30 Hits in 3.6 sec

E-Passport: Cracking Basic Access Control Keys [chapter]

Yifei Liu, Timo Kasper, Kerstin Lemke-Rust, Christof Paar
On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and IS  
In this paper, we present the first hardware implementation for cracking Basic Access Control (BAC) keys of the e-passport issuing schemes in Germany and the Netherlands.  ...  Since the introduction of the Machine Readable Travel Document (MRTD) that is also known as e-passport for human identification at border control debates have been raised about security and privacy concerns  ...  We would like to thank Tim Güneysu and Martin Novotný for their helpful and detailed explanation of how to use the key search machine COPACOBANA.  ... 
doi:10.1007/978-3-540-76843-2_30 dblp:conf/otm/LiuKLP07 fatcat:474yjgpudjgundr2lh5kk7plau

A Traceability Attack against e-Passports [chapter]

Tom Chothia, Vitaliy Smirnov
2010 Lecture Notes in Computer Science  
Since 2004, many nations have started issuing "e-passports" containing an RFID tag that, when powered, broadcasts information.  ...  this paper we show that there is a flaw in one of the passport's protocols that makes it possible to trace the movements of a particular passport, without having to break the passport's cryptographic key  ...  Read access to the data on the passport is protected by the Basic Access Control (BAC) protocol.  ... 
doi:10.1007/978-3-642-14577-3_5 fatcat:3unzo4qd6bgzrbbuz3gropfzbq

Novel Approach for E-passport Authentication using Elgamal Cryptosystem

Anurag Singh Tomar, Sumit Kumar, Sandip K Chaurasiya, Vanshika Shrivastava
2018 International Journal of Security and Its Applications  
Overall, it proves that it is a better security mechanism in the case of E-passport.  ...  E-passport. This passport consists of a Radio Frequency Identification chip which stores all the information of visiting passenger as well as user's biometric information.  ...  E-passport, smart card and tmis environment.  ... 
doi:10.14257/ijsia.2018.12.2.03 fatcat:fp2peojbrvc7jfy7ewktsoapsa

Incorporating Iris, Fingerprint and Face Biometric for Fraud Prevention in e-Passports Using Fuzzy Vault

Khaled Ahmed Nagati, Katarzyna Bobkowska, Marek Przyborski
2019 IET Image Processing  
A unified framework which provides a higher security level to e-passports is proposed. This framework integrates face, iris and fingerprint images.  ...  Pattinson in [8] outlined the privacy problems of e-passports that may be readable by anyone and argued for basic access control (BAC).  ...  information is not enough to compromise the security of the e-passport as long as the attacker has no access to the finger of the e-passport holder.  ... 
doi:10.1049/iet-ipr.2019.0072 fatcat:yf4mcjnypzeafcyzad2ivg3le4

Security and Privacy in RFID Applications [chapter]

Pawe Rotter
2009 Development and Implementation of RFID Technology  
At the moment, Basic Access Control seems to be a weak point in e-passport security.  ...  In some other applications, this link is fixed and defined in the system -like e-Passports, payment systems, (e.g. Speedpass) and personal tokens for access control.  ... 
doi:10.5772/6527 fatcat:d5dqkchcuvdf7f2e7bw7vo3ziq

Security assessment of the Spanish contactless identity card

Ricardo Julio Rodríguez, Juan Carlos Garcia-Escartin
2017 IET Information Security  
In particular, we evaluated the security of one of the contactless access protocol as implemented in the contactless Spanish identity card, and found that no defenses against on-line brute-force attacks  ...  An FPGA implementation to crack BAC keys (mainly for German and Netherlands e-passports) was introduced in [21] .  ...  Basic Access Control Protocol The Basic Access Control (BAC) protocol is included in Document 9303 [28], promoted by the International Civil Aviation Organization (ICAO), as a control mechanism to access  ... 
doi:10.1049/iet-ifs.2017.0299 fatcat:3zdb5zhibnawddjypsqcbytst4

Enhanced Functionality Brings New Privacy and Security Issues – An Analysis of eID

Tamás Szádeczky
2018 Masaryk University Journal of Law and Technology  
For the access to the data page, the Basic Access Control (BAC) method is used.  ...  The e-Passport will only send stored data to the reader at radio frequency after getting this access key. The physical access to the card is proven this way.  ... 
doi:10.5817/mujlt2018-1-1 fatcat:kgy37zljzrddldtyvtsaizz7am

Cryptanalysis with COPACOBANA

Tim Güneysu, Timo Kasper, Martin Novotný, Christof Paar, Andy Rupp
2008 IEEE transactions on computers  
We describe various exhaustive key search attacks on symmetric ciphers and demonstrate an attack on a security mechanism employed in the electronic passport (e-passport).  ...  This is particularly useful for deriving estimates about the longevity of asymmetric key lengths.  ...  Current realizations of the basic access control (BAC) that shall prevent unauthorized access to the data stored on e-passports deploy symmetric cryptography based on SHA-1 and Triple Data Encryption Standard  ... 
doi:10.1109/tc.2008.80 fatcat:pl4gthjisjgond3au5qrracuju

