Security and Privacy Issues in E-passports

Ari Juels∗, David Molnar†, and David Wagner‡

Abstract

Within the next year, travelers from dozens of nationsmay be carrying a new form of passport in response to amandate by the United States government. Thee-passport,as it is sometimes called, represents a bold initiative inthe deployment of two new technologies: Radio-FrequencyIdentification (RFID) and biometrics. Important in theirown right, e-passports are also the harbinger of a waveof next-generation ID cards: several national governmentsplan to deploy identity cards integrating RFID and biomet-rics for domestic use. We explore the privacy and secu-rity implications of this impending worldwide experimentin next-generation authentication technology. We describeprivacy and security issues that apply to e-passports, thenanalyze these issues in the context of the International CivilAviation Organization (ICAO) standard for e-passports.

1 Introduction

Major initiatives by the United States and other govern-ments aim to fuse Radio Frequency Identification (RFID)and biometric technologies in a new generation of identitycards. Together, RFID and biometric technologies promiseto reduce fraud, ease identity checks, and enhance security.At the same time, these technologies raise new risks. Weexplore the privacy and security implications of this world-wide experiment with a new type of authentication plat-form, with particular attention to its deployment in pass-ports.

As part of its US-VISIT program, the United Statesgovernment has mandated adoption by October 2006 ofbiometrically-enabled passports by the twenty-seven na-tions in its Visa-Waiver Program (VWP), among themJapan, most of the nations of Western Europe, and a hand-ful of others1. By the end of 2005, all passports produced inthe U.S. will carry biometric information. These passports

∗RSA Laboratories, ajuels@rsasecurity.com†UC-Berkeley, dmolnar@eecs.berkeley.edu‡UC-Berkeley, daw@eecs.berkeley.edu1The deadline was originally October 2005, but it was extended after

European nations protested [32].

are based on guidelines issued by the International CivilAviation Organization (ICAO), a body run by the UnitedNations with a mandate for setting international passportstandards [19]. The ICAO guidelines, detailed in ICAODocument 9303, call for incorporation of RFID chips, mi-crochips capable of storing data and transmitting it in awireless manner, into passports. (In this paper we refer tothe ICAO guidelines as a ‘standard.’ They are certainly ade facto standard but not a ratified standard.) Such chipswill be present in initial deployments of biometrically en-abled United States passports, and in the biometrically en-abled passports of other nations as well. Next-generationpassports, sometimes callede-passports, will be a promi-nent and widespread form of identification within a coupleof years.

The ICAO standard specifies face recognition as theglobally interoperable biometric for identity verification intravel documents. Thus e-passports will contain digitizedphotographic images of the faces of their bearers. Thestandard additionally specifies fingerprints and iris data asoptional biometrics. The US-VISIT program in fact re-quires visitors to provide two fingerprint images in addi-tion to a headshot. The ICAO standard also envisions thate-passports will someday include a write capability for stor-age of information like digital visas.

Interestingly, one nation has already deployed e-passports in a project pre-dating the ICAO standard. Since1998, Malaysian passports have included a chip containingan image of a thumbprint of the passport holder; a secondgeneration of e-passports rolled out in 2003 that containsextracted fingerprint information only. When flying throughKuala Lumpur International Airport, a Malaysian citizenpasses through an automated gate that reads the thumbprintfrom the chip and compares it to the thumb pressed on ascanner. Today, over 5,000,000 first generation and 125,000second generation e-passports are in circulation.

While e-passports are important in their own right, theyalso merit scrutiny as the harbinger of a wave of a fusionof RFID and biometrics in identity documents. Anothernext-generation ID card slated for deployment in the nearfuture in the United States, for example, is the PersonalIdentity Verification (PIV) card. PIV cards will serve as IDbadges and access cards for employees and contractors of

1

the federal government in the United States. A standard forgovernment ID cards (FIPS 201) is seeing rapid develop-ment by the National Institute of Standards and Technology(NIST). We expect PIV cards will include the same blendof technical mechanisms as e-passports: a combination ofRFID and biometrics. The biometric of choice for PIVcards, however, will probably be fingerprint recognition. Atthe time of writing, the U.S. House of Representatives re-cently passed a bill called the Real ID Act; this seems alikely impetus for states to issue identity cards containingbiometrics, and probably RFID tags as well [29].

The goal of the ICAO and PIV projects is the same:strong authentication through documents that unequivocallyidentify their bearers. Data integrity and physical integrityare vital to the security of ID cards as authenticators. Forauthorities to establish the identity of John Doe with cer-tainty, for example, Doe’s passport must carry a photographof irrefutable pedigree, with a guarantee that no substitutionor tampering has taken place. Without this guarantee, pass-ports can be forged, enabling unauthorized persons to entera country.

