Universe’s strength needed to break Aadhaar encryption: UIDAI CEO to SC

It wasn’t an easy day’s work for the Unique Identification Authority of India CEO Ajay Bhushan Pandey as he gave a PowerPoint presentation on Aadhaar in the Supreme Court as part of the proceedings in the ongoing case about the legality of the unique identification project. Even as Pandey batted for the security measures in place in the Aadhaar system to reassure the five-judge bench, he had to face tough follow up questions from the bench regarding the petitioners’ claims.
It was one of a kind scene at the SC on Thursday as two LCD screens were set up along with projectors in the courtroom where the case was being heard. However, just before the beginning of the presentation at 2.30 PM, one of the projectors failed and the presentation had to be done from the other one only.
The court had asked the petitioners to submit questions in writing for the presentation. Starting his presentation, the UIDAI chief said that there was no identity document for citizens before 2009 and even he didn’t have an ID since he came from a “small village.”
Arguing that Aadhaar provided people a way to obtain services and subsidies in an efficient manner as it is not as difficult as getting a ration card to get public distribution grains.

He even argued that no Aadhaar data is shared without consent and in exceptional circumstances, never without the permission of a district judge or in the cases of national security.
Contending that the data is safe and secure inside the Aadhaar’s 2048 bit encryption system, which is eight times stronger than the usual encryption used in financial systems, Pandey said that “it will take the whole universe’s strength to break this encryption.”
However, Justice Sikri questioned the UIDAI chief about the cancellation of license of 49,000 enrollment operators and pointed out that not all of them would have been because of corruption or low quality of demographic data. To this, Pandey reiterated that UIDAI has very strict quality control standards.
While Pandey also argued that when people’s biometrics change they won’t be denied services because an authentication failure message will be shown, which will ask them to update their biometrics, judges weren’t too convinced. Justice D Y Chandrachud said that UIDAI will get a failure message but won’t get to know if a person has been denied a service, which amounts to exclusion.
Pandey responded by saying that the authority has been issuing instructions that no one should be denied benefits if their biometrics fail as there are over-riding methods such as one-time-password and demographic authentication available.
Pandey also informed the court that Aadhaar enrollment is done in prisons also, apart from banks and post offices where enrollment centres are set up. The presentation included a tour of the enrollment and e-KYC process.
Pandey contended that not one agency has so far taken biometric data for national security purposes and even the Central Bureau of Investigation was denied.
A startling revelation from the UIDAI chief came just before the bench rose for the day when he said that even the authority doesn’t know the purpose for which Aadhaar authentications are being done.
“We are doing 4 crore (40 million) authentications every day. We don’t know the purpose of these authentications. Information remains in the silos and merging of silos is also prohibited,” he said.business-standard

%d bloggers like this: