Uploaded byRaidTan
PPT, PDF353 views

NRIC_numbers.ppt

The document discusses reverse engineering the algorithm used to compute the check digit for Singapore identity card numbers (NRIC/FIN). Through analyzing a sample of FIN numbers from a public database and using a "virtual experimentation" approach with an online library database, the author determines: 1) The same modulo 11 checksum algorithm is used for all prefixes (S,T,F,G), but the mapping of the check digit (letter) is shifted by 4 positions between S/T prefixes and F/G prefixes. 2) A universal algorithm is presented that works for any UIN/FIN, depending on the century prefix. 3) Some open questions about the algorithm design are also discussed.

Embed presentation

Download to read offline
42 1 Fun with numbers Breaking the NRIC check digit algorithm
42 1 Introduction • The algorithm for computing the check digit for Singapore identity card numbers is unpublished • Algorithm is partially described in various open sources • Objective of this exercise is to elucidate the complete algorithm from internet resources and “virtual experimentation”
42 1 UIN/FIN structure • The National Registration Identity Card (NRIC) number is the Unique Identification Number (UIN) or Foreigner Identification Number (FIN) • Century prefix • S, T - 19th and 20th letters of alphabet for UINs issued in 19xx and 20xx respectively • F, G - Foreigners (not 7th and 8th century !) • Check digit (official reference) – Computed from first eight characters of UIN/FIN – Detects data entry errors Century Prefix 7 digit number Check Digit
42 1 UIN/FIN algorithm • Government will release UIN/FIN algorithm for computing check digit, BUT – “Application is open ONLY to Singapore-based organisations with the legitimate need for the UIN/FIN validation.” – “Your application is subject to our final approval and our decision shall be final” – License agreement requires: • “The Licensee agrees to take all reasonable steps to protect the Licensed Material from unauthorised copying, adaptation or use.” – License fee • Algorithm $200 • Sample code $400 Source: ICA website (http://app.ica.gov.sg/related_links/uin_fin/unifin_faq.asp)
42 1 IP Analysis Can the government really prohibit unauthorised use ? • Copyright – Source code is subject to copyright – Algorithms are not subject to copyright • Patent – Algorithms are patentable, but • Patent must be published • Prior art probably exists in this case • Patent, if any is long expired (> 20 yrs) • Trade Secret – May be protectable under the license agreement – BUT, no secret if the information is already publicly available or obtained via a different route
42 1 Modulo 11 checksum • Algorithm for S-series (old-style) NRIC numbers is well-known* d = [(d1 d2 d3 d4 d5 d6 d7) • (2 7 6 5 4 3 2 )] mod 11 = ( 2d1 + 7d2 + 6d3 + 5d4 + 4d5 + 3d6 + 2d7 ) mod 11 Lookup d: d 10 9 8 7 6 5 4 3 2 1 0 Check digit A B C D E F G H I Z J Weights 7-digit NRIC number • Does this work for F, G, T-prefix UIN/FINs ? * e.g. soc.culture.singapore newgroup postings (1995) 1