Strong authentication requires more than resistance totampering.Data confidentiality, i.e., secrecy of data storedon ID cards, is also critical. Protecting biometric and bio-graphical data is essential to the value and integrity of anauthentication system. In particular, data secrecy affords animportant form of protection against forgery and spoofingattacks. Therefore protecting e-passport data against unau-thorized access is a crucial part of the security of the entiresystem.

Confidentiality protection for stored data is importantfor other reasons as well. Both RFID and biometrics arehighly privacy-sensitive technologies. Sensitive data, suchas birthdate or nationality, are carried on passports. Theprivacy, physical safety, and psychological comfort of theusers of next-generation passports and ID cards will dependon the quality of data-protection mechanisms and support-ing architecture.

We identify security and privacy threats to e-passportsgenerally, then evaluate emerging and impending e-passporttypes with respect to these threats. We primarily analyzethe ICAO standard and the specific deployment choices ofearly adopter nations. Where appropriate, we also discussthe Malaysian e-passport. Here is a summary of the majorpoints we touch on:

1. Clandestine scanning: It is well known that RFIDtags are subject to clandestine scanning. BaselineICAO guidelines do not require authenticated or en-crypted communications between passports and read-ers. Consequently, an unprotected e-passport chip issubject to short-range clandestine scanning (up to afew feet), with attendant leakage of sensitive personalinformation including date of birth and place of birth.

2. Clandestine tracking: The standard for e-passportRFID chips (ISO 14443) stipulates the emission (with-out authentication) of a chip ID on protocol initiation.If this ID is different for every passport, it could en-able tracking the movements of the passport holder byunauthorized parties. Tracking is possible even if thedata on the chip cannot be read. We also show that theICAO Active Authentication feature enables trackingwhen used with RSA or Rabin-Williams signatures.

3. Skimming and cloning: Baseline ICAO regulationsrequire digital signatures on e-passport data. In princi-ple, such signatures allow the reader to verify that thedata came from the correct passport-issuing authority.2

Digital signatures do not, however, bind the data to aparticular passport or chip, so they offer no defenseagainst passport cloning.

4. Eavesdropping: “Faraday cages” are an oft-discussedcountermeasure to clandestine RFID scanning. In an e-passport, a Faraday cage would take the form of metal-lic material in the cover or holder that prevents thepenetration of RFID signals. Passports equipped withFaraday cages would be subject to scanning only whenexpressly presented by their holders, and would seemon first blush to allay most privacy concerns.

Faraday cages, however, do not prevent eavesdroppingon legitimate passport-to-reader communications, likethose taking place in airports. Eavesdropping is partic-ularly problematic for three reasons.

• Function creep: As envisioned in the ICAOguidelines, e-passports will likely see use not justin airports, but in new areas like e-commerce;thus eavesdropping will be possible in a varietyof circumstances.

• Feasibility: Unlike clandestine scanning, eaves-dropping may be feasible at a longer distance—given that eavesdropping is a passive opera-tion [39].

• Detection difficulty:As it is purely passive anddoes not involve powered signal emission, eaves-dropping is difficult to detect (unlike clandestinescanning).

5. Biometric data-leakage: Among other data, e-passports will include biometric images. In accordance

2Digital signatures and indeed, e-passports and secure ID cards in gen-eral do not solve the problem of validatingenrollment. Depending on hownew users are validated, it may be possible to obtain an authentic ID bypresenting inauthentic credentials or through circumventing issuing guide-lines. Indeed, the 9/11 hijackers had perfectly authentic drivers’ licenses.Digital signatures would merely have confirmed their validity. We do nottreat the issue of enrollment here, but note that it is pivotalin any ID sys-tem.

2

with the ICAO standard, these will initially be dig-itized headshots, while thumbprints are used for theMalaysian e-passport. These images would not need tobe secret to support authentication if the physical en-vironment were strictly controlled. However, existingand proposed deployments of e-passports will facili-tate automation, and therefore a weakening of humanoversight. This makes secrecy of biometric data im-portant.

6. Cryptographic weaknesses: ICAO guidelines in-clude an optional mechanism for authenticating andencrypting passport-to-reader communications. Theidea is that a reader initially makes optical contact witha passport, and scans the name, date of birth, and pass-port number to derive a cryptographic keyK with twofunctions:

• It allows the passport to establish that it is talkingto a legitimate reader before releasing RFID taginformation

• It is used to encrypt all data transmitted betweenthe passport and the reader.3

Once a reader knows the keyK, however, there isno mechanism for revoking access. A passport holdertraveling to a foreign country gives that country’s Cus-toms agents the ability to scan his or her passport inperpetuity. Further, we find that the cryptography re-lied upon by the ICAO standard itself has some minorflaws.

