信息网络安全 ›› 2015, Vol. 15 ›› Issue (5): 21-27.doi: 10.3969/j.issn.1671-1122.2015.05.004

• 技术研究 • 上一篇    下一篇

身份证件的安全要求和可使用的密码学技术

武传坤()   

  1. 中国科学院信息工程研究所信息安全国家重点实验室,北京 100093
  • 收稿日期:2015-04-08 出版日期:2015-05-10 发布日期:2018-07-16
  • 作者简介:

    作者简介: 武传坤(1964-),男,山东,研究员,博士,主要研究方向:信息安全、物联网安全。

  • 基金资助:
    中国科学院先导专项子课题[XDA06010701]

The Security Requirement and Applicable Cryptographic Techniques on Identity Cards

WU Chuan-kun()   

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
  • Received:2015-04-08 Online:2015-05-10 Published:2018-07-16

摘要:

在我们日常生活中少不了使用身份证来鉴别身份。许多情况下,身份证是辅助但又是不可或缺的证件:出售房屋除提供房屋产权证外,还需要提供卖方有效的身份证件;银行提取大额款项除提供银行卡/折外,也需要提供申请人甚至账户户主的有效身份证件。从某种意义上说,许多证件的防伪需求都没有身份证更重要。大家知道,公民身份证制作属于国家机密,一般人不知其技术细节。但是,正如许多IT行业的事例所表明的,通过加工技术细节的保护手段来提供信息安全保护是带有很大风险的。因此需要更好地鼓励公众研究,并在公众研究成果的基础上,结合技术保护等手段进行加工制作。文章阐述了身份证目前防伪性能方面的不足,论述了将来身份证,特别是公民身份证应该具有的安全功能,探索密码技术在身份证制作中的应用,希望对将来制作更安全可靠的身份证提供一些参考。

关键词: 身份证, 基于身份的密码学, 密钥管理

Abstract:

Identity cards are often used in our normal life to identity someone. In many cases, identity cards are complementary but necessary documents: when someone tends to sell his/her real estate property, apart from showing the original certificate of the property, a valid identity card of the seller is also necessary; in the process of large amount currency withdraw from a bank account, the identity card of the withdrawer together with a valid bank card is necessary. So, in some sense, the forgery detection of many other documents can be complemented by the forgery detection of identity cards. As we know, the production of resident identity cards is a national secret; hence most people do not now know its technical detail. However, as has been shown by many instances in the information technology industry that, the information security provision via manufacturing process has great risks. So public research should be encouraged, and based on the public research outcomes, the manufacture process should combine technical means of protections. This paper tends to overview the weakness of current identity cards in detecting forgeries, discuss the security functionalities that should be possessed by identity cards, particularly by the residential identity cards, intending to explore the possibility for the cryptographic techniques to be used in identity cards, expecting to provide some reference for securer identity card production in the future.

Key words: identity card, identity-based cryptography, key management

中图分类号: