Re: Technical specifications for National Identity Card

From: S Moonesamy <sm+mu_at_elandsys.com>
Date: Mon, 16 Nov 2015 03:23:13 -0800

Hi Rajnish,

It has been two months since I requested the technical specifications
in order to understand whether the National Identity Card is
"safe". I'll provide a few hints. I hope that the ministry you work
for will find it useful. Please do not hesitate to provide credit. :-)

The Singapore Standard for Smart Card IS is SS 529 SSID. According
to the Chairman, Cards and Personal Identification Technical
Committee, Singapore IT Standards Committee, that standard is 90% to
95% similar to the International Civil Aviation Organization (ICAO)
e-Passport. The data structure for the information saved on the card
might have the following items:

   1. Unique Identification Number
   2. Name
   3. Gender
   4. Date of birth
   5. Address
   6. Date of issue
   7. Date of expiry

The data structure itself is defined in the technical specification
(or standard). The
Public-Key Cryptography Standards (PKCS) #15 is usually used or
incorporated in other technical specification as an interoperable
format for storing and discovering cryptographic objects on a smart
card. As there are some protocols to allow the Identity Card to be
read by a Card Reader, there would be technical specifications for
those protocols. Given that the Identity Card probably support
cryptographic functions, I suggest verifying whether the technical
specifications include that aspect.

Please let me know if you need any further information.

Regards,
S. Moonesamy
Received on Mon Nov 16 2015 - 11:26:21 PST

This archive was generated by hypermail 2.3.0 : Mon Nov 16 2015 - 11:27:03 PST