India’s UID Project: Biometrics Vulnerabilities & Exploits - Presentation Transcript
1. Biometrics Vulnerabilities & Exploits [email_address]
2. INTRODUCTION
Old World methods of trust and authentication
Personal introductions, documents
Key role player is the authenticator
New World requirements
Annonymous, large scale, short term relationships
Key requirement is building up of trust
No defence mechanisms of older methods present in newer systems
3. Authentication by Technology
Requires the exchange of certain FACTORS
Requires an authority who can verify these factors
Requires an authority who can provide permission to build a relationship and transact
4-Authentication by Technology
Factors are classified into 3 types
Ownership factor like cards, badges or keys
Knowledge factor like user id, password and pins
Inheritance factor like weight, height, face shape, color of eyes/hair, birth marks etc. all nicely encoded in a photo
5-Properties of different Factors
6-The Inheritance Factor - Biometrics
The Subject of discussion for today is the Inheritance Factor – Biometrics
Implementation difficulties
Vulnerabilities
The authentication process and it's vulnerabilities, in brief
Since the UIDAI has choosen the use of finger prints and iris as a means of authentication, we will be discussing only these factors
7-Finger Print Scanners
Many variations on these basic techniques
Variations are primarily to reduce cost, size and probably to overcome existing patents
Some claims exist about the ability to sense below the “dead skin” surface. However for our vulnerability assements, these claims are trivially overcome
Sensor technologies are not relevant to the scope of vulnerabilites and exploits
8-Fingerprint Readers
9- Iris Scanners
Iris scanners use a Near Infra Red light
Camera coupled with some autofocusing techniques (commonly used in autofocus cameras)
10- Iris scan - Base Technique
11-The Process
All id systems involve an enrollment process and an authentication process, followed by an authorization process, to enter / exit / recieve / depoist etc
12-The Enrollement Process
Capture image
Process image
Extract Features
Create Template
Save raw data in the case of criminal records
Encryption
Transmission
De duplication and storage
13-The Authentication process
Capture image
Process image
Extract Features
Create Template
Encryption
Transmission
Receive result
UIDAI has not specified iris for authentication*
14- Threats faced by biometric systems
Threat agents
Only simple impostor, without much sophistication or resources. We shall leave out crossborder attack vectors, as pilfering state subsidies may not be their highest priority
Threat Vectors
Fake credentials and replay attacks
System Weaknesses
Extraction of digital keys, use of internal facilities of sensors
15- Desired Characteristics And Limitations
Easy and accurate Digitization of the presented bio characteristic
Time Invariant
Environment Invariant
Spoof proof
16-... Limitations in enrollment / auth
Easy and accurate Digitization – neither easy nor accurate
Too many wrong methods, results in unreproduceable template
Guided enrollment useless for auth
Very difficult for occasional users
Manual overides = more holes
17-... Limitations in enrollment / auth
Time invariance – a myth
Ageing changes fingerprints (1)
Skin ailments makes auth difficult if not impossible
No large scale studies on heterogenous populations
Will require frequent re-enrollment – aka more holes
No (available?) studies on iris variations due to ageing
Errors due to unknown causes (2)
18-... Limitations in enrollment / auth
Environment invariance – a myth
Water logged hands changes fingerprints machine readbility
Dry skin changes fingerprints machine readbility
Will require frequent re-enrollment – aka more holes
No (available?) studies on iris variations due to harsh environments
Inter device variations
19-... Limitations in enrollment / auth
Non- Spoofability
Biometrics are the worst
Fingeprints are spoofed by gummy finger techniqe
Iris are spoofed by photographs
Iris are spoofed by patterned contacts
20- Spoofing made easy - Fingerprints
Uses common ingredients
Fools all systems with greater than 60% repeatability
Newer mateials and techniques even more effective
21-Spoofing made easy - Iris
Buy from the net to create fake ids for sale
PCB etching techniues for masqureading
Older technique using high res photograph with pupil holes
22-Attack Vectors requiring skill
Template reconstruction
Biometric id systems store data as a templates, usually a few kilobytes in size. It has been shown that a biometric fingerprint system can be compromised by recreating the biometric using the stored template
Template extraction and storage a feature of systems
23-... Attack Vectors requiring skill
Key duplication
Trivial to break into the device and extract keys
Addition deletion of keys a feature
Even in locked down devices, the key can be recovered by simply copying the onboard flash to a pc and reusing the backup in a device purchased from the market
24-... Attack Vectors requiring skill
Replay attack at sensor pins
The sensor interfaces are relatively simple
Produce raw data (Fig 4). It is possible to record all data, and then replay that data
This attack requires some technical skill
However once developed it can be mass produced and will be undetectable
25- Biometrics WORST CHARACTERISTIC
Cannot be withdrawn
Cannot be changed
This violates the basic requirement of any id system
26- Inherent problems with Biometric Systems
FAR - False Acceptance Rate indicates the number of wrong matches of a presented biometric – mistakenly identyfying one person as another
FRR - False Rejection Rate (also called False Non Match Rate) indicates the number of wrong rejects of a presented biometric.