Related Work

Existing media stories, e.g., [34], have recognized thefirst three of the points enumerated above. The other issues,more technical in nature, have seen less exposition; the ma-jor previous effort we are aware of is Pattinson’s whitepaperthat outlines the privacy problems with e-passports that maybe readable by anyone and argues, as we do, for Basic Ac-cess Control [31]. Pattinson also points out the need for adirect link between optically scanned card data and secretkeys embedded in an e-passport. He does not, however,consider the issue of biometric data leakage or the cryp-tographic issues we address. Jacobs discusses issues in e-passport deployment in the Netherlands and reports on workwith a prototype Netherlands biometric passport; he high-lights the importance of Basic Access control and also in-vestigates the issues surrounding a national database of bio-metric identifiers [22]. Markus Kuhn suggested the incor-poration of a Faraday cage in e-passports at an ISO/ICAO

3The need for optical scanning of passports seems to negate thebene-fits of wireless communication conferred by RFID. Our supposition is thatICAO guidelines favor RFID chips over contact chips becausewirelessdata transmission causes less wear and tear than physical contact.

meeting in 2002, but the suggestion was overruled at thetime [26]. The smart card research group at IBM Zurich hasdemonstrated a Javacard application running on a Philipschip that performs Basic Access Control and Active Au-thentication in under 2 seconds, showing that these tech-nologies are feasible in practice [17]. Finally, Germany hasreleased an intermediate report from its biometric passportprogram, including results on biometric failure rates andtimes for completing Diffie-Hellman based “Extended Ac-cess Control. [12]”

Organization

In section 2, we provide some basic technical back-ground on RFID and biometrics. We turn in section 3 to adetailed discussion of the data contained in e-passports de-ployments and the risks posed by data exposure. We focuson the ICAO standard and the choices of specific countriesin implementing the standard, and also briefly describe theMalaysian program as an illustration of likely deploymentfeatures. We consider the cryptographic security measuresof the ICAO standard in section 4, illuminating some po-tential weaknesses and discussing the selection of featuresthe United States has made for its US-VISIT program. Insection 5, we sketch a few countermeasures to the secu-rity weaknesses we highlight. We discuss security issueslikely to arise in future e-passport and ID-card systems insection 6. We conclude in section 7 with summary recom-mendations for improved e-passport deployment and withpointers to ID projects with similar underpinnings.

2 Technical Background

2.1 RFID in brief

The term Radio Frequency Identification (RFID) hascome to stand for a family of technologies that communi-cate data wirelessly from a small chip, often called a “tag,”to a reading device. The ICAO specification for e-passportsrelies on the International Organization for Standardization(ISO) 14443 standard, which specifies a radio frequency of13.56MHz. Tags in the ISO 14443 standard arepassive,meaning that they carry no on-board source of power, andinstead derive power indirectly from the interrogating signalof a reader. The intended read range of tags in this standardis about 10 centimeters.

Because WalMart, the U.S. Department of Defense, andothers have received much attention for their RFID deploy-ments, we stress that the RFID used for e-passports is notthe same as the RFID used by WalMart and others for sup-ply chain management. Supply chain tags are designed tobe as simple and cheap as possible, with no support for

3

cryptography and minimal additional features beyond hold-ing a single identifier. For example, the only privacy featurein the tags specified by the industry body EPCglobal is aspecial “kill” command that renders the tag permanently in-operative. These supply chain tags operate at a frequency of915MHz and have an intended read range of five meters. Incontrast, e-passport RFID devices have a shorter intendedread range, and they include other features such as tamperresistance and cryptography.

We writeintendedread range to mean the ranges achiev-able with vendor-standard readers. An adversary willing tobuild its own readers may achieve longer read ranges, es-pecially if it is willing to violate applicable laws regulatingradio devices. It may also be possible to eavesdrop on a con-versation between a legitimate reader and an RFID tag overa greater distance than is possible with direct scanning. E-passport trials held in October 2004 reportedly showed thepossibility of eavesdropping from a range of 30 feet [39].Others have shown how relay devices can be used to readISO 14443 chips, the kind used in e-passports, from evengreater distances [25].

