Security and Privacy Issues in E-Passports

Slides:



Advertisements
Similar presentations
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Advertisements

Section 2.3 – Authentication Technologies 1. Authentication The determination of identity, usually based on a combination of – something the person has.
Made Harta Dwijaksara Park, Yi Jae
E- passports Erik Poll Digital Security Group Radboud University Nijmegen.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Digital Signatures and Hash Functions. Digital Signatures.
Department of Labor HSPD-12
Security of eGovernment, European Parliament, Brussels 2013 Max Snijder, Linda Kool, Geert Munnichs L Kool | 1 19 February 2013 Findings from the ePassport.
Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.
Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Security in RFID Presented By… NetSecurity-Spring07
Risk of Using RFID chips in Passports Oscar Mendez.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Fuzzy Commitment Ari Juels RSA Laboratories DIMACS Workshop on Cryptography: Theory Meets Practice 15 October 2004.
#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.
EPC for Security Applications By Jacob Ammons & Joe D’Amato.
Physical-layer Identification of RFID Devices Authors: Boris Danev, Thomas S. Heyde-Benjamin, and Srdjan Capkun Presented by Zhitao Yang 1.
David Molnar, David Wagner - Authors Eric McCambridge - Presenter.
P O L I C E D E P A R T M E N T  Biometric passport – Passport Act – Issuing a biometric passport – Development project  Biometric Passport To Biometric.
Chapter 10: Authentication Guide to Computer Network Security.
Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
New Technologies and Travel Documents ICAO 12 th Meeting of the Facilitation Division Cairo March 23, 2004.
Cryptography, Authentication and Digital Signatures
Security and Privacy Issues in E-passport Ari Juels, David Molnar, and David Wagner Presented by Vivian Bates and Pano Elenis.
28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.
Section 2.3 – Authentication Technologies 1. Authentication The determination of identity, usually based on a combination of – something the person has.
DIGITAL SIGNATURE.
THE MALAYSIAN ELECTRONIC PASSPORT
Azam Supervisor : Prof. Raj Jain
IDENTITY NUMBERS BY A.M.VILLAVAN M.TECH(COS). RFID Acronymn: Radio Frequency Identification Device RFID is a technology, whose origins are found in the.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Network Security Celia Li Computer Science and Engineering York University.
11/18/2003 Smart Card Authentication Mechanism Tim W. Baldridge, CISSP Marshall Space Flight Center Office of the Chief Information Officer.
Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.
Nikita Maria Department of Applied Informatics University of Macedonia - Greece.
TAG Presentation 18th May 2004 Paul Butler
Securing Data in ePassports
THE MALAYSIAN ELECTRONIC PASSPORT
Security of Digital Signatures
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Technical Report PKI for
Agenda Item 3: Report of the New Technologies Working Group
Information System and Network Security
Challenge/Response Authentication
Information Security.
Information Security message M one-way hash fingerprint f = H(M)
TAG Presentation 18th May 2004 Paul Butler
Unique Identification Number Project
New Technologies and Travel Documents
Information and Network Security
Securing Data in ePassports
Security and Privacy Issues in E-passports
Information Security message M one-way hash fingerprint f = H(M)
Using SSL – Secure Socket Layer
Welcome To Money pad November 23, 2018 Sample footer.
Technical Report PKI for
Information Security message M one-way hash fingerprint f = H(M)
By Hyun-Chul Kim, Hong-Woo Lee, Kyung-Seok Lee, Moon-Seog Jun
Cryptography and Network Security
Lecture 4 - Cryptography
A Framework of Remote Biometric Authentication on the Open Network
Security in SDR & cognitive radio
E-identities (and e-signatures)
Agenda Item 3: Report of the New Technologies Working Group
Introduction to key terms and concepts of legal identity
Presentation transcript:

Security and Privacy Issues in E-Passports -Ari Juels, David Molnar, and David Wagner Presented By: Vipul Gupta

A YouTube Video Link: http://www.youtube.com/watch?v=bZNfqztFlZU 4/27/2019

Outline Introduction Background Information Related Works Security and Privacy Threats E-Passport threats Cryptography in E-Passports Strengthening Today’s E-Passports Future Issues in E-passports Conclusions 4/27/2019

