India's UID Project: Biometrics Vulnerabilities & Exploits

Embed Size (px)

DESCRIPTION

Presentation of JTD in Camaign for No UID meeting in Delhi 25th August

Citation preview

  • 1. Biometrics Vulnerabilities & Exploits [email_address]

2. INTRODUCTION

  • Old World methods of trust and authentication
    • Personal introductions, documents
    • Key role player is theauthenticator
  • New World requirements
    • Annonymous, large scale, short term relationships
    • Key requirement is building up oftrust
  • No defence mechanisms of older methods present in newer systems

3. Authentication by Technology

  • Requires the exchange of certain FACTORS
  • Requires an authority who can verify these factors
  • Requires an authority who can providepermission to build a relationship and transact

4. ...Authentication by Technology

  • Factors are classified into 3 types
  • Ownership factor like cards, badges or keys
  • Knowledge factor like user id, password and pins
  • Inheritance factor like weight, height, face shape, color of eyes/hair, birth marks etc. all nicely encoded in a photo

5. Properties of different Factors 6. The Inheritance Factor - Biometrics

  • The Subject of discussion for today is the Inheritance Factor Biometrics
  • Implementation difficulties
  • Vulnerabilities
  • The authentication process and it's vulnerabilities, in brief
  • Since the UIDAI has choosen the use of finger prints and iris as a means of authentication, we will be discussing only these factors

7. Finger Print Scanners

  • Many variations on these basic techniques
  • Variations are primarily to reduce cost, size and probably to overcome existing patents
  • Some claims exist about the ability to sense below the dead skin surface. However for our vulnerability assements, these claims are trivially overcome
  • Sensor technologies are not relevant to the scope of vulnerabilites and exploits

8. Fingerprint Readers 9. Iris Scanners

  • Iris scanners use a Near Infra Red light
  • Camera coupled with some autofocusing techniques (commonly used in autofocus cameras)

10. Iris scan - Base Technique 11. The Process

  • All id systems involve an enrollment process and an authentication process, followed by an authorization process,to enter / exit / recieve / depoist etc

12. The Enrollement Process

  • Capture image
  • Process image
  • Extract Features
  • Create Template
  • Save raw data in the case ofcriminal records
  • Encryption
  • Transmission
  • De duplication and storage

13. The Authentication process

  • Capture image
  • Process image
  • Extract Features
  • Create Template
  • Encryption
  • Transmission
  • Receive result
  • UIDAI has not specified iris for authentication*

14. Threats faced by biometric systems

  • Threat agents
    • Only simple impostor, without much sophistication or resources. We shall leave out crossborder attack vectors, as pilfering state subsidies may not be their highest priority
  • Threat Vectors
    • Fake credentials and replay attacks
  • System Weaknesses
    • Extraction of digital keys, use of internal facilities of sensors

15. Desired Characteristics And Limitations

  • Easy and accurate Digitization of the presented bio characteristic
  • Time Invariant
  • Environment Invariant
  • Spoof proof

16. ... Limitations in enrollment / auth

  • Easy and accurate Digitization neither easy nor accurate
  • Too many wrong methods, results in unreproduceable template
  • Guided enrollment useless for auth
  • Very difficult for occasional users
  • Manual overides = more holes

17. ... Limitations in enrollment / auth

  • Time invariance a myth
    • Ageing changes fingerprints (1)
    • Skin ailments makes auth difficult if not impossible
    • No large scale studies on heterogenous populations
    • Will require frequent re-enrollment aka more holes
    • No (available?) studies on irisvariations due to ageing
    • Errors due to unknown causes (2)

18. ... Limitations in enrollment / auth

  • Environment invariance a myth
    • Water logged hands changes fingerprints machine readbility
    • Dry skin changes fingerprints machine readbility
    • Will require frequent re-enrollment aka more holes
    • No (available?) studies on irisvariations due to harsh environments
    • Inter device variations

19. ... Limitations in enrollment / auth

  • Non- Spoofability
    • Biometrics are the worst
    • Fingeprints are spoofed by gummy finger techniqe
    • Iris are spoofed by photographs
    • Irisare spoofed by patterned contacts

20. Spoofing made easy - Fingerprints

  • Uses common ingredients
  • Fools all systems with greater than 60% repeatability
  • Newer mateials and techniques even more effective

21. Spoofing made easy - Iris

  • Buy from the net to create fake ids for sale
  • PCB etching techniues for masqureading
  • Older technique using high res photograph with pupil holes

22. Attack Vectors requiring skill

  • Template reconstruction
    • Biometric id systems store data as a templates, usually a few kilobytes in size. It has been shown that a biometric fingerprint system can be compromised by recreating the biometric using the stored template
    • Template extraction and storage a feature of systems

23. ... Attack Vectors requiring skill

  • Key duplication
    • Trivial to break into the device andextract keys
    • Addition deletion of keys a feature
    • Even in locked down devices, the key can be recovered by simply copying the onboard flash to a pc and reusing thebackup in a device purchased from the market

24. ... Attack Vectors requiring skill

  • Replay attack at sensor pins
    • The sensor interfaces are relatively simple
    • Produce raw data (Fig 4). It is possible to record all data, and then replay that data
    • This attack requires some technical skill
    • However once developed it can be mass produced and will be undetectable

25. Biometrics WORST CHARACTERISTIC

  • Cannot be withdrawn
  • Cannot be changed
  • This violates the basic requirement of any id system

26. Inherent problems with Biometric Systems

  • FAR - False Acceptance Rateindicates the number of wrong matches of a presented biometric mistakenly identyfying one person as another
  • FRR - False Rejection Rate (also called False Non Match Rate)indicates the number of wrong rejects of a presented biometric.
  • Best FAR of .00060 for fingerprints
  • Best FAR of .000120 for Iris
  • Best FRR of .0060 for fingerprints
  • Best FRR of .0012 for Iris

27. ... Inherent problems with Biometric Systems

  • FAR and FRR closely linked to template size
  • Reducing FAR increase FRR
  • Reducing FRR increases FAR

28. ... Inherent problems with Biometric Systems

  • Requires very good power
  • Requires very good telecommunications infrastructure
  • Both of very poor quality in many areas
  • Even in Maharshtra in the Konkan region, such infratructure is poor due to natural causes
    • Hilly terrain
    • RF shadow regions
    • Heavy rains and lightning

29. Summary

  • Biometrics as a unique id in an automated system has never been tested on a large scale
  • The inherent characteristic ofbiometrics is it's irrevocability. This is in direct contradiction of any id / security system, where keys must be revocable and reissueable
  • Fingerprints are easily spoofable
  • Iris patterns are easily spoofable
  • Biometrics are very susceptible to the natural biological processes of growth, ageing and environment
  • Numerous technical vulnerabilities are availble for exploitation at the sensor-system interface