An insight into the E-Passport, aka Biometric Passport, the need for biometrics in travel documents, the ICAO regulations governing the information contained in the electronic chip, RFID technique, Privacy threats in the current design.
2. • Conventional travel documents Low Technology
• Hard to copy/forge, printed paper with ID picture
3. • ICAO attempts to develop Biometric Passport
since 1968.
• Discrete Machine Readable Zone (MRZ)
containing little information.
• Aims at speeding information at borders.
4. Addition of machine readable
information on the cards since 1980
---Biometric main attraction
--ICAO Standard released in 2004
5. • Becoming the base for secure authentication of personal
identity
• Many countries started to issue E-passports with an embedded
chip containing biometric data
• MRZ (introduced in 1980) contains two machine readable lines
at the bottom of the identity page of passport.
• The latest biometric standardized contains biometric features
such as fingerprint, facial and iris recognition and enhances
the security mechanisms.
6. Minimal Requirements in ICAO Standard
Machine-Readable Travel Documents (MRTD) must
provide
• facial image
• a digital copy of the MRZ, and
• to have them digitally signed by the issuing
country.
The preferred platform is a contactless IC chip based
on RFID technology.
7. Logical Data Structure for MRTD
Logical Data Structure (LDS) ----> for global interoperability
• ICAO guideline on how data should be stored in a microchip
• Data Group (DG) -- for grouping & collecting logical data into
LDS
• ICAO guideline divides
• Data elements into 19 groups and
• LDS into three parts
“Mandatory” Data Elements
“Optional” Data Elements
8. :::Mandatory:::
• Data defined by the issuing state or organization.
• Includes the details recorded in the MRZ such as
• Passport Number,
• Passport Bearer’s Name,
• Nationality,
• Date of Birth,
• Date of Expiry of passport,
• Encoded facial biometric image &
• Checksum of individual data elements which are used
for deriving the session key.
9. :::Optional:::
• Data defined by the issuing state or organization.
• Includes
• Encoded identification features (face, finger and eye),
• Displayed identification features (digital signature), &
• Encoded security features (contact details, proof of
citizenship and endorsements).
• Details for automated border clearance,
• Electronic visas,
• Other travel records.
11. Biometric passport = E-passport
Paper & electronic identity credential
Contains biometrics features for authentication of travellers
Contains chip & antenna enclosed in front/back/central page
Chip storing the user’s information
Also contains biometric identifiers [depending on various
countries choice and technical evolution]
• Recommended file formats & communication protocols
followed
•
•
•
•
•
•
13. Working Mechanism of Biometric Passport
Border/Immigration officer uses MRZ reader to scan the MRZ part of
e-passport to retrieve the embedded information.
||
Then, the stored information is obtained from the contact less chip by
putting the e-passport near to e-passport reader.
||
Finally, verification of data is performed using PA, BAC mechanism for
data encryption and integrity verification using either passive or
active authentication. PA is compulsory where as BAC and AA are
optional.
14. Special Properties of E-Passport
• Biographical information and biometric information are securely
stored which are identical to the information in the passport.
• Contactless chip technology that lets the stored information to
be retrieved by chip readers at a close distance.
• Digital signature technology for verification of authenticity of the
data stored on the chip.
15. RFID chips are being used everywhere such as tracking animals, inventory tracking devices, to start
cars,
ESPECIALLY IN E-PASSPORTS
19. ICAO Definition: MRTD has a contactless IC imbedded in it that can be
used for biometric identification of the holder.
Hence, MRTDs shall carry the specified symbol
21. • E-passport guarantees confidentiality, consistency and authenticity of
information based on some cryptographic tools.
• Wireless transmission of data in RFID makes it is vulnerable to an attack
from a distance.
• Attacks possible at communication network, chip or at backend system.
• Most common attacks:
• Eavesdropping,
• Reverse Engineering,
• Clandestine Scanning and Tracking,
• Cloning,
• Biometric Data-Leakage,
• Cryptographic Weaknesse &
• Skimming.
