Passport / ID Solution - Public Key Encryption
I can’t take credit for this idea, but I read about it someplace over 5 years ago. Why is it possible to have altered photo IDs at all anymore?
Use PKI.
When you request an ID (Drivers License, Photo ID, Passport), the request includes a photo. That photo is converted to electronic form and used in the creation of public and private keys of 4K length. The photo and private key are placed onto a server with extremely limited access that is replicated to however many disks (SAN) and remote servers as needed. That data is also replicated to read-only media which can be located at the larger custom facilities in case there’s a communication fault, but is generally not used. A secure web service is setup to allow anyone in the world with a login/password and smartcard to perform remote queries by passing the public key and some nominal text to help speed the DB queries (Country, Name, ID#) and limit and duplicate record queries that need to be decrypted with the provided public key. Purely a web interface for tiny customs offices or DMVs everywhere.
The photo, e-photo and public key are placed onto the ID Card along with the trivial ID information listed above.
Ok, so you’re the customs guy at a terminal. The passport holder hands you his/her passport and you swipe it. That kicks off the remote query to the main server farm (with your login data and smartcard data for tracking who’s looking at what records). While that query is being processed, the electronic photo is read from the ID and displayed. The query returns and that information is displayed with another photo and more data about the person standing in front of him/her.
The person, and 3 photos aren’t identical? Arrest that person!!!
3 Photos?
1) E-photo on the ID card
2) E-photo returned from the central server
3) photo inside the ID that humans see
Any failure in any of these being images being identical? Humans have an innate ability to tell when faces don’t match?
The fail safe media would need to be replenished dependent on the rate of new/changed data. Cross overs in rural North Dakota don’t need the same level of connectivity as JFK or Atlanta Airports OR the San Diego border.
As a technical architect, I think I can design around those problems with redundant servers and networking and power feeds. Of course, all the data transferred is fully encrypted with the keys predetermined by the customs officer and central servers. It is the physical control of the read-only backup use media that concerns me most.
Of course, each country needs to provide a way for other countries to validate that an authentic passport is being presented. That’s just another 3rd party signed part to the electronic data on the passport. GPG has the idea of getting lots of people to sign your public key with their private keys, thus building a web of trust. Obviously, that signature for countries should only come from the UN or other non-corrupt international standards body.
Am I missing any thing with this solution besides the obvious communications failure or power outage risks?
US State Department guy is less than confident talking tech, but he does say PKI, unconvincingly.
