A Classroom Project on Protecting Social Security Numbers from Identity Theft

Article excerpt

(ProQuest: ... denotes formulae omitted.)

INTRODUCTION

According to security experts, identity theft is one of the fastest growing crimes in America. Social Security Numbers (SSNs) can be used [5] to help assume the identity of other individuals and commit fraud. With an estimated 10 million individuals being victimized by identity theft each year, preventing SSNs from being stolen has become increasingly essential to help protect individuals [2].

The following presentation can work well in the classroom (including a project for a Discrete Matheamtics course) to illustrate an interesting method to protect personal information and prevent identity theft. Students can encrypt SSNs in order to generate other unique numbers that can be used for non-social security purposes, such as student identification cards, health insurance accounts, and medical records. This method can be computer implemented and will: encrypt an SSN into an Identification Number (ID), and then recover the SSN from the ID number. Therefore, there would be no need to store the SSN in the computer system. To illustrate the basic idea of this paper, we will use Student IDs (SIDs) as an example of a potential application of this method. The same basic method can also be applied to other uses that involve identification numbers.

ENCRYPTING THE SSN

In cryptography, many encryption methods already exist. For our research, we will specifically look at ciphers, which are general systems for hiding the meaning of a message by replacing each letter or number in the original message with another. Some of the most well-known ciphers are the Caesar cipher, Vigenère cipher, affine ciphers, polyalphabetic ciphers, substitution ciphers, permutation ciphers, and block ciphers [1, 3, 4, and 7]. We will use block ciphers to encrypt SSNs into student IDs (SIDs). As the name implies, the block cipher is a cipher that encrypts a string or block of numbers into another block of numbers. We will use matrix multiplication to convert SSNs to SIDs block by block. This cipher is not only simple to apply, but is also relatively secure.

To encrypt an SSN using a block cipher, we first break the 9-digit SSN into 3 blocks of 3-digit numbers. For example, an SSN 123-34-4500 is grouped into (1 2 3), (3 4 4), and (5 0 0). Then each block is turned into a 3x1 matrix: ..., ... and ... We then use a 3x3 matrix A, such as ..., to encrypt each block. This matrix A is known as a key in cryptology. We apply the matrix A to each block in matrix form by matrix multiplication.

Or, equivalently, we can complete the encryption of all three blocks by performing the following computation

The above calculations assign a new number to each digit of the SSN,

By putting these new numbers together, we generate the encrypted number

2593638235510255 for the SSN 123-34-4500. Here are two basic questions about this encryption method:

1. Will two SSNs generate the same encrypted number?

2. Can the original SSN be recovered from its encrypted number?

Suppose mat there is another SSN abc-de-fghi that generates the same encrypted number using the matrix A. We have

We know that if the matrix A is invertible (in this case the matrix A is invertible), applying the inverse A~l to both sides of the equation

from the left, we obtain that

Therefore, two SSNs with the same corresponding encrypted number are identical under the condition that the matrix A is invertible. So, the answer to Question 1 is that no two SSNs will generate the same encrypted SID as long as the key is an invertible matrix.

The condition that the matrix A is invertible is also essential to the answer of the second question. Recall that the encryption is described by the equation ... we multiply both sides of the equation by A^sup -1^ from the left and obtain ... Thus, we can recover the SSN 123-34-4500 under the condition that A is invertible. …