Hi Friends,

Even as I launch this today ( my 80th Birthday ), I realize that there is yet so much to say and do. There is just no time to look back, no time to wonder,"Will anyone read these pages?"

With regards,
Hemen Parekh
27 June 2013

Now as I approach my 90th birthday ( 27 June 2023 ) , I invite you to visit my Digital Avatar ( www.hemenparekh.ai ) – and continue chatting with me , even when I am no more here physically

Tuesday, 3 April 2018

#Aadhar #UIDAI #VirtualID


Where  Angels   Fear  to  Tread   ?



Today’s Times of India carries following news :





 



Unique Identification Authority of India (UIDAI) has launched the much-awaited 'Virtual ID' which will be a random  16-digit  number mapped to a person's Aadhaar number.




The concept of Virtual ID was announced earlier this year to address privacy concerns. The new feature will allow Aadhaar holders to quote their Virtual ID (VID) number without actually disclosing the 12-digit Aadhaar number for authentication or verification purposes.



UIDAI had stated that it will be compulsory for all agencies that undertake authentication to accept the VID from their users from June 1, 2018.



According to UIDAI in the beta form, users can generate their Virtual ID and use it to update address in Aadhaar online for the time being.




..Soon, service providers will start accepting VID in place of Aadhaar number.



For now, you can use this for online address update in your Aadhaar," the UIDAI said in a tweet.



The tweet urges the users to generate their VIDs and gives a link of the Aadhaar website for the same. The VID would give any authorised agency details like name, address and photograph, which are enough for any verification.





After the concept of Virtual ID was announced , on 12 Jan 2018, I sent following questions ( as email ) to UIDAI , hoping that they will come forward with clarifications :



AadharVirtual ID Compromised ?  [  12  Jan  2018  ]



QUESTIONS  :


     Are VIRTUAL ID numbers generated using some Random Number Generator ( such as PRNG =  Pseudo Random Number Generator / TRNG = True Random Number Generator ) ?


·         Do both types of Generators depend upon some software algorithm ? ( - a somewhat deterministic logic )


·         Considering the Aadhar Virtual ID requirement ( viz : generation of data encryption keys ) , is it more likely that  UIDAI is using TRNG ?



·         If , given a starting number ( original / real Aadhar Number ) , TRNG generates a “ linked “ RANDOM NUMBER , is it possible to REVERSE this process ?


·         Using BIG DATA  /  DATA ANALYTICS  /  Artificial Intelligence /  MACHINE LEARNING etc , can one figure out the ORIGINAL / REAL Aadhar Number , from its counter-part Virtual Number ?



Over a period of few months, it is likely that the servers of those Agencies , may have billions of  sets of linked Real Numbers / Virtual Numbers

   
Could such a large enough database ( if some hacker can lay his hand on it ) , be enough for a software geek to design a Neural Network backward propagation / forward propagation ) , to reverse the process ?


I am tempted to believe that such a scenario is entirely possible !




Since there is no reply from UIDAI , today’s Question (  to  the  Users  of  Aadhar  ):



Is someone trying to pull the wool over our eyes  ?




04  April  2018





No comments:

Post a Comment