Privacy activists in many countries question and protest the lack of information about exactly what the passports' chip will contain, and whether they impact civil liberties. The main problem they point out is that data on the passports can be transferred with wireless RFID technology, which can become a major vulnerability. Although this could allow ID-check computers to obtain your information without a physical connection, it may also allow anyone with the necessary equipment to perform the same task. If the personal information and passport numbers on the chip aren't encrypted, the information might wind up in the wrong hands.
To protect against such unauthorized reading, or "skimming", in addition to employing encryption the U.S. has also undertaken the additional step of integrating a very thin metal mesh into the passport's cover to act as a shield to make it more difficult to read the passport's chip when the passport is closed.[9] A U.S. company, Identity Stronghold, is now manufacturing an RFID-blocking sleeve to prevent any skimming while the passport is inside the sleeve. Research students from Vrije University in the Netherlands speaking at the August 2006 Black Hat conference in Las Vegas showed that RFID passports can be cloned relatively easily, and can be remotely spied upon despite the radio-blocking shields included in US designs. They found they could read the passports from 60 centimetres (23.6 inches) away if they are opened by just 1 cm (0.39 inches), using a device which can be used to hijack radio signals that manufacturers have touted as unreadable by anything other than proprietary scanners.[10][11][12]
At the same conference, Lukas Grunwald demonstrated that it is trivial to copy the biometric certificate from an open e-passport into a standard ISO 14443 smartcard using a standard contact-less card interface and a simple file transfer tool. This is hardly surprising, given that the certificate is simply stored as a file, and had been obvious to those involved in the design of the ICAO e-passport standard throughout its development. In particular, Grunewald did not change the data held on the copied chip, which binds biometric data (e.g., photo) to identity data (e.g., name and date of birth), without invalidating its cryptographic signature, which means at present the use of this technique does not allow reprogramming of fake biometric data to match a different user. Grunewald also did not clone the Active Authentication functionality, an optional feature of the ICAO e-passport standard that some countries implement such that the embedded microprocessor is not only a floppy-disk-like data carrier for a biometric certificate, but also a tamper-resistant authentication token that can participate in a public-key cryptography based challenge-response protocol. Nevertheless, Grunewald created international media headlines with his claim that such copying of the biometric certificate constitutes the creation of a "false passport" using equipment costing around USD$200.[13]
On December 15, 2006, the BBC published an article on the British ePassport, citing the above stories and adding that:
"Nearly every country issuing this passport has a few security experts who are yelling at the top of their lungs and trying to shout out: 'This is not secure. This is not a good idea to use this technology'", citing a specialist who states "It is much too complicated. It is in places done the wrong way round - reading data first, parsing data, interpreting data, then verifying whether it is right. There are lots of technical flaws in it and there are things that have just been forgotten, so it is basically not doing what it is supposed to do. It is supposed to get a higher security level. It is not."
and adding that the Future of Identity in the Information Society (FIDIS) network's research team (a body of IT security experts funded by the European Union) has "also come out against the ePassport scheme... [stating that] European governments have forced a document on its citizens that dramatically decreases security and increases the risk of identity theft."
no subject
To protect against such unauthorized reading, or "skimming", in addition to employing encryption the U.S. has also undertaken the additional step of integrating a very thin metal mesh into the passport's cover to act as a shield to make it more difficult to read the passport's chip when the passport is closed.[9] A U.S. company, Identity Stronghold, is now manufacturing an RFID-blocking sleeve to prevent any skimming while the passport is inside the sleeve. Research students from Vrije University in the Netherlands speaking at the August 2006 Black Hat conference in Las Vegas showed that RFID passports can be cloned relatively easily, and can be remotely spied upon despite the radio-blocking shields included in US designs. They found they could read the passports from 60 centimetres (23.6 inches) away if they are opened by just 1 cm (0.39 inches), using a device which can be used to hijack radio signals that manufacturers have touted as unreadable by anything other than proprietary scanners.[10][11][12]
At the same conference, Lukas Grunwald demonstrated that it is trivial to copy the biometric certificate from an open e-passport into a standard ISO 14443 smartcard using a standard contact-less card interface and a simple file transfer tool. This is hardly surprising, given that the certificate is simply stored as a file, and had been obvious to those involved in the design of the ICAO e-passport standard throughout its development. In particular, Grunewald did not change the data held on the copied chip, which binds biometric data (e.g., photo) to identity data (e.g., name and date of birth), without invalidating its cryptographic signature, which means at present the use of this technique does not allow reprogramming of fake biometric data to match a different user. Grunewald also did not clone the Active Authentication functionality, an optional feature of the ICAO e-passport standard that some countries implement such that the embedded microprocessor is not only a floppy-disk-like data carrier for a biometric certificate, but also a tamper-resistant authentication token that can participate in a public-key cryptography based challenge-response protocol. Nevertheless, Grunewald created international media headlines with his claim that such copying of the biometric certificate constitutes the creation of a "false passport" using equipment costing around USD$200.[13]
On December 15, 2006, the BBC published an article on the British ePassport, citing the above stories and adding that:
"Nearly every country issuing this passport has a few security experts who are yelling at the top of their lungs and trying to shout out: 'This is not secure. This is not a good idea to use this technology'", citing a specialist who states "It is much too complicated. It is in places done the wrong way round - reading data first, parsing data, interpreting data, then verifying whether it is right. There are lots of technical flaws in it and there are things that have just been forgotten, so it is basically not doing what it is supposed to do. It is supposed to get a higher security level. It is not."
and adding that the Future of Identity in the Information Society (FIDIS) network's research team (a body of IT security experts funded by the European Union) has "also come out against the ePassport scheme... [stating that] European governments have forced a document on its citizens that dramatically decreases security and increases the risk of identity theft."