Security and Privacy Issues in E-passport Ari Juels, David Molnar, and David Wagner Presented by Vivian Bates and Pano Elenis

2 Outline I. Key Words II. Introduction III.Radio Frequency identification (RFID) IV. Biometrics V. Related Work VI.Security and Privacy Threats VII.Cryptography in E-passports VIII. Strengthening Today’s E-passport IX.Future Issues in E-passport X.Conclusion

3 Key Words US-VISIT United States Visitor and Immigrant Status Indicator Technology program ISO International Organization for Standardization ICAO International Civil Aviation Organization, the issuer of the biometric passport standard currently being applied. The ISO :2005 is a short form of the ICAO standard RFID Radio Frequency Identification is an automatic identification method that rely on storing and remotely retrieving data using devices called RFID tags or transponders RFID (chip) Radio Frequency IDentifier (chip) a family of small chips that are capable of permanently and/or temporarily store information and duplex communication with a reader using radio waves MRTD Machine-Readable Travel Documents, an abbreviation used by the ICAO, means machine can read passports, visas and official travel documents Faraday Cage A capsule of radio wave blocking material (example aluminum) used to protect the RFID- chip in biometric passports from being read at other times than when reading is expected Biometric The verification of a human identity through the measurement of biological or behavioral characteristics. A unique, measurable characteristic or trait of a human being for automatically recognizing or verifying identity

4 Introduction New Generation of Identity Cards Combination of RFID and Biometric Technology Purpose : Reduce Fraud Identity Check Enhance security  ICAO guidelines:  RFID chips to store and transmit data in a wireless manner  biometric identity verification (face recognition)  ISO specifications:  radio frequency of 13.56MHZ  small passive chip  no on-board source of power  power derived indirectly from signal of a reader  intended read range 10 centimeters

5 US-VISIT US-VISIT is a first step in a multi-layered approach to enhance border security mandated adoption by October 2006 of Biometrically enabled passports by twenty- seven nations in its Visa-Waiver Program (VMP)  Foreign visitors traveling to the United States must have their two index fingers scanned and a digital photograph taken to match and authenticate their travel documents at the port of entry  The US-VISIT requirements do not replace visa requirements for entering the United States  For more information on visas, please visit the U.S. Department of State's

6 Passports  RFID tags are being embedded in passports issued by many countries  First E-passports issued by Malaysia in 1998  information  visual data page  record the travel history (time, date, and place) of entries and exits from the country  5,000,000 1 st generation in circulation, image of thumbprint  125,000 2 nd generation in circulation, extracted fingerprint only  Standards for RFID Passports  International Civil Aviation Organization (ICAO)  ICAO Document 9303, Part 1, Volumes 1 and 2 (6th edition, 2006)  ICAO refers to the ISO RFID chips in e-passports as "contactless integrated circuits“  ICAO standards provide for e-passports to be identifiable by a standard e- passport logo on the front cover.

7 Passports  RFID tags are included in new UK and some new US passports beginning in 2006  The US produced 10 million passports in 2005  Estimated that 13 million will be produced in 2006  The chips will store the same information that is printed within the passport  Include a digital picture of the owner  The passports will incorporate a thin metal lining to make it more difficult for unauthorized readers to "skim" information when the passport is closed

8 Radio waves have the longest wavelengths in the electromagnetic spectrum These waves can be longer than a football field or as short as a football

9 History of RFID Radio Frequency Identification: automatic identification method that rely on storing and remotely retrieving data using devices called RFID tags or transponders  1946 Leon Theremin invented an espionage tool for the Soviet government which retransmitted incident radio waves with audio information  1939 The British IFF transponder invented by the British used by the allies in World War II to identify airplanes as friend or foe  1948 Harry Stockman’s paper "Communication by Means of Reflected Power" (Proceedings of the IRE, pp 1196–1204, October predicted that "...considerable research and development work has to be done before the remaining basic problems in reflected-power communication are solved, and before the field of useful applications is explored.“  Mario Cardullo U.S. Patent 3,713,148 in 1973 was the first true ancestor of modern RFID (a passive radio transponder with memory)  1973 The first demonstration of today's reflected power passive and active (backscatter) RFID tags done at the Los Alamos Scientific Laboratory

10 General RFID  Data transmitted by a mobile device called a tag  Tag read by an RFID reader  RFID process according to the needs of a particular application  Data transmitted by the tag may provide  identification  location information  product tag specifics  price  color  date of purchase  Two Types of Tags  Passive  Active

11 Passive RFID Tags  Internal power supply  Electrical current induced in the antenna by the incoming radio frequency signal  CMOS integrated circuit tag to power up and transmit a response  Most passive tags signal by backscattering the carrier signal from the reader  Response not necessarily just an ID number  Tag chip can contain non-volatile EEPROM for storing data.  Embedded in a sticker or under the skin

