Study says Aadhaar system vulnerable to insider threat

IIT Delhi study reveals Aadhaar system faces internal threat.

People at the UIDAI Regional Office in Khanija Bhavan.

Bangalore, November 20, 2017: A study done by IIT-Delhi shows that the data stored in the Aadhar system faces its biggest threat from an insider attack—an attack done by an individual with legal access to the database.

The Unique Identification Authority of India (UIDAI) maintains Aadhar users biometric and demographic data in a Central Identities Data Repository (CIDR).
The study says, while some existing measures present in the Aadhar system are “quite reasonable” against external threats, in a system such as Aadhar, which is the world’s largestnational identity project, the biggest security and privacy threats will come from insider leaks.

Included in this are possible unauthorized and secret examination of data, transaction records, logs and audit trails that would lead to profiling and monitoring of specific groups and individuals. This could be done by interested and influential members of groups within in the government.

“A leak will most likely happen from the inside and I would be surprised if it doesn’t happen. Either corrupt entities inside the administration could leak or use the data for malicious purposes or the government itself could use the data for purposes it shouldn’t and in a country like India, both are possible,” said professor Subhashish Banerjee, the IIT professor who conducted the study. He added that the officials from UIDAI have discussed this with him but he wasn’t given any assurance about strengthening the security.

The security measures in the CIDR are based on encryption, where the information is encoded in such a way that it is unreadable to an average person. A person could read the information only if they have a key to read the information. These keys, therefore, need to be protected. The researchers showed that there is no mention of any such protection offered to these keys in the Aadhar framework.

There is also no concrete and secure approval or audit system for data inspection for any purpose like investigation or analysis; this makes the data open to abuse. Also, the various programs and software which use the Aadhar data have no tamper-proof or inspection measures. Even the Aadhar enrollment stations don’t have tamper protection and no set up to ensure there are no data leaks. The servers on which the original biometric data is stored, though protected, can be violated through hacking or by an insider.

Officials from the UIDAI, however, have rejected the idea of any vulnerability in the Aadhar system.
“From my point of view, the system is very secure, there was a person who tried to hack it but we caught him before he could do anything,” said Ashok Lenin, Deputy Director, Unique Identification Authority of India in Bangalore.
Dr. Vikas Shukla, an official responsible for the security of the Aadhar system, vehemently denied the findings, saying, “I’m not going to get into all that. There’s no vulnerability like that and I’m not saying it, it is a fact,” he said. Dr. Shukla didn’t elaborate on his statement but said, “We can’t make our security measures public.”

Nagarjuna, a strong critic of Aadhar, is a professor at the Gnowledge lab, Homi Bhabha Centre for Science Education, at the Tata Institute of Fundamental Research said, “Firstly, since Aadhar is under centralized control under the government, that itself makes it vulnerable to insider attacks. Secondly, the people who work on Aadhar are mostly from the private industry, like people who Nandan Nilekani has brought in, these people need to be recruited with very stringent recruitment process since they are working with such sensitive information but they are not and hence, it is difficult to trust them.”

The researchers recommend an independent and secure third party who can audit the system and safeguard the security from an insider attack. . They also suggest the use of technologies like tamper-proof code and hardware solutions. Techniques such as secure multi-party computation—which ensures the privacy of data by allocating the whole data in different places so even if one location is compromised, the data is protected—and Homomorphic and functional encryption—which stores the data itself in a secret form—can be used.


Other IIJNM Publications