Security and Privacy Issues in E-passport

Ari Juels, David Molnar, and David Wagner

Presented by

Vivian Bates and Pano Elenis

2

OutlineI. Key Words

II. Introduction

III. Radio Frequency identification (RFID)

IV. Biometrics

V. Related Work

VI. Security and Privacy Threats

VII. Cryptography in E-passports

VIII. Strengthening Today’s E-passport

IX. Future Issues in E-passport

X. Conclusion

3

Key WordsUS-VISIT

United States Visitor and Immigrant Status Indicator Technology programISO International Organization for StandardizationICAO International Civil Aviation Organization, the issuer of the biometric passport standard

currently being applied. The ISO 7501-1:2005 is a short form of the ICAO standardRFID Radio Frequency Identification is an automatic identification method that rely on storing

and remotely retrieving data using devices called RFID tags or transponders RFID (chip) Radio Frequency IDentifier (chip) a family of small chips that are capable of permanently

and/or temporarily store information and duplex communication with a reader using radio waves

MRTD Machine-Readable Travel Documents, an abbreviation used by the ICAO, means

machine can read passports, visas and official travel documents Faraday Cage A capsule of radio wave blocking material (example aluminum) used to protect the RFID-

chip in biometric passports from being read at other times than when reading is expected

Biometric The verification of a human identity through the measurement of biological or behavioral

characteristics. A unique, measurable characteristic or trait of a human being for automatically recognizing or verifying identity

4

Introduction New Generation of Identity Cards Combination of RFID and Biometric Technology

Purpose: Reduce Fraud Identity Check Enhance security

ICAO guidelines: RFID chips to store and transmit data in a wireless manner biometric identity verification (face recognition)

ISO 14443 specifications: radio frequency of 13.56MHZ small passive chip no on-board source of power power derived indirectly from signal of a reader intended read range 10 centimeters

5

US-VISITUS-VISIT is a first step in a multi-layered approach to enhance border security

mandated adoption by October 2006 of Biometrically enabled passports by twenty-seven nations in its Visa-Waiver Program (VMP)

Foreign visitors traveling to the United States must have their two index fingers scanned and a digital photograph taken to match and authenticate their travel documents at the port of entry

The US-VISIT requirements do not replace visa requirements for entering the United States

  For more information on visas, please visit the U.S. Department of State's

6

Passports RFID tags are being embedded in passports issued by many countries

First E-passports issued by Malaysia in 1998 information visual data page record the travel history (time, date, and place) of entries and exits from the

country 5,000,000 1st generation in circulation, image of thumbprint 125,000 2nd generation in circulation, extracted fingerprint only

Standards for RFID Passports International Civil Aviation Organization (ICAO) ICAO Document 9303, Part 1, Volumes 1 and 2 (6th edition, 2006) ICAO refers to the ISO 14443 RFID chips in e-passports as "contactless

integrated circuits“ ICAO standards provide for e-passports to be identifiable by a standard e-

passport logo on the front cover.

7

Passports

RFID tags are included in new UK and some new US passports beginning in 2006

The US produced 10 million passports in 2005

Estimated that 13 million will be produced in 2006

The chips will store the same information that is printed within the passport

Include a digital picture of the owner

The passports will incorporate a thin metal lining to make it more difficult for unauthorized readers to "skim" information when the passport is closed

8

Radio waves have the longest wavelengths in the electromagnetic spectrum

These waves can be longer than a football field or as short as a football

http://imagers.gsfc.nasa.gov/ems/radio.html

9

History of RFIDRadio Frequency Identification: automatic identification method that rely on storing and

remotely retrieving data using devices called RFID tags or transponders

1946 Leon Theremin invented an espionage tool for the Soviet government which retransmitted incident radio waves with audio information

1939 The British IFF transponder invented by the British used by the allies in World War II to identify airplanes as friend or foe

1948 Harry Stockman’s paper "Communication by Means of Reflected Power" (Proceedings of the IRE, pp 1196–1204, October predicted that "...considerable research and development work has to be done before the remaining basic problems in reflected-power communication are solved, and before the field of useful applications is explored.“