42 1 Reverse Engineering the FIN algorithm • Find a large set of FINs then reverse engineer the check digits to determine weights and mapping of checksum to letters • MOM publishes a list of Registered Safety Officers on its website • 48 out of 1,287 Safety officers are foreigners with FINs • By inspection, same algorithm and same weights are used but with different check letters: F 8 1 7 9 5 9 9 K 10 F 5 5 3 3 3 9 7 K 10 F 7 7 8 3 9 8 0 K 10 F 5 5 6 4 4 3 8 K 10 F 5 5 5 8 2 8 3 K 10 F 2 4 1 3 0 7 6 L 9 F 2 4 0 7 5 3 6 L 9 F 5 5 9 3 2 0 4 L 9 F 7 3 4 8 9 4 8 L 9 F 2 5 2 9 7 7 9 L 9 F 7 3 4 2 5 6 0 M 8 F 7 7 0 8 0 3 3 M 8 F 2 3 1 5 9 6 4 M 8 F 8 1 7 9 5 9 8 M 8 F 1 9 2 0 2 6 2 M 8 F 5 5 6 0 5 4 2 N 7 F 8 1 0 4 0 4 9 N 7 F 8 3 2 0 1 9 2 N 7 F 1 9 2 1 7 4 3 N 7 F 8 1 3 1 2 5 2 N 7 F 7 7 7 2 7 1 7 P 6 F 0 8 2 3 1 6 0 P 6 FINs extracted from MOM website d 10 9 8 7 6 5 4 3 2 1 0 Check digit K L M N P Q R T U W X Checksums calculated using formula 1
42 1 21st century UINs - T & G prefix • Difficult to obtain large list of T-and G-series UINs – Children born and foreigners registered during or after 2000 • Solution: Use a brute force approach and rely on the National Library web interface to check accuracy of guess
42 1 Virtual Experiment Verifying UIN/FIN check digits Enter Test UIN/FIN Guess check digit (letter) corresponding to IC number Guess incorrect Guess correct ! Enter any name / birth month Error 2 Error 1 NLB Online Services or
42 1 21st century UIN/FIN check digit • By exhaustive search, we conclude for T-prefix UINs – Same weighting factors and modulo 11 algorithm is used but – Mapping of check digits is shifted 4 places • Similar shift is observed for G-prefix FINs d 10 9 8 7 6 5 4 3 2 1 0 S prefix A B C D E F G H I Z J T prefix H I Z J A B C D E F G Shift 4 places d 10 9 8 7 6 5 4 3 2 1 0 F prefix K L M N P Q R T U W X G prefix T U W X K L M N P Q R Shift 4 places
42 1 Universal UIN/FIN Check Digit Algorithm • For any UIN/FIN of format P d1d2d3d4d5d6d7 C where P = Century prefix {S, T, F or G} di = Number, i = 1..7 C = Check Digit (letter) d = { d0 + [(d1 d2 d3 d4 d5 d6 d7) • (2 7 6 5 4 3 2 )] } mod 11 d0 = 0 for P = S or F = 4 for P = T or G d 10 9 8 7 6 5 4 3 2 1 0 UIN (S,T prefix) A B C D E F G H I Z J FIN (F,G prefix) K L M N P Q R T U W X Check digit is determined by prefix and value of d
42 1 References • UIN algorithm described in chapter 3 of course notes for NUS Coding Theory course (http://www.math.nus.edu.sg/~ma3218) – S & T prefix algorithm confirmed • No known public references to F, G-prefix FIN algorithm Other checksum implementations • Hong Kong Identity Card – HKID uses numerical check digit, e.g. B255241(3) – Check digit given by modulo 11 checksum with weights (8, 7, 6, 5, 4, 3, 2) where letter prefix is converted to number A=1, B=2, etc. – Use X if remainder is 10 • International Standard Book Number (ISBN) – ISBN is 9 digit number with check digit given by modulo 11 checksum – Weights (1, 2, 3, 4, 5, 6, 7, 8, 9) – Use X if remainder is 10 http://www.ghs.edu.hk/webtec/lindacws/CS/notes/theory/Data%20Control.pdf http://en.wikipedia.org/wiki/ISBN
42 1 Points to Ponder • Why modulo 11 ? – For numerical check digit, using modulo 11 allows checksum to be written as single digit (10 = X) – For alphabetic check digit, modulo 26 is more likely to detect errors • Why weights (2, 7, 6, 5, 4, 3, 2) ? – Is there an optimal weighting scheme (compare to HKID, ISBN weighting factors) ? • Why ABCDEFGHIZJ for S-prefix UINs ? • Will there be U-series UINs in 2200 ?