We note that less public information is available aboutdirect read (skimming) range of ISO 14443 devices. At theComputers, Freedom, and Privacy conference, the Amer-ican Civil Liberties Union gave a demonstration of an e-passport with a 3-foot read range. This was widely re-ported as using an ISO 14443 device [15]. Unfortunately,the demonstration in fact employed a 915MHz EPC tag, forwhich a 3-foot read range is expected [35]. Simulationsby Kfir and Wool suggest that the distance may be closerto 40-50cm, depending on whether the adversary employshardware error-correction techniques [25].

2.2 Biometrics in brief

Biometric authentication is the verification of humanidentity through measurement of biological characteristics.It is the main mechanism by which human beings authenti-cate one another. When you recognize a friend by her voiceor face, you are performing biometric authentication. Com-puters are able to perform very much the same process withincreasing efficacy, and biometric authentication is gainingcurrency as a means for people to authenticate themselvesto computing systems. We use the termbiometricsin thispaper to refer to human-to-computer authentication.

The range of practical biometrics for computing systemsis different than for human-to-human authentication. Popu-lar computer-oriented biometrics, for instance, include fin-gerprints, face recognition, and irises; these are the threebiometrics favored for e-passport deployments.

Face recognition involves photographic imaging of theface; it is essentially the automated analog of the ordinaryhuman process of face recognition. Fingerprint recognition

likewise relies on imaging and an automated process veryloosely analogous to the fingerprint matching used in crimi-nal investigations (but often based on a different class of fin-gerprint features). Fingerprint scanners can take on opticalor silicon-sensor forms. Iris recognition also involves imag-ing. The iris is the colored annular portion of the eye aroundthe pupil. Someone with “blue eyes,” for instance, has blueirises. (The iris is not to be confused with the retina, aninternal physiological structure.) Iris scanning in biometricsystems takes place via non-invasive scanning with a high-precision camera. The device that captures user data in abiometric system is often called asensor.

The process of biometric authentication is roughly sim-ilar in most systems. An authenticated user enrolls by pre-senting an initial, high-quality biometric image to the sen-sor. The system stores information extracted during enroll-ment in a data structure known as atemplate. The templateserves as the reference for later authentication of the user.It may consist of an explicit image of the biometric, e.g, afingerprint image, or of some derived information, such asthe relative locations of special points in the fingerprint.Toprove her identity during an authentication session, the useragain presents the biometric to a sensor. The verifying en-tity compares the freshly presented biometric informationwith that contained in the template for the user in a processgenerally calledmatching. The template and authenticationimage are deemed to match successfully only if they aresufficiently similar according to a predetermined—and of-ten complicated and vendor-specific—metric.

While conceptually simple, the process of biometric au-thentication abounds with privacy and security complica-tions. Most germane to our discussion here is the issueof biometric authenticity: How does the verifying entityknow that the image presented for authentication is freshand comes from a human being rather than a prosthetic or adigital image? The manufacturers of biometric sensors tryto design them to resist spoofing via prosthetics; the design-ers of biometric systems employ data security techniquesto authenticate that the origin of biometric information isatrusted sensor. As we shall explain, however, theprivacyoftemplates is ultimately quite important and yet insufficientlyassured in the baseline ICAO standard.

3 E-passport Threats

3.1 Data leakage threats

Without protective measures, e-passports are vulnerableto “skimming,” meaning surreptitious reading of their con-tents. Even a short read range is enough for some threats.For example, a3-foot read range makes it possible to installRFID readers in doorways; tags can then be read from any-one passing through the doorway. Such readers could be

4

set up as part of security checkpoints at airports, sportingevents, or concerts. Alternatively, clandestine readers couldbe placed in shops or entrances to buildings. Such readersmight look much like the anti-theft gates already used inthousands of retail stores. A network of such readers wouldenable fine-grained surveillance of e-passports.

Skimming is problematic because e-passports containsensitive data. The ICAO standard for e-passports man-dates that the RFID chip contain the passport holder’s name,date of birth, passport number. Actual deployments willinclude further biometric information, including at a mini-mum a photograph. Optional data items include such dataas nationality, profession, and place of birth. First gener-ation Malaysian e-passports contain an image of the pass-port holder’s thumbprint as the biometric instead of a photo-graph. Second generation ICAO e-passports may also storea thumbprint template, as well as a small amount of writablememory for storing recent travel locations.

The RFID protocols executed by an e-passport may alsoleak information. For example, consider the ISO 14443collision avoidance protocol, used by ICAO and Malaysiansecond generation passports. This protocol uses a specialUID value to avoid link-layer collisions. If the UID valueis fixed and different for each e-passport, then it acts as astatic identifier for tracking the movement of e-passports.A static identifier also enableshotlisting. In hotlisting, theadversary builds a database matching identifiers to personsof interest. Later, when the identifier is seen again, the ad-versary knows the person without needing to directly accessthe e-passport contents. For example, a video camera plusan RFID reader might allow an adversary to link a face witha UID. Then subsequent sightings of that UID can be linkedwith the face, even if no video camera is present.