Best FAR of .00060 for fingerprints
Best FAR of .000120 for Iris
Best FRR of .0060 for fingerprints
Best FRR of .0012 for Iris
.
27-.. Inherent problems with Biometric Systems
FAR and FRR closely linked to template size
Reducing FAR increase FRR
Reducing FRR increases FAR
28- ... Inherent problems with Biometric Systems
Requires very good power
Requires very good telecommunications infrastructure
Both of very poor quality in many areas
Even in Maharshtra in the Konkan region, such infratructure is poor due to natural causes like Hilly terrain, RF shadow regions, Heavy rains and lightning
29-Summary
Biometrics as a unique id in an automated system has never been tested on a large scale
The inherent characteristic of biometrics is it's irrevocability. This is in direct contradiction of any id / security system, where keys must be revocable and reissueable
Fingerprints are easily spoofable
Iris patterns are easily spoofable
Biometrics are very susceptible to the natural biological processes of growth, ageing and environment
Numerous technical vulnerabilities are availble for exploitation at the sensor-system interface
1. Biometrics Vulnerabilities & Exploits [email_address]
2. INTRODUCTION
Old World methods of trust and authentication
Personal introductions, documents
Key role player is the authenticator
New World requirements
Annonymous, large scale, short term relationships
Key requirement is building up of trust
No defence mechanisms of older methods present in newer systems
3. Authentication by Technology
Requires the exchange of certain FACTORS
Requires an authority who can verify these factors
Requires an authority who can provide permission to build a relationship and transact
4-Authentication by Technology
Factors are classified into 3 types
Ownership factor like cards, badges or keys
Knowledge factor like user id, password and pins
Inheritance factor like weight, height, face shape, color of eyes/hair, birth marks etc. all nicely encoded in a photo
5-Properties of different Factors
6-The Inheritance Factor - Biometrics
The Subject of discussion for today is the Inheritance Factor – Biometrics
Implementation difficulties
Vulnerabilities
The authentication process and it's vulnerabilities, in brief
Since the UIDAI has choosen the use of finger prints and iris as a means of authentication, we will be discussing only these factors
7-Finger Print Scanners
Many variations on these basic techniques
Variations are primarily to reduce cost, size and probably to overcome existing patents
Some claims exist about the ability to sense below the “dead skin” surface. However for our vulnerability assements, these claims are trivially overcome
Sensor technologies are not relevant to the scope of vulnerabilites and exploits
8-Fingerprint Readers
9- Iris Scanners
Iris scanners use a Near Infra Red light
Camera coupled with some autofocusing techniques (commonly used in autofocus cameras)
10- Iris scan - Base Technique
11-The Process
All id systems involve an enrollment process and an authentication process, followed by an authorization process, to enter / exit / recieve / depoist etc
12-The Enrollement Process
Capture image
Process image
Extract Features
Create Template
Save raw data in the case of criminal records
Encryption
Transmission
De duplication and storage
13-The Authentication process
Capture image
Process image
Extract Features
Create Template
Encryption
Transmission
Receive result
UIDAI has not specified iris for authentication*
14- Threats faced by biometric systems
Threat agents
Only simple impostor, without much sophistication or resources. We shall leave out crossborder attack vectors, as pilfering state subsidies may not be their highest priority
Threat Vectors
Fake credentials and replay attacks
System Weaknesses
Extraction of digital keys, use of internal facilities of sensors
15- Desired Characteristics And Limitations
Easy and accurate Digitization of the presented bio characteristic
Time Invariant
