote function.

Quote:
You can hack a system by finding a defect in security measures, but that's about it.


Um, yeah, thanks for the tip.

Quote:
To hack the code itself, you have to either patch it or make changes and recompile. You could possibly come up with a scheme to use a virus to patch an executable, but with the security that would accompany this system, that is unlikely.


Really?

Who provides that security? Who maintains that security? How much will that cost?

You say:

Quote:

It doesn't need secure hardware.


If the hardware isn't secure, then it's useless.

If the software isn't secure, it's useless.

If the method of information transmission isn't secure, it's useless.

You seem to be glossing over some of the security flaws inherent within such a system.

You postulate a system - one which would be under constant attack, given the nature of what we're talking about - which is more secure than any other widely-used system that exists today. I find this to be a rather uncompelling argument.

I also agree with earlier arguments about inherent privacy for citizens, and find suggestions that the gov't wouldn't load up as much information as possible onto such a card to be, well, laughably naive Laughing

Cycloptichorn
0 Replies
 
USAFHokie80
 
  1  
Reply Mon 7 May, 2007 07:25 pm
In any case, ebrown is right... The encryption and all isn't the point. In truth, the data doesn't need to be encrypted. We can store an identifier on the card and that along with maybe a pin number could be sent to the server for a "go or no-go". The government already has the data, and there's no way to "track" anyone moving around any more than there already is. It would allow the government to enforce certain laws more effectively - like ensuring sex offenders register wherever they decide t live and preventing felons from buying guns. There are a ton of places this would be helpful. And I really can't see how it could possibly take any of my rights away.
0 Replies
 
Cycloptichorn
 
  1  
Reply Mon 7 May, 2007 07:29 pm
Quote:
The encryption and all isn't the point.


Without the encryption, making a fake card is a snap. So I think it's accurate to say that yes, the encryption IS the point.

Quote:
In truth, the data doesn't need to be encrypted. We can store an identifier on the card and that along with maybe a pin number could be sent to the server for a "go or no-go". The government already has the data, and there's no way to "track" anyone moving around any more than there already is.


Situation:

Data on my card, which has an encrypted signiature but the data is as you say unencrypted.

I copy all the information to a new card, but change the data which is unencrypted while keeping the signiature the same. Therefore, even though the database will say I have green eyes, the new me will have blue eyes. The information transmission is one-way, so how will the gov't know I'm using a fake card - and how will anyone else?

I'm open to the possibility that these questions have been answered, so if they have, please tell me the answers for them.

Cycloptichorn
0 Replies
 
USAFHokie80
 
  1  
Reply Mon 7 May, 2007 07:32 pm
Cycloptichorn wrote:
Quote:

The problem here is that you don't understand how the encryption is done.


Wrong[/quote

Obviously I'm right, as you admited it a few posts ago AND demonstrated that you don't know what a trusted party was in the case of PKI.

[quote]
Quote:
And I'm not terribly sure you know what hacking is either.



Also wrong

Quote:
You can't "hack" code remotely.


I never claimed you could. You hack code through brute force attacks and through looking for errors in the system. Neither is a remote function.



How the hell do you "brute force" code???? That makes NO sense. Do you even know what a "brute force" attack is????

Quote:

Quote:
You can hack a system by finding a defect in security measures, but that's about it.


Um, yeah, thanks for the tip.

Quote:
To hack the code itself, you have to either patch it or make changes and recompile. You could possibly come up with a scheme to use a virus to patch an executable, but with the security that would accompany this system, that is unlikely.


Really?

Who provides that security? Who maintains that security? How much will that cost?

You say:

Quote:

It doesn't need secure hardware.


If the hardware isn't secure, then it's useless.


Hardly. The transmitter doesn't need to be secure because there is never a password or key transmitted. The secured data is never transmitted back because all the processing happens on the server.
Quote:

If the software isn't secure, it's useless.

ummm. ?
Quote:


If the method of information transmission isn't secure, it's useless.

Ever heard of one-time session keys? (not that it is needed in this case anyway)
Quote:


You seem to be glossing over some of the security flaws inherent within such a system.

You postulate a system - one which would be under constant attack, given the nature of what we're talking about - which is more secure than any other widely-used system that exists today. I find this to be a rather uncompelling argument.

I also agree with earlier arguments about inherent privacy for citizens, and find suggestions that the gov't wouldn't load up as much information as possible onto such a card to be, well, laughably naive Laughing

Cycloptichorn


And you seem to think you know a lot about things about which you obviously know very little. Before you start blabbing all this bullshit, pick up a book on cryptography and security. Pick up a book about programming and software development.
0 Replies
 
USAFHokie80
 
  1  
Reply Mon 7 May, 2007 07:33 pm
Cycloptichorn wrote:
Quote:
The encryption and all isn't the point.


Without the encryption, making a fake card is a snap. So I think it's accurate to say that yes, the encryption IS the point.

Quote:
In truth, the data doesn't need to be encrypted. We can store an identifier on the card and that along with maybe a pin number could be sent to the server for a "go or no-go". The government already has the data, and there's no way to "track" anyone moving around any more than there already is.