More Related Content

PPTX
Python Strings.pptx
byM Vishnuvardhan Reddy
 
PPTX
Array in c
byHarsh Bhanushali
 
PPTX
Variable scope ppt in vb6
byAmanHooda4
 
PPT
Validation
byJTHSICT
 
PPTX
Isin securities
byDheerajKashnyal
 
PPS
Nossi Ch 1
bylesaturner
 
PPTX
Numbers Numbers Everywhere and example of how algorithms exist right under ou...
bydennisexton0
 
PPTX
Error Detection and Error Correction in the Real World
byhubb201
 
Python Strings.pptx
byM Vishnuvardhan Reddy
 
Array in c
byHarsh Bhanushali
 
Variable scope ppt in vb6
byAmanHooda4
 
Validation
byJTHSICT
 
Isin securities
byDheerajKashnyal
 
Nossi Ch 1
bylesaturner
 
Numbers Numbers Everywhere and example of how algorithms exist right under ou...
bydennisexton0
 
Error Detection and Error Correction in the Real World
byhubb201
 

Similar to NRIC_numbers.ppt

PPTX
Cyclicity of unit digit
byvishalkhare_27
 
PPT
Defense Senior College on Error Coding presentation 4/22/2010
byFelicia Fort, MBA
 
PDF
unit-i-number-systems.pdf
byRameshK531901
 
PDF
Luhn's algorithm to validate Egyptian ID numbers
byFaculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt
 
PDF
Algorithms for programmers ideas and source code
byDuy Phan
 
DOCX
© Copyright 2013 by Pearson Education, Inc. All Rights Res.docx
byLynellBull52
 
PPTX
Digital electronica RSS vvvdmsASmCMmmmmmcdsdvfssc
byAnji (M.Tech)
 
PPT
File Security And Integrity 03 March 08
byuzdee
 
PPT
6.01.hash tableintro
byamoldkul
 
PPTX
Unique ID Authority of India, Design and Cloud Connection
bySuhas Kelkar
 
PDF
Cryptography
byHardik Sondagar
 
PDF
On Client and Transaction Identification and Matching Problems
byEmil Varga
 
PDF
Bits, Bytes and Blobs
byMrinal Wadhwa
 
PDF
Chap1x6
byFrdous Hashem
 
Cyclicity of unit digit
byvishalkhare_27
 
Defense Senior College on Error Coding presentation 4/22/2010
byFelicia Fort, MBA
 
unit-i-number-systems.pdf
byRameshK531901
 
Luhn's algorithm to validate Egyptian ID numbers
byFaculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt
 
Algorithms for programmers ideas and source code
byDuy Phan
 
© Copyright 2013 by Pearson Education, Inc. All Rights Res.docx
byLynellBull52
 
Digital electronica RSS vvvdmsASmCMmmmmmcdsdvfssc
byAnji (M.Tech)
 
File Security And Integrity 03 March 08
byuzdee
 
6.01.hash tableintro
byamoldkul
 
Unique ID Authority of India, Design and Cloud Connection
bySuhas Kelkar
 
Cryptography
byHardik Sondagar
 
On Client and Transaction Identification and Matching Problems
byEmil Varga
 
Bits, Bytes and Blobs
byMrinal Wadhwa
 
Chap1x6
byFrdous Hashem
 

Recently uploaded

PDF
Introduction to Software , Product and Process
byGunjalSanjay
 
PDF
TR095A120SPC 0.95″ AMOLED Display Module, 120×120 Resolution
bySyluxdisplay
 
PDF
BO139A454SPI 1.39″ Round AMOLED Display Module, 454×454, SPI & MIPI
bySyluxdisplay
 
PPTX
RTOS_Automatic_Room_Light_Controller_ Exp.no.1.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
PDF
1.39 inch Flexible Round AMOLED Display for Smartwatch
bySyluxdisplay
 
PDF
Operating system Introduction to System Call
bySanjay Gunjal
 
PPTX
Web Technology Overview with list of assignments along with the technology
byYogeshDeshmukh85
 
PPTX
uCOS_II_LED_Multitasking_Exp.no.2.pptx uCOS_II_LED_Multitasking_Exp.no.2.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
PDF
Introduction : Operating-System Services
bySanjay Gunjal
 
PDF
Performance Benchmarking Strategies for AI/HPC/EdgeAI
byDanny Jiang
 
PDF
22PEOIT4C_Artificial_Intelligence_UNIT_III_Notes_Final
byGuru Nanak Technical Institutions
 
PDF
An Open Foundation Model for Generalist Humanoid Robot
byNABLAS株式会社
 
PDF
22PEOIT4C Artificial Intelligence Unit II notes Final.pdf
byGuru Nanak Technical Institutions
 
PDF
TU/e - 2025-2026 - Lecture Geotechnics 3 - Arkesteijn
byRuud Arkesteijn
 
PPTX
TEST presentation to see if I can share it with notes.
byFernando Benavides
 
PPTX
An Early Production Facility (EPF) is a modular, temporary system for rapidly...
byDrAdelSalem1
 
PPTX
Starter Generator Testing – Why It Is Critical for Aerospace & Defence Platforms
byNeometrix_Engineering_Pvt_Ltd
 
PPTX
Calculation of hardness of Water on Ion Exchange.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PPTX
MET 464- MICRO AND AND NANO MANUFACTURING -MOD 2.pptx KTU 2019
byVINAY B
 
PPTX
UNIT 1.3-Structure of Polymers_Material Science-.pptx
byDr. Sandip Thorat
 
Introduction to Software , Product and Process
byGunjalSanjay
 
TR095A120SPC 0.95″ AMOLED Display Module, 120×120 Resolution
bySyluxdisplay
 
BO139A454SPI 1.39″ Round AMOLED Display Module, 454×454, SPI & MIPI
bySyluxdisplay
 