Introduction E-Passports (Biometric Passports) Need: A new generation of Identity Cards Combined paper and electronic document (uses integrated circuit chip) Use the Radio Frequency Identification and Biometric Authentication Technologies Need: Reduce Fraud Identity Check Enhance Security 4/27/2019

US-VISIT Program Initiative of the Department of Homeland Security Mandated adoption of Biometrically enabled passports by October 2006 under Visa Waiver Program (VWP) VWP allows citizens of some countries to travel to the US for up to 90 days without obtaining the visa The passports issued are based on ICAO guidelines 4/27/2019

International Civil Aviation Organization (ICAO) Run by the United Nations Responsible for setting international passport standards Require incorporating RFID chips into passports Microchips can store and transmit data wirelessly 4/27/2019

E-Passports E-Passports will contain digitized photographs of their bearers US-VISIT requires two fingerprint images in addition to the headshot Malaysia has been issuing e-passports since 1998 4/27/2019

RFID Radio Frequency Identification Communicates wirelessly with a reading device, using a “tag” also called as transponder For E-Passports, ISO 14443 standard requires a radio frequency of 13.56 MHz Types of tags: Active and Passive E-passports use passive tags, i.e. they do not have an onboard source of power - derive power indirectly from the interrogating signal of the reader Tag read range is 10 cm 4/27/2019

RFID The RFIDs used for E-passports are different from the ones used for Supply Chain Management Tags used for SCM are simple, cheap and do not support cryptography; operate at 915 MHz; intended read range is 5 meters 4/27/2019

Biometrics Verification of human identity through the measurement of biological characteristics Mechanism through which human beings authenticate each other For e-passport deployment biometrics preferred are: Face Recognition Fingerprints Irises 4/27/2019

Biometrics Process – An authenticated user “enrolls” by presenting an initial, high quality biometric image to the sensor This information is stored as a template In order to prove the identity during authentication, the user again presents the biometric to the sensor Verification done by comparing with the template 4/27/2019

Related Works Pattinson outlines privacy issues for e-passports that may be readable by anyone Does not consider biometric data leakage Jacob highlights the need for Basic Access Control and investigates issues Smart Card Research Group (at IBM) demonstrated an application that performs basic access control and active access control in under 2 seconds 4/27/2019

Security and Privacy Threats Clandestine Scanning The ICAO guidelines do not mandate authenticated or encrypted communication between passports and readers An unprotected passport chip is susceptible to clandestine scanning up to a few feet leading to leakage of personal information Clandestine Tracking The ISO standard stipulates the emission of a chip ID on protocol initiation Unauthorized parties may use this to track a passport holder (provided the chip ID is unique for passport) 4/27/2019

Security and Privacy Threats Skimming and Cloning ICAO regulations mandate using digital signatures on e- passport data which can verify that data came from the correct passport issuing authority However, digital signatures do not bind data to a particular passport or chip… Problem !! Cryptographic Weaknesses ICAO provides an optional mechanism for authenticating and encrypting passport-to-reader communications Once the reader knows the key, there is no mechanism to revoke it 4/27/2019

Security and Privacy Threats Eavesdropping Faraday cage in e-passports – metallic material in the cover or holder that prevents the penetration of RFID signals Do not protect from eavesdropping on legitimate passport to reader communication (as in airports) Biometric Data-Leakage E-passports to contain biometric images Preventing this biometric information from leakage is important Automated environments are not strictly controlled 4/27/2019

E-Passport Threats Data Leakage Threats Identity Thefts: E-passports vulnerable to skimming RFID readers can be installed in doorways; tags can be read from anyone passing through the doorways Can be setup at a number of places like building entrances, shops, concerts, sporting events, etc. Sensitive information contained in an e-passport can thus be compromised Identity Thefts: a photograph, name, birthday, (and additionally a SSN) may serve as ingredients to creating a new identity 4/27/2019

E-Passport Threats Tracking and Hotlisting: static identifier allows for tracking the movements of RFID device Hotlisting - explicit targeting of specific individuals 4/27/2019

E-Passport Threats Biometric Threat Automation leads to: Spilling: Relaxation of Human Oversight Spoofing of Biometric Authentication System Spilling: Compromise of data in one system, may affect the integrity of another unrelated system Special qualities of passport pictures: Image Quality: higher than what an attacker can obtain Disclosure may enable forgery: Holding up a photo can spoof face recognition systems 4/27/2019