12 Passive RFID Tags  Smallest devices measured 0.15 mm × 0.15 mm  Thinner than a sheet of paper 7.5 micrometers  Lowest cost EPC RFID tags (used by Wal-Mart, Target, Tesco in UK and Metro AG in Germany) for 5 cents  Antenna tag size of a postage stamp to the size of a post card  Passive tags practical read distances ranging from about 10 cm (4 in.) to a few meters  Non-silicon tags made from polymer semiconductors are currently being developed by several companies globally  Less expensive than silicon-based tags

13 Active RFID Tags  Own internal power source which is used to power any ICs that generate the outgoing signal  More reliable than passive tags due to the ability for active tags to conduct a "session" with a reader  Onboard power supply transmit at higher power levels than passive tags, allowing them to be more effective in "RF challenged" environments  like water (including humans/cattle, which are mostly water)  metal (shipping containers, vehicles)  longer distances

14 Active RFID Tags  Ranges hundreds of meters  Battery life of up to 10 years  Include sensors such as temperature logging  concrete maturity monitoring  monitor the temperature of perishable goods  humidity, shock/vibration  light, radiation, temperature and atmospherics like ethylene   Range 300 feet  Larger memories than passive tags  Store additional information sent by the transceiver  The United States Department of Defense  reduce logistics costs  improve supply chain visibility for more than 15 years  The smallest active tags are about the size of a coin and sell for a few dollars.

15 Supply Chain vs. Passport RFID Supply Chain RFID  simple  cheap  no support for cryptography  single identifier (kill command-render tag inoperable)  frequency 915 MHz  range read 5 meters Passport RFID  shorter intended read range  tamper resistance  cryptography

16 Biometrics A unique, measurable characteristic or trait of a human being for automatically recognizing or verifying identity Practical biometrics for e-passport deployment  Face recognition-automated analog of the ordinary human process of recognition  Fingerprint- determines that two friction ridge impressions originated from the same finger or palm  Imaging and automation fingerprint matching  Fingerprint scanners optical or silicon-sensor forms  Iris- uses pattern recognition techniques based on high resolution images of the iris of an individual's eye

17 Related Work Pattinson  Points out the need for direct link between optically scanned card data and secret keys embedded in e-passports  Outlines the privacy problems with-passports readable by anyone Jacob  Discusses issues in e-passport deployment in the Netherlands  Highlights the importance of basic access control  Investigates the issues surrounding a national database of biometrics identifiers Smart Card Research Group at IBM Zurich  Demonstrates a Javacard application running on a Philips chip that performs basic access control and active access control in under 2 seconds

18 E-Passports Security and Privacy Threats  Clandestine scanning  Clandestine tracking  Skimming and cloning  Eavesdropping  Biometric data-leakage  Cryptographic weaknesses

19 Secrecy and Privacy Threats Clandestine scanning Problem: Baseline ICAO guidelines do not require encryption or authentication between passports and readers An unprotected chip is subject to short range illegal scanning Clandestine tracking Problem: The standard for e-passport RFID chips (ISO 14443) stipulates the emission (without authentication) of a chip ID on protocol initiation A different ID on every passport (even if data can not be read) could enable tracking the movement of passport holder by unauthorized parties Skimming and cloning Problem: Baseline ICAO regulations require digital signatures on e- passport data Digital signatures allow the reader to verify that data came from the correct passport issuing authority No defense against cloning because the digital signatures do not bind the data to a particular passport or chip

20 Secrecy and Privacy Threats Eavesdropping Problem:Faraday cages do not prevent eavesdropping on legitimate passport to reader communications Function creep e-passports will be used in new areas like e-commerce feasibility may be feasible at a longer distance Detection difficulty in passive do not involve powered signal emission Faraday cages (a metallic material in the cover or holder ) prevent penetration of RFID signals Biometric data –leakage Problem: Baseline ICAO regulations require digitized headshots (Secrecy needed for authentication) Automation required with e-passports and physical environment is not strictly controlled Cryptographic weakness Problem: ICAO guidelines include an optional mechanism for authenticating and encrypting pass-port-to-reader communications No mechanism to revoke access once a reader knows the k key K key allows passport to talk to legitimate reader before releasing RFID tag information K key used to encrypt all data transmitted between the passport and the reader

21 E-passport Threats  Data leakage threats: skimming-covert reading of contents  Installation of RFID readers in doorways  Security checkpoint  airport  sporting event  concerts  Clandestine readers : resemble anti-theft gates  shops  entrances to buildings  Identity Theft: new identity or fake documents  photograph, name, birthday, social security card  Tracking and Hotlisting:  Tracking: static identifier track movement of RFID device  Hotlistings: target specific individuals  RFID enabled bomb keyed on collision avoidance UID  Unattended triggering  Comprehensive targeting

