Hi Friends,

Even as I launch this today ( my 80th Birthday ), I realize that there is yet so much to say and do. There is just no time to look back, no time to wonder,"Will anyone read these pages?"

With regards,
Hemen Parekh
27 June 2013

Now as I approach my 90th birthday ( 27 June 2023 ) , I invite you to visit my Digital Avatar ( www.hemenparekh.ai ) – and continue chatting with me , even when I am no more here physically

Monday 22 January 2018

Reconstruct Fingerprint from Template ?

  

If that is possible then it may also be possible to reverse the process ( of generation of Random Number ) and uncover the REAL / ORIGINAL Aadhar Number from UIDAI web site generated RANDOM NUMBER ?



In my blog ,

 Aadhar Virtual ID  Compromised  ?

https://myblogepage.blogspot.com/2018/01/aadhar-virtual-id-compromised.html


I wrote :


Now , not being a mathematician or a software geek , I have following stupid questions , which , I hope the experts ( including those of UIDAI ) may want to answer :


·         Are VIRTUAL ID numbers generated using some Random Number Generator ( such as PRNG =  Pseudo Random Number Generator / TRNG = True Random Number Generator ) ?


·         Do both types of Generators depend upon some software algorithm ? ( - a somewhat deterministic logic )


·         Considering the Aadhar Virtual ID requirement ( viz : generation of data encryption keys ) , is it more likely that UIDAI is using TRNG ?



·         If , given a starting number ( original / real Aadhar Number ) , TRNG generates a “ linked “ RANDOM NUMBER , is it possible to REVERSE this process ?


·         Using BIG DATA  /  DATA ANALYTICS  /  Artificial Intelligence /  MACHINE LEARNING etc , can one figure out the ORIGINAL / REAL Aadhar Number , from its counter-part Virtual Number ?



Over a period of  few months , it is likely that the servers of those Agencies , may have billions of  sets of linked “ Real Numbers / Virtual Numbers “

   
Could such a large enough database ( if some hacker can lay his hand on it ) , be enough for a software geek to design a Neural Network backward propagation / forward propagation ) , to reverse the process ?


I am tempted to believe that such a scenario is entirely possible !




Hindustan Times ( 21 Jan ) carries following news :


“ Biometric databases a Challenge to Aadhar “


http://www.hindustantimes.com/india-news/existence-of-other-biometric-databases-may-pose-new-challenge-to-aadhaar/story-nv12eC1qypTVnSaLboc5cN.html



Extract :

From database to fingerprint
Biometrics are protected by encryption and by condensing fingerprints into templates obtained by using software to extract unique features of a given print.
But encrypted data needs decryption keys, which may be leaked if a database is accessed by multiple users.
Templates do not offer total security either.
“There was a misconception that a template cannot be inverted, but that is not true anymore,” said Anil Jain, Professor at the Department of Computer Science and Engineering at Michigan State University. “ It is possible to use a template to reconstruct a fingerprint to a high degree of accuracy.
The reconstructed fingerprint, Prof. Jain has shown, can be used to build spoof fingerprints that fool most biometric readers.



I do not expect anyone from UIDAI / IT Ministry to comment on this possibility of “ Process Reversal “ but I do hope they continue to improvise Aadhar




23  Jan  2018


www.hemenparekh.in / blogs
Posted by

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)