Situation:

Data on my card, which has an encrypted signiature but the data is as you say unencrypted.

I copy all the information to a new card, but change the data which is unencrypted while keeping the signiature the same. Therefore, even though the database will say I have green eyes, the new me will have blue eyes. The information transmission is one-way, so how will the gov't know I'm using a fake card - and how will anyone else?

I'm open to the possibility that these questions have been answered, so if they have, please tell me the answers for them.

Cycloptichorn


Excuse my language, but you are a ******* retard. The entire POINT of a digital signature is that THE DATA CANNOT BE CHANGED BECAUSE THE SIGNATURE WOULD THEN BE INVALID!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
0 Replies
 
Cycloptichorn
 
  1  
Reply Mon 7 May, 2007 07:42 pm
USAFHokie80 wrote:
Cycloptichorn wrote:
Quote:
The encryption and all isn't the point.


Without the encryption, making a fake card is a snap. So I think it's accurate to say that yes, the encryption IS the point.

Quote:
In truth, the data doesn't need to be encrypted. We can store an identifier on the card and that along with maybe a pin number could be sent to the server for a "go or no-go". The government already has the data, and there's no way to "track" anyone moving around any more than there already is.


Situation:

Data on my card, which has an encrypted signiature but the data is as you say unencrypted.

I copy all the information to a new card, but change the data which is unencrypted while keeping the signiature the same. Therefore, even though the database will say I have green eyes, the new me will have blue eyes. The information transmission is one-way, so how will the gov't know I'm using a fake card - and how will anyone else?

I'm open to the possibility that these questions have been answered, so if they have, please tell me the answers for them.

Cycloptichorn


Excuse my language, but you are a **** retard. The entire POINT of a digital signature is that THE DATA CANNOT BE CHANGED BECAUSE THE SIGNATURE WOULD THEN BE INVALID!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!


Then it doesn't make sense to say:

Quote:
n truth, the data doesn't need to be encrypted.


You seem to be losing your temper. I suggest taking a deep breath and walking around a bit to clear the air.

Cycloptichorn
0 Replies
 
USAFHokie80
 
  1  
Reply Mon 7 May, 2007 07:45 pm
It makes perfect sense, if you understand what a digital signature is. And yes, I'm losing my temper because you insist on aruging about this when you obviously have no clue as to the technologies employed. Just take a few minutes and read up on digital signatures. Hell, I even posted an article a few pages back that tells you how the new passports were copied. BUT it also explains that because of the signature, it still will not authenticate.
0 Replies
 
Cycloptichorn
 
  1  
Reply Mon 7 May, 2007 08:57 pm
Quote:
It makes perfect sense, if you understand what a digital signature is. And yes, I'm losing my temper because you insist on aruging about this when you obviously have no clue as to the technologies employed. Just take a few minutes and read up on digital signatures. Hell, I even posted an article a few pages back that tells you how the new passports were copied. BUT it also explains that because of the signature, it still will not authenticate.


Well, I read up some more and see that I was confused about how the public/private encryption key part worked. For some reason I kept thinking the key would have to be transmitted, but I can see how that's not true.

But I still question the ability to keep the private key private! And to prevent corruption of either the program itself (through various means) or the unit doing the actual scanning.

Can one private key work with many different public ones?

Cycloptichorn
0 Replies
 
USAFHokie80
 
  1  
Reply Tue 8 May, 2007 07:56 am
Thank you! That's one of the first rules of cryptography - that keys are NEVER trasmitted in their original state. For gee-whiz... even passwords that you send over the net or nearly anywhere else are not stored on the server and are never actually sent to that server. There is an algorithm called a hash that is run on the password and then the result is sent. The has is very complex and like asymmetic encryption, it cannot be reversed mathematically. So once your password is hashed, no one can figure out the original password.

Hardware will always be exposed to possible tampering, but it is much more difficult to alter hardware.

Yes, many public keys can be generated from a single private key.
0 Replies
 
Cycloptichorn
 
  1  
Reply Tue 8 May, 2007 08:35 am
USAFHokie80 wrote:
Thank you! That's one of the first rules of cryptography - that keys are NEVER trasmitted in their original state. For gee-whiz... even passwords that you send over the net or nearly anywhere else are not stored on the server and are never actually sent to that server. There is an algorithm called a hash that is run on the password and then the result is sent. The has is very complex and like asymmetic encryption, it cannot be reversed mathematically. So once your password is hashed, no one can figure out the original password.

Hardware will always be exposed to possible tampering, but it is much more difficult to alter hardware.

Yes, many public keys can be generated from a single private key.


Thanks. Now, the reverse question - can one public key work with many private keys?

I guess I'm wondering if each person's private key will be in fact unique - that way the revealing of the 'private key' wouldn't be helpful to possible spoofers. Otherwise, if every ID is secured by the same basic code, it will be difficult to keep it secret...

Cycloptichorn
0 Replies
 
USAFHokie80
 
  1  
Reply Tue 8 May, 2007 08:58 am
I think you're looking at it backwards. If our data were to be encrypted, we wouldn't need to know the public key that was used. The agencry that stored all the data and authentication would own the private key(s).

