KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Estimating Resident Registration Numbers of Individuals in Korea: Revisited

  • Kim, Heeyoul (Department of Computer Science, Kyonggi University) ;
  • Park, Ki-Woong (Department of Computer and Information Security, Sejong University) ;
  • Choi, Daeseon (Department of Medical Information, Kongju National University) ;
  • Lee, Younho (ITM Programme, Department of Industrial and Systems Engineering, SeoulTech)
  • Received : 2017.12.15
  • Accepted : 2018.01.26
  • Published : 2018.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Choi et al's work [1] in 2015 demonstrated that the resident registration numbers (RRNs) of individuals could be conveniently estimated through their personal information that is ordinarily disclosed in social network services. As a follow-up to the study, we introduce the status of the RRN system in Korea in terms of its use in the online environment, particularly focusing on their secure use. We demonstrate that it is still vulnerable against a straightforward attack. We establish that we can determine the RRNs of the current president Moon Jae-In and the world-class singer PSY.

Keywords

References

  1. D. Choi, Y. Lee, Y. Park, S. Kim, "Estimating Korean Residence Registration Numbers from Public Information on SNS," IEICE Transactions on Communication, vol. 98, no. 4, pp. 1070-1086, 2015.
  2. Partial Amendment of Personal Information Protection Act, No. 12504, 24th Mar., 2014.
  3. Selenium WebDriver.
  4. Tech musings, "The incredible growth of the Internet since 2000," Oct., 2010.
  5. Namu wiki, Residence Registration Number.
  6. Y. Kim, H. Lee, H. Ko, K. Kim, J. Kim et al., "A Study on Improvement of Individual Identification System: Focusing on Resident Registration Number," Korea Development Institute Report, June 2014. (written in Korean)
  7. Korean Personal Information Protection Association, "Resident Registration Collection Acceptance Act," 2014. (written in Korean)
  8. Y. Song, H. Kim, and J. Huh, "On the Guessability of Resident Registration Numbers in South Korea," in Proc. of Australasian Conference on Information Security and Privacy (ACISP) 2016, LNCS vol. 9722, pp. 128-138.
  9. J. F. Ludvigsson, P. O. Olausson, B. U. Pettersson, and A. Ekbom, "The Swedish personal identity number: possibilities and pitfalls in healthcare and medical research," European Journal of Epidemiology, vol. 24, issue 11, pp. 659-667, 2009. https://doi.org/10.1007/s10654-009-9350-y
  10. Deena L. Millsapp, "Protecting Social Security Numbers from Identity Theft," US Patent Application Publication, NO:US 20070110282 A1, May 17, 2007.
  11. A. Martin and I. Martinovic, "Security and Privacy Impacts of a Unique Personal Identifier," Cyber Studies Programme, Working Paper Series - No. 4, University of Oxford, 2016.
  12. H. Rengamani, P. Kumaraguru, R. Chakraborty, and H. R. Rao, "The Unique Identification Number Project: Challenges and Recommendations," in Proc. of ICEB 2010, LNCS vol. 6005, pp. 146-153, 2010.
  13. A. Acquisiti, and R. Gross, "Predicting Social Security numbers from public data," in Proc. of National Academy of Sciences, vol. 106, no. 27, pp. 10975-10980, 2009. https://doi.org/10.1073/pnas.0904891106
  14. AllCredit: A credit rating web service managed by Korea Credit Bureau Ltd.
  15. Unused page in the web site managed by National People's Liberation Committee: the real name check page: available at
  16. R. B. Black, "Legislating U. S. Data Privacy in the Context of National Identification Numbers: Models from South Africa and the United Kingdom," Cornell International Journal, Vol. 34: Issue. 2, Article 4.