22. September 11, 2001
Global warning to handle & review
the security and border control
issues in practice
23. EAVESDROPPING
Attacker secretly listens to the communication link and
intercepts the information by using unauthorized device
during the communication between chip and legitimate
reader
-----Passive attack
-----Very hard to acknowledge because there is no emission of
powered signals
-----Attacker can eavesdrop up to at least of 2 meters
24. REVERSE ENGINEERING
The process of taking the technological principles of a
device, object or system apart to figure out how it works----Attacker can reverse engineer if he/she has the sound
technical knowledge & has access to equipment not
commonly found in commercial market
25. CLANDESTINE SCANNING AND TRACKING
Scanning: The secret way of reading the electronic data of
an identity card without the permission of the card holder
-----Tracking: Ability to locate an individual and it can easily
reveal the location privacy
-----Clandestine tracking more harmful than scanning
-----Faraday cage has been suggested to protect e-passports
26. CLONING
The way of acquiring the data from an authorized identity
card and making an unauthorized copy of the captured
sample in a new chip
-----Active authentication as the counter measure for cloning
threat.
-----Can be bypassed by amending the EF.COM file of the
passport chip.
27. BIOMETRIC DATA-LEAKAGE
If the biometric data are compromised, replacement is not
possible
-----One of the technics to increase data security is to use
data-hiding
-----Watermarking-based multimodal biometric approaches are
widely used
28. CRYPTOGRAPHIC WEAKNESSES
A new scheme for preserving authentication based on
fingerprints that uses ElGamal cryptosystem for biometric
comparison in encrypted domain
-----No facility for key sharing and only used for authentication
-----Authentication protocol based on elliptic curve
cryptography more theoretical without experimental
evaluation
-----Some weakness on cryptography relied by ICAO
29. SKIMMING
The act of obtaining encoded data without the consent of
users by using electronic storage device
-----Data retrieved by beaming power at the passport within a
few inches or at most a few feet
-----If the reader broadcasts the signal with high power the
range can be extended
30. The ways of attacks to the system must be understandable by
showing a generic biometric system model and its different
modules.
31. • ICAO standards specify cryptographic measures & control
techniques to be implemented in e-passport.
• One mandatory cryptographic feature & five optional advanced
security methods.
Stored data integrity in the LDS and SOD verified & authenticated by
PASSIVE AUTHENTICATION (PA).
ACTIVE AUTHENTICATION (AA) is an optional security feature
depending on public key cryptography to protect the chip against
modification or cloning.
32. Basic Access Control (BAC) as an optional feature against data
skimming and misuse.
Extended Access Control (EAC) adds functionality to terminal
authentication & chip authentication to prevent unauthorized
access to additional biometrics
Cryptography Threats: The recommended minimal key lengths
have been chosen so that breaking those keys requires a certain
effort, independent of the chosen signature algorithm.
Cryptographic Threats
33. • ICAO standard allows an additional security access mechanism to meet data
protection requirements & to enhance privacy of additional biometric data
(such as fingerprints and iris identifiers).
• Addition of metallic shield to cover e-Passport to prevent skimming and BAC
to prevent unauthorized readers from accessing the chip was implemented.
• These properties will make attacker more difficult to modify the stolen or
lost passports as the new name and information would differ from the
information on the RFID tag.
• All e-passports issued must follow ICAO standards.
• However, countries implement e-passport programs according to their
specific policies and are free to implement different options specified in the
standard.
• Because of this, there are some differences on implementation of epassports among several countries even though they all confirm to the ICAO.
34. • The US State Department specified that new US passports would increase
the available memory from 32 kilobytes to 64 kilobytes apparently to
reserve for some more biometric characteristics.
• The State Department also made compulsory rule for using the metallic
layer to cover the passport.
• The idea of using the metallic shield is a good concept but it does not
provide a complete solution.
• Since, passports are used for personal identification all over the world, one
need to open it which makes the exposition of RFID.
• Multimodal Biometric features are useful and widely used for
authentication process, but misuse of these features can make severe loss
of vital private information.
• Several technologies are implemented in order to prevent from security
threats, among them Biometrics is proved to be more secure than others.