22 Biometric Threats  Automation  Human oversight  Opportunity for spoofing authentication system  Spillover  Compromised data one system threaten integrity of unrelated ones Special properties Passport photos  Image Quality  Higher quality than the image an attacker may produce  Forgery  Spoof face-recognition systems

23 Cryptography in E-passports Pano Elenis ICAO Specifications

24 The ICAO Specifications One mandatory cryptographic feature: Passive authentication –Data on e-passport signed by issuing nation –Permitted algorithms: RSA, DSA and ECDSA –Only demonstrates that data is authentic –Does not prove that container for data is authentic (i.e. the passport)

25 The ICAO Specifications Two optional cryptographic features for improved security: Basic Access Control and Secure Messaging –Ensures that data is only ready by authorized RFID readers –Stores a pair of secret cryptographic keys (K ENC, K MAC ) Active Authentication –Anti-cloning feature –Relies on public-key cryptography

26 Basic Access Control When a reader attempts to scan, a challenge- response protocol is engaged Proves knowledge of (K ENC, K MAC ) keys Upon successful authentication, a session key is derived and the passport releases its data K ENC and K MAC are derived from optically scannable data printed on the passport –The passport number, the date of birth of the bearer, the date of expiration of the passport and three check, one for each of the three preceding values.

27 Key Establishment Mechanism 6 Keying and Nonce Concatenation Encrypt Checksum Random nonce Checks MAC and decrypts Keying material Concatenation Encrypt Checksum

28 Encryption and Decryption Two key 3DES in CBC mode with: Zero IV (i.e. 0x ) according to ISO

29 Retail Message Authentication Code Cryptographic checksums are calculated using ISO/IEC MAC algorithm 3 with: Block cipher DES Zero IV (8 bytes) ISO padding method 2.

30 Basic Access Control Shortcomings Entropy of key is too small –ICAO PKI Technical Report warns that entropy key is at most 56 bits –Some of these bits may be guessable in some circumstances A single fixed key is used for the lifetime of the e- passport –Impossible to revoke a reader’s access to the e-passport once it has been read –Databases of keys may be inadvertently compromised Basic Access Control is still better than no encryption at all

31 Active Authentication Anti-cloning feature Does not prevent unauthorized parties from reading e-passport contents Relies on public-key cryptography Proves that e-passport has possession of a private key The corresponding public key is stored as a part of the signed data on the passport

32 Active Authentication Mechanism Random nonce Verifies signed message with passport’s public key Random nonce Concatenation Signs X with private key with ISO padding ISO/IEC 7816 Internal Authenticate mechanism

33 Active Authentication Public-key must be tied to specific e-passport and biometric data to avoid man-in-the-middle attacks Every reader capable of Active Authentication and is compliant with the ICAO specifications must also have hardware capability for Basic Access Control Deployments that neglect this part will open themselves to a risk of cloned e-passports

34 Active Authentication Issues The certificate required for verifying Active Authentication also contains enough information to derive a key for Basic Access Control When used with RSA or Rabin-Williams signatures, responses can be distinguished As a result, tracking and hotlisting attacks are possible even if Basic Access Control is in use It is recommended that Active Authentication be carried out only over a secure session after Basic Access Control has been employed and session keys derived.

35 Cryptographic measures in planned deployments A Federal Register notice dated February 18, 2005 provides a number of details on U.S. e-passport plans The Federal notice offers three reasons for the decision not to implement Basic Access Control –The data stored in the chip is identical to the data printed in the passport –Encrypted data would slow entry processing time –Encryption would impose more difficult technical coordination requirements among nations implementing the e-passport system Faraday cages will enough to prevent eavesdropping

36 Flaw in Federal notice reasoning Reason 3 is flawed because all the data required to derive keys for Basic Access Control on the data page, no coordination amongst nations is required Faraday cages are not sufficient to protected against unauthorized eavesdropping Lack of Basic Access Control means that any ISO compliant reader can easily read data from the e-passport Original deployment choices of the U.S. puts e- passport holder at risk for tracking, hotlisting and biometric leakage

37 Planned Deployments Malaysian identity cards/passports are not compliant as it predates ICAO standards Other nations may or may not meet the United Stats mandate for deployment in 2005 Due to complaints from several countries, the deadline as been extended from October 2005 to October 2006

38 Strengthening Today’s E-passports Faraday cages –Simple measure to prevent unauthorized readings (skimmings) –Materials such as aluminum fiber can block RF signals –Does not prevent an eavesdropper from snooping on a legitimate reading –Faraday cages were deprecated in favor of Basic Access Control because they do not prevent eavesdropping.