RTOS_Automatic_Room_Light_Controller_ Exp.no.1.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
1.39 inch Flexible Round AMOLED Display for Smartwatch
bySyluxdisplay
 
Operating system Introduction to System Call
bySanjay Gunjal
 
Web Technology Overview with list of assignments along with the technology
byYogeshDeshmukh85
 
uCOS_II_LED_Multitasking_Exp.no.2.pptx uCOS_II_LED_Multitasking_Exp.no.2.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
Introduction : Operating-System Services
bySanjay Gunjal
 
Performance Benchmarking Strategies for AI/HPC/EdgeAI
byDanny Jiang
 
22PEOIT4C_Artificial_Intelligence_UNIT_III_Notes_Final
byGuru Nanak Technical Institutions
 
An Open Foundation Model for Generalist Humanoid Robot
byNABLAS株式会社
 
22PEOIT4C Artificial Intelligence Unit II notes Final.pdf
byGuru Nanak Technical Institutions
 
TU/e - 2025-2026 - Lecture Geotechnics 3 - Arkesteijn
byRuud Arkesteijn
 
TEST presentation to see if I can share it with notes.
byFernando Benavides
 
An Early Production Facility (EPF) is a modular, temporary system for rapidly...
byDrAdelSalem1
 
Starter Generator Testing – Why It Is Critical for Aerospace & Defence Platforms
byNeometrix_Engineering_Pvt_Ltd
 
Calculation of hardness of Water on Ion Exchange.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
MET 464- MICRO AND AND NANO MANUFACTURING -MOD 2.pptx KTU 2019
byVINAY B
 
