Nikita MariaDepartment of Applied InformaticsUniversity of Macedonia - Greece

e-Passport Layoute-Passport Technologiese-Passport Generationse-Passport VulnerabilitiesProposed MeasuresLegal EffortsConclusions and Proposals

5th International Conference on Information Law 2

The layout

5th International Conference on Information Law 3

Biometric Data powerful identifiers used for authentication and stored on a

RFID chip

R.F.I.D. contactless IC chip meets all three considerations of

usability, data capacity and performance [ICAO Technical Report, 2004]

embedded in the paper passport and communicates wirelessly with

the passport reader using an antenna

5th International Conference on Information Law 4

The International Civil Aviation Organization (ICAO) is a specialized agency that issues passport standards as recommendations to the national governments

Introduced the biometrics and the technology of contactless chips (RFID) and the communication protocols

The 3 e-Passport generations..

5th International Conference on Information Law 5

1st generation Passive Authentication Protocol (mandatory)▪ proves to the reader authenticity of the data ▪ cannot detect cloning

Active Authentication Protocol (optional)▪ chip authentication▪ Prevents cloning

What about the reader? Is he authentic?Is anyone else “listening” through the

communication channel?5th International Conference on Information Law 6

Skimming attacks occur from distance when an

unauthorized reader gains access to the stored data

the attacker communicates directly with the RFID chip (reader authentication needed)

5th International Conference on Information Law 7

Eavesdropping occurs when the attacker intercepts

the communication between the RFID chip and the border control reader (secure messaging)

5th International Conference on Information Law 8

1st generation Basic Access Control (optional)▪ Reader authentication▪ Secure messaging

5th International Conference on Information Law 9

The reader optically reads the MRZ and derives an access key

The RFID chip also knows this key

Cryptographic Session Key derived (Secure messaging)

Mutual authentication

2nd generation Extended Access Control Protocol

(optional)▪ Chip and Terminal authentication▪ Stronger encryption

Its disadvantage is that it depends on BAC!

BAC turned out to be a very successful protocol because of its simplicity

Now is implemented in almost every e-passport

BUT the security that it provides is limited by the design of the protocol - the keys are cryptographically weak

5th International Conference on Information Law 10

3rd generation Supplemental Access Control

(replace BAC)▪ implements asymmetric cryptography▪ data encryption is based on a shared key, unlike BAC which generates the key based on the MRZ

Data is protected both when stored on the chip and when transmitted to the reader

Higher level of protection is succeeded

5th International Conference on Information Law 11

Faraday cage is a metal jacket prevents any electric or

magnetic fields to pass through

A metal surface on an adjacent page

Both are vulnerable to eavesdropping when they are expressly presented by their holders!

5th International Conference on Information Law 12

ICAO In 1980 issued the first edition of the

Doc 9303 as a guideline for issuing machine-readable passports

Introduced the biometrics and the technology of contactless chips (RFID) and the communication protocols

The Doc 9303 evolved through time and separate volumes were published

Doc 9303 part 1 volume 2 (2006)▪ specifications for electronically enabled

passports with biometric identification capability were presented5th International Conference on Information Law 13

European Level E-passports introduced with Council

Regulation (EC) No 2252/2004 standards for security features and

biometrics in passports issued by Member States, taking into account the specifications of ICAO

the data subject’s right of verification is recognized access, rectify, erase

Commission Decision C(2005) 409issue passports with a digital facial image

stored in the RFID chip by 2006 fingerprints by 2008implement the BAC communication

protocol5th International Conference on Information Law 14

The widespread of privacy concerns used to originate mainly in the fields of law

Now has obviosly expanded into the information technologies

Since biometric data was stored on the RFID chip… Privacy Threats arose

The RFID technology’s infrastructure is responsible for these problems

The EU Commission suggested to enhance RFID with privacy enhancing technologies (PETs) (anonymisation, coding, encryption and authentication)

5th International Conference on Information Law 15

Intensive proposed methods to enhance protection of privacy are vital

Fundamental changes are required even to the physical design of the RFID

Or second thoughts should be done about replacing the RFID technology with another that follows data protection principles and applies privacy by design

Cooperation between computer and law scientists is vital for implementing a privacy enhancing technology for e-passports that entails the advantages of the RFID. 5th International Conference on Information Law 16

Thank you for your attention!

Any questions?

5th International Conference on Information Law 17