Cryptography in E-Passports ICAO Specifies one mandatory use of cryptographic feature for e-passports Passive Authentication: data on an e-passport must be signed by the issuing nation using RSA, DSA (Digital Signature Algorithm) and ECDSA (Elliptic Curve DSA) It demonstrates only that the data is authentic It does not demonstrate that the container for data (e- passport) is authentic 4/27/2019

ICAO Specifications Optional cryptographic features for improved security: Basic Access Control and Secure Messaging Stores a secret pair of keys on the chip (Kenc, Kmac) When a reader attempts to scan passport, it engages in a challenge response protocol that proves the knowledge of keys and derives a session key To ensure that tag data is read only by authorized RFID readers If authentication is successful, passport releases data 4/27/2019

Basic Access Control Keys are derived from optically scannable data printed on the passport - A passport number (a nine number value) Date of Birth Date of Expiration of Passport Three check digits, one for each of the above values 4/27/2019

ISO 11770-2 Key Establishment Mechanism 6 (Used by E-Passports) 4/27/2019

Drawbacks of Basic Access Control Entropy of the keys is small (at most 56 bits) Key length is slightly shorter for general population Birth date yields about 14 bits of entropy Expiration (max. 10 years) yields 11 US Passport numbers have at most 27 bits of entropy Hence BAC keys have at most 52 bits of entropy Single fixed key is used throughout the lifetime of the e-passport 4/27/2019

Active Authentication While BAC is a confidentiality feature, Active Authentication is anti-cloning feature Relies on Public Key Cryptography E-Passport proves the possession of a private key Corresponding public key is stored as part of signed data on the passport 4/27/2019

Active Authentication Passport receives an 8-byte challenge from the reader Signs it using its private key (SK) and returns result Signature can be verified with Passport’s public key 4/27/2019

Drawbacks of Active Authentication Certificate required for verifying active authentication has enough information to derive key for BAC, hence it must be kept secret Does not protect against Tracking and Hotlisting attacks even if BAC is in use 4/27/2019

Cryptographic Measures in Planned Deployments Federal Register notice gives three reasons for not using Basic Access Control: The data stored in the chip are identical to those printed in the passport Encrypted data would slow entry processing time Encryption would impose more difficult technical coordination requirements among nations implementing the e-passport system E-passports will carry Faraday cages and readers will be shielded to prevent eavesdropping 4/27/2019

Federal Reasoning - flaws Reason 3 is flawed - data required to derive keys for Basic Access Control is on the data page, no coordination amongst nations is required Faraday cages cannot protect against unauthorized eavesdropping Without BAC any ISO 14443 compliant reader can easily read data from the e-passport 4/27/2019

Strengthening Today’s E-passports Faraday Cages Simplest measure against unauthorized reading Materials like aluminum fiber (opaque to RF signals) used to create a Faraday cage Don’t prevent eavesdropping on legit reading Larger secrets for BAC 52 bit entropy not enough Add 128 bit secret (unique to each passport) to the key derivation algorithm This secret could form a larger passport number or a separate field on the e-passport 4/27/2019

Strengthening Today’s E-passports Private Collision Avoidance ISO 14443 uses UID as part of its collision avoidance protocol Countermeasure – pick a new random ID on every tag read Beyond optically readable keys Create a keying mechanism that limits a reader’s power to reuse secret keys 4/27/2019

Future Issues in E-passports Visas and writable e-passports Keeping visa information on the same chip (as different RFID may interfere with each other) – writing data to the e-passport after it has been issued Function creep Identification standardization may cause passports to become authenticators for consumer payments or mass transit passes Age checking at a bar may yield other personal information like date and place of birth, passport number, etc. 4/27/2019

Current Deployment Status of E-Passports In the European Union, while countries had been obliged to implement machine readable facial images since 28.08.2006, they have to implement machine readable fingerprints by 29.06.2009 Serbia (July 7, 2008), Philippines (mid-2009), Croatia (July 1,2009), Taiwan (since 29.12.2008) India (September 2009 – for regular citizens), Iran (early 2009 – for regular citizens) Canada (2011 – for regular citizens) 4/27/2019

Conclusions Unauthorized reading of e-passport data is a security risk as well as privacy risk Faraday Cages and BAC should be used to prevent remote reading of e-passport data Today’s e-passports are just a first wave of next generation identification devices 4/27/2019

Thank You For Patient Listening.. 4/27/2019

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.