Environment Invariant
Spoof proof
16-... Limitations in enrollment / auth
Easy and accurate Digitization – neither easy nor accurate
Too many wrong methods, results in unreproduceable template
Guided enrollment useless for auth
Very difficult for occasional users
Manual overides = more holes
17-... Limitations in enrollment / auth
Time invariance – a myth
Ageing changes fingerprints (1)
Skin ailments makes auth difficult if not impossible
No large scale studies on heterogenous populations
Will require frequent re-enrollment – aka more holes
No (available?) studies on iris variations due to ageing
Errors due to unknown causes (2)
18-... Limitations in enrollment / auth
Environment invariance – a myth
Water logged hands changes fingerprints machine readbility
Dry skin changes fingerprints machine readbility
Will require frequent re-enrollment – aka more holes
No (available?) studies on iris variations due to harsh environments
Inter device variations
19-... Limitations in enrollment / auth
Non- Spoofability
Biometrics are the worst
Fingeprints are spoofed by gummy finger techniqe
Iris are spoofed by photographs
Iris are spoofed by patterned contacts
20- Spoofing made easy - Fingerprints
Uses common ingredients
Fools all systems with greater than 60% repeatability
Newer mateials and techniques even more effective
21-Spoofing made easy - Iris
Buy from the net to create fake ids for sale
PCB etching techniues for masqureading
Older technique using high res photograph with pupil holes
22-Attack Vectors requiring skill
Template reconstruction
Biometric id systems store data as a templates, usually a few kilobytes in size. It has been shown that a biometric fingerprint system can be compromised by recreating the biometric using the stored template
Template extraction and storage a feature of systems
23-... Attack Vectors requiring skill
Key duplication
Trivial to break into the device and extract keys
Addition deletion of keys a feature
Even in locked down devices, the key can be recovered by simply copying the onboard flash to a pc and reusing the backup in a device purchased from the market
24-... Attack Vectors requiring skill
Replay attack at sensor pins
The sensor interfaces are relatively simple
Produce raw data (Fig 4). It is possible to record all data, and then replay that data
This attack requires some technical skill
However once developed it can be mass produced and will be undetectable
25- Biometrics WORST CHARACTERISTIC
Cannot be withdrawn
Cannot be changed
This violates the basic requirement of any id system
26- Inherent problems with Biometric Systems
FAR - False Acceptance Rate indicates the number of wrong matches of a presented biometric – mistakenly identyfying one person as another
FRR - False Rejection Rate (also called False Non Match Rate) indicates the number of wrong rejects of a presented biometric.
Best FAR of .00060 for fingerprints
Best FAR of .000120 for Iris
Best FRR of .0060 for fingerprints
Best FRR of .0012 for Iris
.
27-.. Inherent problems with Biometric Systems
FAR and FRR closely linked to template size
Reducing FAR increase FRR
Reducing FRR increases FAR
28- ... Inherent problems with Biometric Systems
Requires very good power
Requires very good telecommunications infrastructure
Both of very poor quality in many areas
Even in Maharshtra in the Konkan region, such infratructure is poor due to natural causes like Hilly terrain, RF shadow regions, Heavy rains and lightning
29-Summary
Biometrics as a unique id in an automated system has never been tested on a large scale
The inherent characteristic of biometrics is it's irrevocability. This is in direct contradiction of any id / security system, where keys must be revocable and reissueable
Fingerprints are easily spoofable
Iris patterns are easily spoofable
Biometrics are very susceptible to the natural biological processes of growth, ageing and environment
Numerous technical vulnerabilities are availble for exploitation at the sensor-system interface