Mario Cardullo U.S. Patent 3,713,148 in 1973 was the first true ancestor of modern RFID (a passive radio transponder with memory)

1973 The first demonstration of today's reflected power passive and active (backscatter) RFID tags done at the Los Alamos Scientific Laboratory

10

General RFID Data transmitted by a mobile device called a tag

Tag read by an RFID reader

RFID process according to the needs of a particular application

Data transmitted by the tag may provide identification location information product tag specifics

price color date of purchase

Two Types of Tags Passive Active

11

Passive RFID Tags

Internal power supply

Electrical current induced in the antenna by the incoming radio frequency signal

CMOS integrated circuit tag to power up and transmit a response

Most passive tags signal by backscattering the carrier signal from the reader

Response not necessarily just an ID number

Tag chip can contain non-volatile EEPROM for storing data.

Embedded in a sticker or under the skin

12

Passive RFID Tags Smallest devices measured 0.15 mm × 0.15 mm

Thinner than a sheet of paper 7.5 micrometers

Lowest cost EPC RFID tags (used by Wal-Mart, Target, Tesco in UK and Metro AG in Germany) for 5 cents

Antenna tag size of a postage stamp to the size of a post card

Passive tags practical read distances ranging from about 10 cm (4 in.) to a few meters

Non-silicon tags made from polymer semiconductors are currently being developed by several companies globally

Less expensive than silicon-based tags

13

Active RFID Tags

Own internal power source which is used to power any ICs that generate the outgoing signal

More reliable than passive tags due to the ability for active tags to conduct a "session" with a reader

Onboard power supply transmit at higher power levels than passive tags, allowing them to be more effective in "RF challenged" environments like water (including humans/cattle, which are mostly water) metal (shipping containers, vehicles) longer distances

14

Active RFID Tags Ranges hundreds of meters

Battery life of up to 10 years

Include sensors such as temperature logging concrete maturity monitoring monitor the temperature of perishable goods humidity, shock/vibration light, radiation, temperature and atmospherics like ethylene

Range 300 feet

Larger memories than passive tags

Store additional information sent by the transceiver

The United States Department of Defense reduce logistics costs improve supply chain visibility for more than 15 years

The smallest active tags are about the size of a coin and sell for a few dollars.

15

Supply Chain vs. Passport RFID

Supply Chain RFID simple cheap no support for cryptography single identifier

(kill command-render

tag inoperable) frequency 915 MHz range read 5 meters

Passport RFID shorter intended read range tamper resistance cryptography

16

Biometrics

A unique, measurable characteristic or trait of a human being for automatically recognizing or verifying identity

Practical biometrics for e-passport deployment

Face recognition-automated analog of the ordinary human process of recognition

Fingerprint- determines that two friction ridge impressions originated from the same finger or palm

Imaging and automation fingerprint matching Fingerprint scanners optical or silicon-sensor forms

Iris- uses pattern recognition techniques based on high resolution images of the iris of an individual's eye

17

Related Work

Pattinson Points out the need for direct link between optically scanned card data

and secret keys embedded in e-passports Outlines the privacy problems with-passports readable by anyone

Jacob Discusses issues in e-passport deployment in the Netherlands Highlights the importance of basic access control Investigates the issues surrounding a national database of biometrics

identifiers

Smart Card Research Group at IBM Zurich Demonstrates a Javacard application running on a Philips chip that

performs basic access control and active access control in under 2 seconds

18

E-Passports Security and Privacy Threats

Clandestine scanning

Clandestine tracking

Skimming and cloning

Eavesdropping

Biometric data-leakage

Cryptographic weaknesses

19

Secrecy and Privacy ThreatsClandestine scanning Problem: Baseline ICAO guidelines do not require encryption or authentication between passports and readers

An unprotected chip is subject to short range illegal scanning

Clandestine tracking Problem: The standard for e-passport RFID chips (ISO 14443)

stipulates the emission (without authentication) of a chip ID on protocol initiation

A different ID on every passport (even if data can not be read) could enable tracking the movement of passport holder by unauthorized parties

