It’s been reported that Labour would like the proposed UK ID cards to plug into the Chip and Pin network. This is a commercial network that has security that has never been verified, and a bunch of folks at Cambridge reverse engineered and showed massive cryptographic flaws in it, such as reusing authentication tokens, overloading data semantics, and failing to ensure freshness of responses.

This is the same network that a leaked report showed had higher instances of fraud associated with it that were expected. This was a system designed, not for security, but for moving the consequences of fraud onto the retailer, a system where with a paperclip and some weak card readers caused card cloning  and was over £1m in fraudulent transactions.

So anyone with a suitable weak reader would have the ability to copy and reproduce ID cards. This is supposed to protect us? A network which cannot be checked because it belongs to a corporate entity?

There are ways to do it – the Estonia government has an identity card which uses proven, open standards to validate identity to government and banks. The Estonian identity card holds two X509 certificates, one for identity and one for signing documents and can be used for encryption when communicating with government or any other web site that cares to opt-in to the scheme, and there’s no need for specialised code, it’s just X509 after all. In addition the UK Government Gateway optionally uses X509 for company identification, so not much extra code needed there.

Of course I have my doubts about the purpose of the UK identity card anyway, it points more to monitoring and control through easily joined databases than anything to do with protecting citizens, but even so, if it’s going to be forced on us then lets do it right ok?