Basically, the issuing agency would give us our card that was encrypted with x public key that was generated from z private key. The point of the public key is that once something is encrypted with it, only the owner of the *private* key can decrypt it. Even the correct public key cannot decrypt the message. Since we would not need to encrypt anything ourselves, the uses don't need to know the public key.


Everyone's info could be decrypted from the singular private key, in theory. However, in a scheme this large, it would be nearly impossibly to use a single private key. There would undoubtdely be many and so if one or two are compromised, it wouldn't expose everyone to risk.
0 Replies
 
USAFHokie80
 
  1  
Reply Tue 8 May, 2007 09:05 am
All of this encryption talk is superfluous in any case. The data on the card only needs a signature to verify its integrity. And since any of the data contained therein would be public domain, it is pointless (and expensive) to encrypt it.

I don't see this as a way for you to carry around your entire life's history on a card. I'm looking at this like your debit card or credit card, only for a different purpose.

Ex: If you want to purchase a gun, you would have to show your id and enter a pin code. Your pin is hashed and sent with your basic info and signature to be authenticated. That should take a few seconds at most. If you have a valid permit and are not a felon, it would come back that you are authorized. That simple. All of this data would be stored somewhere on a centralized server or on an aggregate of the servers that already house that data.

The proposition is really trivial. It's just the idea of linking all the system with your info together. The systems already exist, they're just not networked together.
0 Replies
 
Cycloptichorn
 
  1  
Reply Tue 8 May, 2007 09:35 am
Quote:

Everyone's info could be decrypted from the singular private key, in theory. However, in a scheme this large, it would be nearly impossibly to use a single private key. There would undoubtdely be many and so if one or two are compromised, it wouldn't expose everyone to risk.


Right, this is the part I was wondering about, thanks. Multiple keys would be much safer.

Let me ask - in practical terms, let's say at the card swipe counter in the gun shop, what information is transmitted if any across an electronic medium?

Cycloptichorn
0 Replies
 
Asherman
 
  1  
Reply Tue 8 May, 2007 10:51 am
The ID card itself probably wouldn't carry very much information, but it would access relevant databases. Probably only thing transmitted would be that you are who you say you are. That individual identity would be compared with information contained in existing data banks. The return data would give information relevant to the query. lf you buying a firearm, the system would check to see if you were a convicted felon, mentally disturbed, etc., and then would note where and when the query was made. I doubt that the system would do more than make information available on which a local decision would be made. The number of citizen files and the size of the data available is in itself a guarantee that no Big Brother is likely to abuse the system. There is, of course some risk to such a system being in general use, but the up side is that terrorists and criminals would find it much harder to lose themselves in the system. The system might guarantee the prompt delivery of your medical records in an emergency, or confirm one's eligibility for any number of social services.
0 Replies
 
Walter Hinteler
 
  1  
Reply Tue 8 May, 2007 11:07 am
Such is done here since .... 15 years or so. Not high-tech at all, but only maschine readable ID-cards.
0 Replies
 
USAFHokie80
 
  1  
Reply Tue 8 May, 2007 01:09 pm
Asherman wrote:
The ID card itself probably wouldn't carry very much information, but it would access relevant databases. Probably only thing transmitted would be that you are who you say you are. That individual identity would be compared with information contained in existing data banks. The return data would give information relevant to the query. lf you buying a firearm, the system would check to see if you were a convicted felon, mentally disturbed, etc., and then would note where and when the query was made. I doubt that the system would do more than make information available on which a local decision would be made. The number of citizen files and the size of the data available is in itself a guarantee that no Big Brother is likely to abuse the system. There is, of course some risk to such a system being in general use, but the up side is that terrorists and criminals would find it much harder to lose themselves in the system. The system might guarantee the prompt delivery of your medical records in an emergency, or confirm one's eligibility for any number of social services.


Yeah, he's right. The information transmitted wouldn't need to be any more than name, maybe ssn or other unique id number. Only thing is the mental illness - that could not be in any database or disseminated. (HIPAA)
0 Replies
 
 

Related Topics

Obama '08? - Discussion by sozobe
Let's get rid of the Electoral College - Discussion by Robert Gentel
McCain's VP: - Discussion by Cycloptichorn
AMERICAN CONSERVATISM IN 2008 AND BEYOND - Discussion by Foxfyre
Food Stamp Turkeys - Discussion by H2O MAN
The 2008 Democrat Convention - Discussion by Lash
McCain is blowing his election chances. - Discussion by McGentrix
Snowdon is a dummy - Discussion by cicerone imposter
Fellow Bostonians: How many of us wished we had an assault weapon last night? - Question by maxdancona
What should be first on the agenda of the winner in November? - Discussion by Frank Apisa
TEA PARTY TO AMERICA: NOW WHAT?! - Discussion by farmerman
 
  1. Forums
  2. » Federal ID: The "Real-ID" ?
  3. » Page 8
Copyright © 2025 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 12/31/2024 at 09:40:55