Skimming and cloning Problem: Baseline ICAO regulations require digital signatures on e-

passport data

Digital signatures allow the reader to verify that data came from the correct passport issuing authority

No defense against cloning because the digital signatures do not bind the data to a particular passport or chip

20

Secrecy and Privacy ThreatsEavesdropping

Problem: Faraday cages do not prevent eavesdropping on legitimate passport to reader communications

Function creep e-passports will be used in new areas like e-commercefeasibility may be feasible at a longer distance

Detection difficulty in passive do not involve powered signal emission

Faraday cages (a metallic material in the cover or holder ) prevent penetration of RFID signals

Biometric data –leakageProblem: Baseline ICAO regulations require digitized headshots (Secrecy needed for

authentication)

Automation required with e-passports and physical environment is not strictly controlled

Cryptographic weaknessProblem: ICAO guidelines include an optional mechanism for authenticating and encrypting

pass-port-to-reader communications

No mechanism to revoke access once a reader knows the k key K key allows passport to talk to legitimate reader before releasing RFID tag

informationK key used to encrypt all data transmitted between the passport and the reader

21

E-passport Threats Data leakage threats: skimming-covert reading of contents

Installation of RFID readers in doorways Security checkpoint

airport sporting event concerts

Clandestine readers : resemble anti-theft gates shops entrances to buildings

Identity Theft: new identity or fake documents photograph, name, birthday, social security card

Tracking and Hotlisting: Tracking: static identifier track movement of RFID device Hotlistings: target specific individuals

RFID enabled bomb keyed on collision avoidance UID Unattended triggering Comprehensive targeting

22

Biometric Threats

Automation Human oversight Opportunity for spoofing authentication system

Spillover Compromised data one system threaten integrity of unrelated ones

Special properties Passport photos Image Quality

Higher quality than the image an attacker may produce Forgery

Spoof face-recognition systems

23

Cryptography in E-passports

Pano Elenis

ICAO Specifications

24

The ICAO Specifications

• One mandatory cryptographic feature:

• Passive authentication– Data on e-passport signed by issuing nation– Permitted algorithms: RSA, DSA and ECDSA– Only demonstrates that data is authentic– Does not prove that container for data is

authentic (i.e. the passport)

25

The ICAO Specifications

• Two optional cryptographic features for improved security:

• Basic Access Control and Secure Messaging– Ensures that data is only ready by authorized RFID

readers– Stores a pair of secret cryptographic keys (KENC, KMAC)

• Active Authentication– Anti-cloning feature– Relies on public-key cryptography

26

Basic Access Control

• When a reader attempts to scan, a challenge-response protocol is engaged

• Proves knowledge of (KENC, KMAC) keys Upon successful authentication, a session key is derived and the passport releases its data

• KENC and KMAC are derived from optically scannable data printed on the passport– The passport number, the date of birth of the bearer, the

date of expiration of the passport and three check, one for each of the three preceding values.

27

Key Establishment Mechanism 6

• Keying and Nonce

• Concatenation

• Encrypt

• Checksum

• Random nonce

• Checks MAC and decrypts

• Keying material

• Concatenation

• Encrypt

• Checksum

28

Encryption and Decryption

• Two key 3DES in CBC mode with:

• Zero IV (i.e. 0x00 00 00 00 00 00 00 00) according to ISO 11568-2

29

Retail Message Authentication Code

• Cryptographic checksums are calculated using ISO/IEC 9797-1 MAC algorithm 3 with:

• Block cipher DES• Zero IV (8 bytes)• ISO9797-1

padding method 2.

