Security Test Lab 

 
.:: home ::: about Riscure ::: smart card testing ::: embedded testing ::: security tools ::: publications ::.
 

 

 

 

 

 

 

 

 

 

 

July 28, 2005

Privacy issues with new digital passport

The new digital passport lacks in the protection of personal details of the passport holder. An attacker intercepting the contactless communication between the passport and the border control system can get access to the personal information held on the chip inside the new passport. This discovery was made based on analysis of the ICAO passport standard and the present features of the Dutch (paper) passport. In the Netherlands, the digital passport will only be available from August 2006.

Theoretically, after intercepting the data, the security can be broken on a PC in 2 hours. This way, access is gained to personal details such as the date of birth and the facial image. The flaw is caused by dependencies in the secret key used to protect the data communication. As a result, number of keys that an attacker needs to search is considerably smaller than claimed (reduced to 35 bits). Since eavesdropping on the communication of the card or the reader is required, the eavesdropping equipment must be placed within a distance of 5 to 10 meters of the passport.

The secret key is made up of the passport expiry date, birth date and the passport number stored in the passport's Machine Readable Zone. The Dutch passport numbering scheme proves to be sequential and has a relation with the passport expiry date. Further, the last digit of the number is a checksum introducing additional predictability. The selection of a new and unpredictable passport numbering scheme would considerably improve the security.

Fortunately, the new digital passport is still under development and improvements to the system can still be made by the Department of Internal Affairs. This should ensure that the privacy of the Dutch passport holder is maintained.

Riscure is also investigating if the same threat applies to digital passports planned for in other European countries.

More information on this topic is found in this presentation: ePassport security [2.4MB].

Contact Person

Harko Robroch, +31 64843 2222,
robroch<at>riscure<dot>com

About Riscure

Riscure is a Security Test Lab based in the Netherlands. Riscure evaluates the security of smart cards and embedded devices for banks, credit card companies, GSM operators, manufacturers, organisations deploying digital IDs and companies in the pay television industry.

  
     
  More information:  
     
  home  
     
  management team  
     
  about riscure