BBC Radio 4 World at One, on Thursday 17th November 2005:
contribution by Nigel Sedgwick (NCS) of Cambridge Algorithmica,
to the news broadcast covering the proposed UK National Identity Scheme.
The newscaster and interviewer was James Robins (JR).
JR: So is the former head of MI5 right? Well, Nigel Sedgwick of Cambridge Algorithmica is an expert on precisely this sort of technology. He told me that there are some difficulties setting up an unbeatable ID system; there are potential weaknesses. But still producing unforgeable cards should be technically possible.
NCS: If you have digital data, photographs and biometric templates, stored on National Identity Cards, the digital data could be protected against forgery or substitution by digital signatures. These add some extra data to the card, called a hash, that's only consistent with the true data. And you have to have a secret key to create a valid hash. You can then check whether the data and the hash are consistent using a public key that is available to everyone; just doing that on a computer attached to or in the card reader.
JR: But aren't there always equally bright people out there who manage to forge almost anything and find their way round complicated computer systems? People who hack into Pentagon computers? Aren't they the same people who'll be able to forge ID cards if they so chose?
NCS: It's all to do with the amount of computer power you have available. If you do the digital signature correctly, hacking into it will take too long for any and all the computers we have available to us.
JR: But what about the danger of multiple applications? About people trying to get more than one ID card?
NCS: Well, in theory and possibly in practice, biometrics can be used to detect multiple applications for identity cards. This is done by checking the biometrics of new applicants against those of all previous applicants. However, no known single biometric is good enough for this. It needs to be done with multi-biometrics, and biometric experts are not certain how well this would work, or whether a useful detection rate would reject too many honest applicants, and subject them to long-winded secondary checks.
JR: Nigel Sedgwick of Cambridge Algorithmica: more confident than Dame Stella that forgers may not be able to beat comprehensive security technology. What Mr Sedgwick does not claim to know, of course, is how much a really secure system will cost, and that's become a central issue in the debate.
(programme continues ...)
As requested by the BBC that morning, pre-recorded and edited, concerning technical issues related to the statement by Dame Stella Rimington, previously Director-General of the UK Security Service (MI5).
For one week, the audio broadcast is available for repeat listening on the Internet, below BBC webpage: http://www.bbc.co.uk/radio4/news/wato/
The contribution of Nigel Sedgwick occurred between 06:05 and 08:25 minutes into the programme. Concerning the National Identity Scheme, the full news item occurred between 05:05 and 18:10 minutes into the program.