30

Basic Access Control Shortcomings

• Entropy of key is too small– ICAO PKI Technical Report warns that entropy key is at

most 56 bits– Some of these bits may be guessable in some

circumstances• A single fixed key is used for the lifetime of the e-

passport– Impossible to revoke a reader’s access to the e-passport

once it has been read– Databases of keys may be inadvertently compromised

• Basic Access Control is still better than no encryption at all

31

Active Authentication

• Anti-cloning feature• Does not prevent unauthorized parties

from reading e-passport contents• Relies on public-key cryptography• Proves that e-passport has possession of a

private key• The corresponding public key is stored as

a part of the signed data on the passport

32

Active Authentication Mechanism

• Random nonce

• Verifies signed message with passport’s public key

• Random nonce

• Concatenation

• Signs X with private key with ISO 9796-2 padding

ISO/IEC 7816 Internal Authenticate mechanism

33

Active Authentication

• Public-key must be tied to specific e-passport and biometric data to avoid man-in-the-middle attacks

• Every reader capable of Active Authentication and is compliant with the ICAO specifications must also have hardware capability for Basic Access Control

• Deployments that neglect this part will open themselves to a risk of cloned e-passports

34

Active Authentication Issues

• The certificate required for verifying Active Authentication also contains enough information to derive a key for Basic Access Control

• When used with RSA or Rabin-Williams signatures, responses can be distinguished

• As a result, tracking and hotlisting attacks are possible even if Basic Access Control is in use

• It is recommended that Active Authentication be carried out only over a secure session after Basic Access Control has been employed and session keys derived.

35

Cryptographic measures in planned deployments

• A Federal Register notice dated February 18, 2005 provides a number of details on U.S. e-passport plans

• The Federal notice offers three reasons for the decision not to implement Basic Access Control– The data stored in the chip is identical to the data printed in the

passport

– Encrypted data would slow entry processing time

– Encryption would impose more difficult technical coordination requirements among nations implementing the e-passport system

• Faraday cages will enough to prevent eavesdropping

36

Flaw in Federal notice reasoning

• Reason 3 is flawed because all the data required to derive keys for Basic Access Control on the data page, no coordination amongst nations is required

• Faraday cages are not sufficient to protected against unauthorized eavesdropping

• Lack of Basic Access Control means that any ISO 14443 compliant reader can easily read data from the e-passport

• Original deployment choices of the U.S. puts e-passport holder at risk for tracking, hotlisting and biometric leakage

37

Planned Deployments

• Malaysian identity cards/passports are not compliant as it predates ICAO standards

• Other nations may or may not meet the United Stats mandate for deployment in 2005

• Due to complaints from several countries, the deadline as been extended from October 2005 to October 2006

38

Strengthening Today’s E-passports

• Faraday cages– Simple measure to prevent unauthorized readings (skimmings)

– Materials such as aluminum fiber can block RF signals

– Does not prevent an eavesdropper from snooping on a legitimate reading

– Faraday cages were deprecated in favor of Basic Access Control because they do not prevent eavesdropping.

39

Strengthening Today’s E-passports

• Larger secrets for Basic Access Control– Long term keys only contain 52 bits of entropy

– Brute-force attack

– The addition of a 128-bit secret, unique to each passport, would strengthen the resistance to brute-force attacks

• Private collision avoidance– The collision avoidance protocol in ISO 14443 uses an UID

– Care must be taken that each UID read is different and that UIDs are unlinkable across sessions

– A countermeasure would be to pick a new random identifier on every tag read

40

Strengthening Today’s E-passports

• Beyond optically readable keys– Current ICAO approach ties neatly together with

physical presence and the ability to read biometric data

– Might not be possible for next-generation ID cards

– Important to create a keying mechanism that limits a reader’s power to reuse secret keys and a matching authorization infrastructure for e-passport readers

41

Future Issues in E-passports

• Visas and writeable e-passports– Upon the acceptance of e-passports, there will be the

desire to support visas and other endorsements

– Being that multiple RFID chips may interfere with each other, the feasibility to include a new RFID tag with each visa stamp may not be possible

– Instead, all the data would have to be stored on the same chip as the passport data

– Requires the ability to write data after issuance

42

Future Issues in E-passports

• A simple first attempt at visas on e-passports:– An area specified as append-only memory for visas

– Visa would be named by e-passport and signed by issuing government

– Could possibly include “sanity checks” to ensure a visa is properly signed and names the correct e-passport before committing it to the visa memory area