UNIT 1.3-Structure of Polymers_Material Science-.pptx
byDr. Sandip Thorat
 

NRIC_numbers.ppt

  • 1.
    42 1 Fun with numbers Breakingthe NRIC check digit algorithm
  • 2.
    42 1 Introduction • The algorithmfor computing the check digit for Singapore identity card numbers is unpublished • Algorithm is partially described in various open sources • Objective of this exercise is to elucidate the complete algorithm from internet resources and “virtual experimentation”
  • 3.
    42 1 UIN/FIN structure • TheNational Registration Identity Card (NRIC) number is the Unique Identification Number (UIN) or Foreigner Identification Number (FIN) • Century prefix • S, T - 19th and 20th letters of alphabet for UINs issued in 19xx and 20xx respectively • F, G - Foreigners (not 7th and 8th century !) • Check digit (official reference) – Computed from first eight characters of UIN/FIN – Detects data entry errors Century Prefix 7 digit number Check Digit
  • 4.
    42 1 UIN/FIN algorithm • Governmentwill release UIN/FIN algorithm for computing check digit, BUT – “Application is open ONLY to Singapore-based organisations with the legitimate need for the UIN/FIN validation.” – “Your application is subject to our final approval and our decision shall be final” – License agreement requires: • “The Licensee agrees to take all reasonable steps to protect the Licensed Material from unauthorised copying, adaptation or use.” – License fee • Algorithm $200 • Sample code $400 Source: ICA website (http://app.ica.gov.sg/related_links/uin_fin/unifin_faq.asp)
  • 5.
    42 1 IP Analysis Can thegovernment really prohibit unauthorised use ? • Copyright – Source code is subject to copyright – Algorithms are not subject to copyright • Patent – Algorithms are patentable, but • Patent must be published • Prior art probably exists in this case • Patent, if any is long expired (> 20 yrs) • Trade Secret – May be protectable under the license agreement – BUT, no secret if the information is already publicly available or obtained via a different route
  • 6.
    42 1 Modulo 11 checksum •Algorithm for S-series (old-style) NRIC numbers is well-known* d = [(d1 d2 d3 d4 d5 d6 d7) • (2 7 6 5 4 3 2 )] mod 11 = ( 2d1 + 7d2 + 6d3 + 5d4 + 4d5 + 3d6 + 2d7 ) mod 11 Lookup d: d 10 9 8 7 6 5 4 3 2 1 0 Check digit A B C D E F G H I Z J Weights 7-digit NRIC number • Does this work for F, G, T-prefix UIN/FINs ? * e.g. soc.culture.singapore newgroup postings (1995) 1
  • 7.
    42 1 Reverse Engineering theFIN algorithm • Find a large set of FINs then reverse engineer the check digits to determine weights and mapping of checksum to letters • MOM publishes a list of Registered Safety Officers on its website • 48 out of 1,287 Safety officers are foreigners with FINs • By inspection, same algorithm and same weights are used but with different check letters: F 8 1 7 9 5 9 9 K 10 F 5 5 3 3 3 9 7 K 10 F 7 7 8 3 9 8 0 K 10 F 5 5 6 4 4 3 8 K 10 F 5 5 5 8 2 8 3 K 10 F 2 4 1 3 0 7 6 L 9 F 2 4 0 7 5 3 6 L 9 F 5 5 9 3 2 0 4 L 9 F 7 3 4 8 9 4 8 L 9 F 2 5 2 9 7 7 9 L 9 F 7 3 4 2 5 6 0 M 8 F 7 7 0 8 0 3 3 M 8 F 2 3 1 5 9 6 4 M 8 F 8 1 7 9 5 9 8 M 8 F 1 9 2 0 2 6 2 M 8 F 5 5 6 0 5 4 2 N 7 F 8 1 0 4 0 4 9 N 7 F 8 3 2 0 1 9 2 N 7 F 1 9 2 1 7 4 3 N 7 F 8 1 3 1 2 5 2 N 7 F 7 7 7 2 7 1 7 P 6 F 0 8 2 3 1 6 0 P 6 FINs extracted from MOM website d 10 9 8 7 6 5 4 3 2 1 0 Check digit K L M N P Q R T U W X Checksums calculated using formula 1
  • 8.
    42 1 21st century UINs- T & G prefix • Difficult to obtain large list of T-and G-series UINs – Children born and foreigners registered during or after 2000 • Solution: Use a brute force approach and rely on the National Library web interface to check accuracy of guess
  • 9.
    42 1 Virtual Experiment Verifying UIN/FINcheck digits Enter Test UIN/FIN Guess check digit (letter) corresponding to IC number Guess incorrect Guess correct ! Enter any name / birth month Error 2 Error 1 NLB Online Services or
  • 10.
    42 1 21st century UIN/FINcheck digit • By exhaustive search, we conclude for T-prefix UINs – Same weighting factors and modulo 11 algorithm is used but – Mapping of check digits is shifted 4 places • Similar shift is observed for G-prefix FINs d 10 9 8 7 6 5 4 3 2 1 0 S prefix A B C D E F G H I Z J T prefix H I Z J A B C D E F G Shift 4 places d 10 9 8 7 6 5 4 3 2 1 0 F prefix K L M N P Q R T U W X G prefix T U W X K L M N P Q R Shift 4 places
  • 11.
    42 1 Universal UIN/FIN CheckDigit Algorithm • For any UIN/FIN of format P d1d2d3d4d5d6d7 C where P = Century prefix {S, T, F or G} di = Number, i = 1..7 C = Check Digit (letter) d = { d0 + [(d1 d2 d3 d4 d5 d6 d7) • (2 7 6 5 4 3 2 )] } mod 11 d0 = 0 for P = S or F = 4 for P = T or G d 10 9 8 7 6 5 4 3 2 1 0 UIN (S,T prefix) A B C D E F G H I Z J FIN (F,G prefix) K L M N P Q R T U W X Check digit is determined by prefix and value of d
  • 12.
    42 1 References • UIN algorithmdescribed in chapter 3 of course notes for NUS Coding Theory course (http://www.math.nus.edu.sg/~ma3218) – S & T prefix algorithm confirmed • No known public references to F, G-prefix FIN algorithm Other checksum implementations • Hong Kong Identity Card – HKID uses numerical check digit, e.g. B255241(3) – Check digit given by modulo 11 checksum with weights (8, 7, 6, 5, 4, 3, 2) where letter prefix is converted to number A=1, B=2, etc. – Use X if remainder is 10 • International Standard Book Number (ISBN) – ISBN is 9 digit number with check digit given by modulo 11 checksum – Weights (1, 2, 3, 4, 5, 6, 7, 8, 9) – Use X if remainder is 10 http://www.ghs.edu.hk/webtec/lindacws/CS/notes/theory/Data%20Control.pdf http://en.wikipedia.org/wiki/ISBN
  • 13.
    42 1 Points to Ponder •Why modulo 11 ? – For numerical check digit, using modulo 11 allows checksum to be written as single digit (10 = X) – For alphabetic check digit, modulo 26 is more likely to detect errors • Why weights (2, 7, 6, 5, 4, 3, 2) ? – Is there an optimal weighting scheme (compare to HKID, ISBN weighting factors) ? • Why ABCDEFGHIZJ for S-prefix UINs ? • Will there be U-series UINs in 2200 ?