Compared to India, Estonia is so small that it is not even funny. India is too big, too complex (16 official languages plus hundreds of dialects). Estonia's population is ~1.3 million, India's is more than one billion. The sheer scale of it changes the equation dramatically.
Add to all this, corruption is a way of life in Indian government(s) - central and local. Even if a system is solid (technology wise), there are tons of social problems to deal with.
Comparing Estonia with India is not fair at all, at any level.
This is not to take anything away from Estonia's achievement. Kudos to them for setting a great example! But their small size, having to support just one language etc gives them a tremendous advantage
Aadhar has security flaws because people who are responsible for it (directors etc, not coders) are with their heads up in the arse. When a reporter asked an official how they are trying to secure data, the answer was: "The datacenter building surrounding wall is 13feet high & 2 feet thick. Nobody can come & break that wall & steal data." Mind you this datacenter is always online; & is known for pretty basic flaws.
The file they give you as a encrypted pdf of your ID is locked with first four capital letters of your name & then your birth year. It was very touted that this password range is from AAAA to ZZZZ & 0000 to 9999 making a brute force time to 52+ years. But then, nobody before 1918 is alive; & nobody born in 2019 & after. So 0000-9999 becomes 1918-2018. Then names: then most popular name lists are available from many sources. 52 year brute force was proved to be 3 something minutes. The authorities response: they filed criminal cases against who wrote about these flaws.
I've asked this elsewhere in this thread and tried to google it but didn't get/haven't gotten an answer, is there a reason Adhaar did not go with PKI to provide identification and signing? Did they have some extreme not-invented-here syndrome?
It is hard to understand the argument here. PKI is not identity.
Why is there a PDF of your identity card, and why is it encrypted? Surely nothing publicly visible on the identity card is private information.
Private identifiers on citizens would not be very useful.
It seems like a lot people here are confused as to what is an identifier and what is authentication. An identifier uniquely identifies someone (the uid), while authentication is the way to prove identity (the password). One is normally public while the other has a secret component to it.
Perhaps unwittingly, you just described PKI. Two keys: one is public and identifies someone (or something), and the other is private and can be used to prove your identity.
Encrypting with the public key can be done by anyone, but only the private key can decrypt. This allows encrypted communication.
But encrypting with the private key can only be done by someone with the private key. It can be decrypted by anyone, but only using your public key, thus proving your identity; or more accuractely, this proving you have the identified party's private key. So I ask you to encrypt some random OTP to prove your identity. Then I decrypt it with your public key to test your proof. This is how cryptographic signatures work.
Government-issued identification seems an obvious application of PKI.
PKI can be an important part of a system to authenticate your identity, but for that to work you need an identity to start with. You seem to need some sort of identity for a society to scale. Large countries tries to function without, and the result is ad-hoc identity systems instead.
A public key can be an identity, it's a perfectly workable outcome of Zooko's triangle, but it's not a very useful one for most use cases.
The article is about using phone numbers to uniquely identify people and the problems that brings.
Estonia's PKI is basically identity. Yes, you could build something on top of the public Personal Identification Number, but no reasonable provider accepts that as the username - it is a person using the certificate stored on smartcard/smart SIM(/phone) to identify and authenticate at the same time.
> It seems like a lot people here are confused as to what is an identifier and what is authentication.
I'd say it's you who can't fathom that the two things can work together and only together in some cases.
Pdf is so that Authorities do not need to print & deliver card at home( they take 20-90 days for that). They say people can download & print it as & when required.
Not all systems are online/electronic. Although explicitly prohibited, banks keep a paper copy of Aadhar & so do courier delivery, passport etc. Only mobile companies this year have done away with keeping a photostat. Law is, bank or mobile or any ask aadhar number, authenticate the request, fetch required data & store that resulting Boolean.
>It seems like a lot people here are confused as to what is an identifier and what is authentication. An identifier uniquely identifies someone (the uid), while authentication is the way to prove identity (the password).
The problem is how the average person working in the bureaucracy will see this, not how a smart programmer like you on hackernews would see it.
The world is full of average people doing average mistakes in average bureaucracies. Everything that can be abused, will be abused.
That’s also just information you know about many of your acquaintances, and that people often publish online. Join a dating site, and you have the password to the PDFs.
Of course, you still need to obtain the PDFs. And there is that wall in the way...
Yes, for acquaintance ok, but these files are available for Rs ~1000 on internet, locked. People are not computer savvy, they just go to a printer shop, ask them to print a copy, the guy download a copy, keeps it on his hard disk fot "next" time. Last time I went to get some printouts of my documents, I locked the pdf with complicated password & keyed it in myself, as they insist our printer does not work from USB saved files.
Even the delivery boys of various courier companies sellbyour phone number for $1 to local spammers.
That is irrelevant you can get information contained in the PDF just by taking a photo of the card, so nothing that wasn't meant to be public is in that PDF.
But UIDAI itself tweets so many videos saying share your Aadhar number with banks n such, but not on social media aka internet; i.e. treat it like your wallet, use it with caution & dont flaunt it. & leaked/stolen pdfs most likely end up on internet.
It's ok for it not to pass the smell test, because what you have stated is not actually the argument being made. The number of languages and dialects was (presumably) brought up to emphasize the many differences in scale and culture (especially government corruption) between India's population and Estonia's that might introduce complexities, incentives, and opportunities for bad actions in one situation that are not applicable in the other.
Either it’s secure or it isn’t. If it isn’t secure then it doesn’t matter if there are only 1.3 million people in the country; I promise someone from outside the country will try to break it.
Not sure what you mean. Nothing is secure, ever, in a binary sense of being just one thing or the other. It's all a balance between level of security and level of practical usability. Often we've made things easy to use but hard to secure. Like SSNs. But regardless of the source of an attack, the reward for breaking 1 billion targets on the same system vs 1.3 million on a different system is probably much higher. So the inconveniences of more secure systems must be weighed in context of the desirability of the information within them. More attractive targets need more secure, less easy to use, systems.
> More attractive targets need more secure, less easy to use, systems.
That seems to me like a justification for doing the least amount of work needed. Sure, it's true to some degree, but (taking this case as an example) PKI is objectively uncountably better than a PSK-like structure. There's a base security level and until that's reached, there's no need to expend money and time or inconvenience users to gain greater security. Anyone who doesn't get to that level while designing a project of any importance is a lazy idiot.
Yeah this is a fair point, didn't mean to suggest that easy security wins that dont't inconvenience the user or add cost in some other way aren't worth making.
Just to clarify, the Estonian national personal ID number is considered public data, only thing that proves identity or authority is the crypto in the cards/SIMs(/phones).
https://en.wikipedia.org/wiki/Estonian_identity_card
It even survived an crypto flaw.
https://www.zdnet.com/article/estonias-id-card-scrisis-how-e...