Digital Signatures in Drivers License Barcodes

You may have noticed the implementation of cryptographically secure digital signatures in some drivers license barcodes. This is the work of CBN STI (Canadian Bank Note Secure Technologies Inc), the current secure credential provider for New York, North Carolina, Virginia, and Wisconsin drivers licenses and ID cards. This article presents our research findings on these digital signatures, their underlying mechanisms, and their implications for our barcode service.

Note: at the time of writing this article, the digital identity provider Intellicheck only validates the signatures for NY, NC, and VA. Wisconsin is not validated properly.

Understanding Digital Signatures

A digital signature, in essence, is a cryptographic technique used to verify the authenticity and integrity of digital data.

1. Authenticity: Confirms the document was issued by a legitimate authority (e.g. the DMV)
2. Integrity: Guarantees that not a single letter, number, or symbol has been altered since issuance

This is achieved through asymmetric cryptography, involving a pair of keys: a private key, known only to the signer, and a public key, which can be widely distributed. The signer (e.g. the DMV) uses their private key to create the unique digital signature tied to the barcode data, and anyone with the corresponding public key can verify it.

Digital Signatures in Drivers License Barcodes

CBN STI implements a digital signature within the barcode of the driver's licenses it produces. While the exact algorithms are proprietary and closely guarded, our research indicates that this signature utilizes the Elliptic Curve Digital Signature Algorithm (ECDSA) in conjunction with the SHA-512 cryptographic hash function, a military-grade combination trusted by banks and governments worldwide. The resulting signature is then encoded using Base85, a binary-to-text encoding scheme, to efficiently represent the signature data within the barcode's limited space.

The process works as follows: First, all the data fields on the driver's license (name, address, date of birth, etc.) are concatenated and hashed using SHA-512. This produces a unique "fingerprint" of the license data. This fingerprint is then signed using the issuing authority's (e.g., the state DMV's) private key. This signed hash is the digital signature. Any modification to even a single character within the barcode data (e.g. changing "1990" to "1991") will result in a different hash value, and therefore, an invalid signature.

Barcode Validation

Our research into digital identity validation providers has revealed important distinctions in how different providers verify these digital signatures. Most providers, including Veriscan and Checkpoint, perform only basic structural validation by confirming that the signature field contains properly encoded data that decodes to a valid ASN.1 DER format binary signature. While this approach confirms the presence of a formally valid signature, it does not verify the cryptographic authenticity of that signature.

For complete cryptographic verification, a validation service must possess the correct public key corresponding to the issuing authority's private key. Through extensive testing of various validation services, we found that Intellicheck currently appears to be the only digital identity verification provider performing full cryptographic verification using the correct public keys. This was demonstrated through controlled tests where minimal alterations were made to legitimate barcodes such that changing even a single character in any field consistently results in validation failure with Intellicheck, while other validators continue to accept the modified data as long as it contains a properly formatted signature.

This distinction is significant because we are able to use our own private key to create signatures that pass basic structural validation. This means that barcodes generated using our service will still pass on all validation providers other than Intellicheck. However, without access to the issuing authority's private key, it is mathematically impossible to generate a signature that will pass true cryptographic verification.

Cryptographic Security

The security of ECDSA relies on the computational difficulty of the Elliptic Curve Discrete Logarithm Problem (ECDLP). This mathematical problem is considered intractable, that even quantum computers can't yet solve. The private key used by the issuing authority is kept secret and is never exposed to the public. SHA-512, the hash function used, is designed to be collision-resistant, meaning it's practically impossible to find two different inputs that produce the same hash output. These factors combined make it computationally impossible for anyone to generate a valid signature without possessing the correct private key.

Implications for Barcode Generators

The introduction of cryptographically verifiable digital signatures in driver's license barcodes represents a significant advancement in document security. It moves beyond simple data validation to true cryptographic proof of authenticity and integrity. This research highlights the critical importance of employing validation systems that utilize the correct public keys for signature verification. Systems that only perform structural checks are vulnerable to sophisticated forgeries. This development has broad implications for the future of secure credentials and the fight against identity fraud.

Conclusion

Digital signatures embedded in driver's license barcodes represent a substantial advancement in document security. The implementation by CBN STI, using ECDSA, SHA-512, and Base85 encoding, coupled with robust key management practices, offers a high level of assurance against forgery. The findings emphasize the necessity for identity verification platforms to adopt comprehensive validation methods, specifically including verification against the issuer's public key, to fully leverage the security benefits of these digital signatures.