39 Strengthening Today’s E-passports Larger secrets for Basic Access Control –Long term keys only contain 52 bits of entropy –Brute-force attack –The addition of a 128-bit secret, unique to each passport, would strengthen the resistance to brute-force attacks Private collision avoidance –The collision avoidance protocol in ISO uses an UID –Care must be taken that each UID read is different and that UIDs are unlinkable across sessions –A countermeasure would be to pick a new random identifier on every tag read

40 Strengthening Today’s E-passports Beyond optically readable keys –Current ICAO approach ties neatly together with physical presence and the ability to read biometric data –Might not be possible for next-generation ID cards –Important to create a keying mechanism that limits a reader’s power to reuse secret keys and a matching authorization infrastructure for e- passport readers

41 Future Issues in E-passports Visas and writeable e-passports –Upon the acceptance of e-passports, there will be the desire to support visas and other endorsements –Being that multiple RFID chips may interfere with each other, the feasibility to include a new RFID tag with each visa stamp may not be possible –Instead, all the data would have to be stored on the same chip as the passport data –Requires the ability to write data after issuance

42 Future Issues in E-passports A simple first attempt at visas on e- passports: –An area specified as append-only memory for visas –Visa would be named by e-passport and signed by issuing government –Could possibly include “sanity checks” to ensure a visa is properly signed and names the correct e-passport before committing it to the visa memory area

43 Future Issues in E-passports Another thing to consider is that some travelers do not want border control to know where they’ve traveled –For example, most Arab countries will refuse entry to holders of passports which bear Israeli visas –The previous example is considered a legitimate reason, but someone entering the United States from Canada may be harboring terrorists –It may be hard in the future to determine the legitimate reasons from the illegitimate, but preventing illegitimate visa removals will become a goal of future visa-enabled e-passports

44 Future Issues in E-passports Function creep –Passports might some day come to serve as authenticators for consumer payments or mass transit passes –Has the ability to undermine data protection features as it will spread bearer data more widely among divergent systems –May lead to consumer convenience (i.e. removal of optical scanning and faraday-cage use) –Unless new privacy features are added, it is conceivable that an e-passport can reveal a great deal of private information –For example, an age check at a bar can also leak information about their passport number, place of birth, and possibly elements of their travel history –Web cookies are an instructive example of function creep

45 Conclusion The secrecy requirements for biometric data imply that unauthorized reading of e-passport data is a security risk as well as a privacy risk At a minimum, a Faraday Cage and Basic Access Control should be used in ICAE deployments to prevent unauthorized remote reading of e-passports. Because the U.S. deployment uses Active Authentication, readers are required to include the capability to optically scan e-passports. This capability is sufficient for Basic Access Control and would therefore require no change or coordination with other nations to implement it. Today’s e-passports deployments are just the first wave of next-generation identification devices

46 Current News 27 countries participating in the Visa Waiver Program: –Andorra, Australia, Austria, Belgium, Brunei, Denmark, Finland, France, Germany, Iceland, Ireland, Italy, Japan, Liechtenstein, Luxembourg, Monaco, the Netherlands, New Zealand, Norway, Portugal, San Marino, Singapore, Slovenia, Spain, Sweden, Switzerland and the United Kingdom.

47 Current News According to a statement released by the Department of State on August 14, 2006, the issuance of e-passports to the public begins today Production has started at the Colorado Passport Agency and will be expanded to other production facilities over the next few months Consistent with globally interoperable specifications adopted by the International Civil Aviation Organization (ICAO), this next generation of the U.S. passport includes biometric technology A contactless chip in the rear cover of the passport will contain the same data as that found on the biographic data page of the passport (name, date of birth, gender, place of birth, dates of passport issuance and expiration, passport number), and will also include a digital image of the bearer’s photograph

48 Current News The Department of State has employed a multi- layered approach to protect the privacy of the information –Metallic anti-skimming material incorporated into the front cover and spine of the e-passport book prevents the chip from being skimmed, or read, when the book is fully closed –Basic Access Control (BAC) technology, which requires that the data page be read electronically to generate a key that unlocks the chip, will prevent skimming and eavesdropping –A randomized unique identification (RUID) feature will mitigate the risk that an e-passport holder could be tracked. To prevent alteration or modification of the data on the chip, and to allow authorities to validate and authenticate the data, the information on the chip will include an electronic signature (PKI)

49 Current News The Electronic Passport Logo –Will be displayed at border inspection lanes and transit ports equipped with special data readers

50 Current News Hackers Clone E-Passports – Successfully cloned to a blank RFID tag –Not possible to change data on the chip without being detected –Due to cryptographic hashes that authenticate data

51 Passport Front Cover

52 Inside Cover and First Page

53 Data and Signature Pages

54 Visa Pages

55 Visa Pages

56 Old and New Passport

57 References