RFID Technology, Security Vulnerabilities, and Countermeasures [chapter]

Qinghan Xiao, Thomas Gibbons, Herv Lebru
2009 Supply Chain the Way to Flat Organisation  
Access control has been among the most common applications of RFID technology because RFID badges provide many advantages over traditional access control badges, including fast access, durability  ...  Considering privacy issues related to the biometric e-passport, it may be possible for an attacker to gain access to the chip and read its memory contents optically to retrieve the PIN, biometric data,  ...  in SCM, SCM modeling and control, and number of emerging trends and issues.  ... 
doi:10.5772/6668 fatcat:vopadtcnfvhndmflyakqs2nphy

A threat analysis of RFID passports

Alan Ramos, Weina Scott, William Scott, Doug Lloyd, Katherine O'Leary, Jim Waldo
2009 Communications of the ACM  
The basic access-control system of a U.S passport encrypts communication between it and the RFID reader with a key generated from information written on the passport; the key containing the holder's information  ...  EasyPass, a new automated border control system at Frankfurt international airport, scans passenger biometric data and compares it to data from the person's e-passport. practice has to be interpreted at  ... 
doi:10.1145/1610252.1610268 fatcat:acp552nnuzdghcoj2aicyskmne

TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices without Clocks

Amir Rahmati, Mastooreh Salajegheh, Daniel E. Holcomb, Jacob Sorber, Wayne P. Burleson, Kevin Fu
2012 USENIX Security Symposium  
proof-of-concept implementations that use the TARDIS to enable privacy-preserving RFID tags, to deter double swiping of contactless credit cards, and to increase the difficulty of brute-force attacks against e-passports  ...  Key challenges to implementing a practical TARDIS include compensating for temperature and handling variation across hardware.  ...  Epassports are protected with techniques such as the Basic Access Control (BAC) protocol, shielding, and passive authentication. However, in practice, e-passports are not fully protected.  ... 
dblp:conf/uss/RahmatiSHSBF12 fatcat:2y6ov5vwkveupjozpc3q2be7xi

Introduction from the editors [chapter]

Peter H. Cole, Damith C. Ranasinghe
2008 Networked RFID Systems and Lightweight Cryptography  
Machine readable travel documents (MRTD) comprise e-passports, visas and special purpose ID/border-crossing cards.  ...  Moreover, those authors concluded that the e-passports do not provide sufficient protection for their biometric data.  ... 
doi:10.1007/978-3-540-71641-9_1 fatcat:mwdkaywdnbbh7hke2cehb6n57m

Evaluation of Users' Knowledge and Concerns of Biometric Passport Systems

Taban Habibu, Edith Talina Luhanga, Anael Elikana Sam
2019 Data  
of e-passport services.  ...  The use of Basic Access Control (BAC) for example requires the reader to provide a key, which is obtained from the Machine-Readable Zone (MRZ) of the passport.  ... 
doi:10.3390/data4020058 fatcat:4dti6w3svjc75ekvzcy5yoqirq

Strong and Robust RFID Authentication Enabling Perfect Ownership Transfer [chapter]

Chae Hoon Lim, Taekyoung Kwon
2006 Lecture Notes in Computer Science  
Furthermore, RFID tags may often change hands during their lifetime and thus the problem of tag ownership transfer should be dealt with as another key issue in RFID privacy problems; once ownership of  ...  The U.S. government also has mandated adoption by Oct 26, 2006 of e-passports (biometrically-enabled RFID tags) by the 27 countries in the Visa-Waiver Program [16] .  ...  The basic idea of the scheme is to use a one-way key chain to evolve a tag secret in response to every query request.  ... 
doi:10.1007/11935308_1 fatcat:xblwtnbzqzbhxaomoe4sgfvjna

EPC RFID tag security weaknesses and defenses

Karl Koscher, Ari Juels, Vjekoslav Brajkovic, Tadayoshi Kohno
2009 Proceedings of the 16th ACM conference on Computer and communications security - CCS '09  
Juels, Molnar, and Wagner [21] evaluate the security implications of e-passport cloning. E-passports differ from Passport Cards in that they perform cryptographic authentication.  ...  RFID tags saw their first prominent appearance in identity documents as additions to e-passports.  ... 
doi:10.1145/1653662.1653668 dblp:conf/ccs/KoscherJBK09 fatcat:snutwhcswncc3jfn7do36rwaeu
« Previous Showing results 1 — 15 out of 30 results