43

Future Issues in E-passports

• Another thing to consider is that some travelers do not want border control to know where they’ve traveled– For example, most Arab countries will refuse entry to

holders of passports which bear Israeli visas– The previous example is considered a legitimate reason,

but someone entering the United States from Canada may be harboring terrorists

– It may be hard in the future to determine the legitimate reasons from the illegitimate, but preventing illegitimate visa removals will become a goal of future visa-enabled e-passports

44

Future Issues in E-passports• Function creep

– Passports might some day come to serve as authenticators for consumer payments or mass transit passes

– Has the ability to undermine data protection features as it will spread bearer data more widely among divergent systems

– May lead to consumer convenience (i.e. removal of optical scanning and faraday-cage use)

– Unless new privacy features are added, it is conceivable that an e-passport can reveal a great deal of private information

– For example, an age check at a bar can also leak information about their passport number, place of birth, and possibly elements of their travel history

– Web cookies are an instructive example of function creep

45

Conclusion

• The secrecy requirements for biometric data imply that unauthorized reading of e-passport data is a security risk as well as a privacy risk

• At a minimum, a Faraday Cage and Basic Access Control should be used in ICAE deployments to prevent unauthorized remote reading of e-passports.

• Because the U.S. deployment uses Active Authentication, readers are required to include the capability to optically scan e-passports. This capability is sufficient for Basic Access Control and would therefore require no change or coordination with other nations to implement it.

• Today’s e-passports deployments are just the first wave of next-generation identification devices

46

Current News

• 27 countries participating in the Visa Waiver Program:– Andorra, Australia, Austria, Belgium, Brunei,

Denmark, Finland, France, Germany, Iceland, Ireland, Italy, Japan, Liechtenstein, Luxembourg, Monaco, the Netherlands, New Zealand, Norway, Portugal, San Marino, Singapore, Slovenia, Spain, Sweden, Switzerland and the United Kingdom.

47

Current News

• According to a statement released by the Department of State on August 14, 2006, the issuance of e-passports to the public begins today

• Production has started at the Colorado Passport Agency and will be expanded to other production facilities over the next few months

• Consistent with globally interoperable specifications adopted by the International Civil Aviation Organization (ICAO), this next generation of the U.S. passport includes biometric technology

• A contactless chip in the rear cover of the passport will contain the same data as that found on the biographic data page of the passport (name, date of birth, gender, place of birth, dates of passport issuance and expiration, passport number), and will also include a digital image of the bearer’s photograph

48

Current News

• The Department of State has employed a multi-layered approach to protect the privacy of the information – Metallic anti-skimming material incorporated into the front

cover and spine of the e-passport book prevents the chip from being skimmed, or read, when the book is fully closed

– Basic Access Control (BAC) technology, which requires that the data page be read electronically to generate a key that unlocks the chip, will prevent skimming and eavesdropping

– A randomized unique identification (RUID) feature will mitigate the risk that an e-passport holder could be tracked. To prevent alteration or modification of the data on the chip, and to allow authorities to validate and authenticate the data, the information on the chip will include an electronic signature (PKI)

49

Current News

• The Electronic Passport Logo– Will be displayed at border inspection lanes and

transit ports equipped with special data readers

50

Current News

• Hackers Clone E-Passports– Successfully cloned to a blank RFID tag– Not possible to change data on the chip without

being detected– Due to cryptographic hashes that authenticate

data

51

Passport Front Cover

52

Inside Cover and First Page

53

Data and Signature Pages

54

Visa Pages

55

Visa Pages

56

Old and New Passport

57

References

• http://travel.state.gov/passport/eppt/eppt_2788.html

• http://www.state.gov/r/pa/prs/ps/2006/70433.htm

• http://travel.state.gov/passport/eppt/eppt_2502.html

• http://www.infoworld.com/article/05/10/26/HNrfidpassport_1.html

• http://www.dhs.gov/xnews/releases/pr_1160497737875.shtm

• http://www.icao.int/mrtd/Home/Index.cfm

• http://www.wired.com/news/technology/0,71521-0.html?tw=rss.index

• http://http.cs.berkeley.edu/~daw/papers/epassports-sc05.pdf

• http://en.wikipedia.org/wiki/RFID

• http://www.aware.com/products/compression/icaopack_gg.html