UW Computer Security Research and Course Blog

I recently had to get a new passport; one with a computer chip, and a handy brochure touting why it was so great, and how I was protected by “two tier system.”  This post is to analyze these “Biometric Passports,” their current defenses, as well as possible security vulnerabilities and possible repercussions of their use.  Can anyone say people tracking?

Summary:

Passports with embedded biometric data are on the rise in several countries around the world, including the US, UK, India, Malaysia, and other countries with the US pushing for worldwide standards. The goals of the system are for greater security and more rapid entry across borders. This is accomplished by allowing the biometric data to confirm the printed data, and allowing touch-free data collection.

The passports work by embedding data, such as name, photo, and even in the case of the UK passports, fingerprints on an RFID chip in the passport. The chips used in the US passports use approximately 64kb of EPROM to store data, plenty of space for further expansion. The RFID chip can be read, according to the ACLU by a reader up to 30 feet away.

Assets:

· Passport holder data should only be recorded and stored by authorized readers such as at port of entry

· Data should not be modified for nefarious purposes
Potential Adversaries:

· Forgers or criminals who want to make false passports.

· Malicious individuals wishing to deny service to passport holders can erase EPROM data.

· Espionage agents, either corporate or national, trying to track the passport holder.

Weaknesses:

· RFID chips can be recorded from readers many feet away, and not necessarily authorized readers by scrupulous individuals.

· EPROM chips can be erased using UV light or other phenomenon which can occur naturally or unnaturally (sticking it in the microwave evidently works).

Potential Defenses:

· Encryption of data. The encryption would allow only readers equipped to decrypt the data to gain access, at least until someone broke the encryption.

· Shielding the RFID to prevent it from being read when unopened. The US passports currently do this, but all shielding is lost once the passport is opened.

· Weakening the RFID signal so it can only read by a nearby reader.

· Making it difficult to gain physical access to the chip by embedding it deep in the passport (instead of the back cover like it is now).

Evaluation and Conclusion:

One thing that needs to be considered is how important is it to protect the data on the RFID chips? The US’s goal is to leave the data unencrypted so that the readers would be more affordable to poorer countries. This might seem like a major security risk, but their argument is that the data on the chips is exactly the same thing as the printed data in the passport, which often is shared everywhere such as travel agents and hotels. Merely having this data would not allow a forger to make a passport, they would have to physically duplicate the original passport which are rapidly becoming in even more sophisticated in their use of watermarks. This is not to say the data can be used for other nefarious purposes, unrelated to forgery.

Erasing the data on the passports is unlikely because it would require a considerable amount of time in direct contact with the passport, but it should be considered as a potential problem. Fortunately, all countries that currently utilize these types of passport continue to accept the document even with a malfunctioning chip.

I think more worrisome is the ability to track the whereabouts of people by using readers in strategic locations. It would appear to be a gross violation of one’s civil rights of privacy, especially if utilized by the CIA, FBI, or even nongovernmental agency. I think it would be worthwhile to ensure that the proximity required to read the data was reduced.

Sources:

Christine Boese. “Passport chips raise privacy concerns.” CNN Headline News. 6 January 2005. http://www.cnn.com/2005/TECH/01/06/passports/index.html

Bruce Schneier. “The ID Chip You Don’t Want in Your Passport.” The Washington Post. 16 September 2006. http://www.washingtonpost.com/wp-dyn/content/article/2006/09/15/AR2006091500923.html