Leakage of e-passport data thus presents two problemswith consequences that extend beyond the e-passport sys-tem itself:Identity Theft: A photograph, name, and birthday give ahead start to a criminal seeking to commit identity theft.With the addition of a social security number, the criminalhas most of the ingredients necessary to build a new identityor create a fake document.Tracking and Hotlisting: Any static identifier allows fortracking the movements of an RFID device. By itself, themovements of an individual may not be that interesting.When combined with other information, however, it canyield insight into a particular person’s movements. Further,this information only becomes more useful over time, asadditional information is aggregated.

Hotlisting is potentially more dangerous than simpletracking, because it explicitly allows targeting specific in-dividuals. One unpleasant prospect is an “RFID-enabledbomb,” an explosive device that is keyed to explode at par-ticular individual’s RFID reading [18, 26]. In the case of

e-passports, this might be keyed on the collision avoidanceUID. Of course, one can detonate bombs remotely withoutthe help of RFID, but RFID paves the way for unattendedtriggering and more comprehensive targeting. For example,e-passports might enable the construction of “American-sniffing” bombs, since U.S. e-passports will not use encryp-tion to protect confidentiality of data.

3.2 The biometric threat

Leakage of the biometric data on an e-passport poses itsown special risks: compromise of security both for the e-passport deployment itself, and potentially for external bio-metric systems as well.

While designated as optional in this figure, biometricinformation will play a central role in e-passport systems.A facial image—a digitized headshot—is designated the“global interchange feature,” meaning that it will serve asthe international standard for biometric authentication.In-deed, ICAO guidelines describe it as the mandatory mini-mum for global interoperability [20]. Optional fields existfor iris and fingerprint data, which may be used at the issu-ing nation’s discretion. We note that the US-VISIT programrequires fingerprint biometrics from visitors; these finger-prints could be stored in the appropriate fields on an ICAOe-passport.

Advocates of biometric authentication systems some-times suggest that secrecy is not important to the integrityofsuch systems. The fact that an image of John Doe’s finger-prints is made public, for instance, does not preclude veri-fication of Doe’s identity: Comparison of the public imagewith the prints on her hands should still in principle estab-lish her identity. This is all the more true when such com-parison takes place in a secure environment like an airport,where physical spoofing might seem difficult to achieve.

At first glance, secrecy would seem particularly super-fluous in the US-VISIT initiative and first deployments ofICAO passports. The globally interoperable biometric, asmentioned above, is face recognition. Thus the biometricimage stored in passports will be headshots, which is insome sense public information to begin with.

Data secrecy in biometric systems, however, is a subtleissue. Two trends erode security in the face of public dis-closure of biometric data:

1. Automation: Because biometric authentication is anautomated process, it leads naturally to the relaxationof human oversight, and even to self-service applica-tion. This is already the case with e-passports. AtKuala Lumpur International Airport, Malaysian citi-zens present their e-passports to an “AutoGate” and au-thenticate themselves via a fingerprint scanner, withoutany direct human contact. If the fingerprint matchesthe e-passport data, the gate opens and the e-passport

5

holder continues to his or her flight [24]. Australiaplans to introduce similar “SmartGate” technologywith face recognition in conjunction with its e-passportdeployment. These deployments are instructive, be-cause they tell us what airport procedures might looklike in a world where e-passports are ubiquitous.

The pressures of passenger convenience and airportstaff costs are likely to reinforce this trend towads unat-tended use of biometrics. The result will be dimin-ished human oversight of passenger authentication andgreater opportunities for spoofing of biometric authen-tication systems.

2. Spillover: As biometrics serve to authenticate users inmultiple contexts, compromise of data in one systemwill threaten the integrity of other, unrelated ones. Forexample, biometric authentication is gaining in popu-larity as a tool for local authentication to computingdevices and remote authentication to networks. Forexample, Microsoft is initiating support for optical fin-gerprint scanning devices in 2005 [30]. Even if thesecrecy of John Doe’s fingerprint image is relativelyunimportant at a supervised immigration station in anairport, it may be of critical importance to the securityof his home PC or corporate network if they also relyon biometrics for authentication, as an attacker ableto simulate Doe’s finger in these settings may do so inthe absence of human oversight. (An unclassified StateDepartment whitepaper recognizes the need to protectthe privacy of iris and fingerprint data, but does notexplain why [36].)

Also, multiple enrollments of the same biometric cancause subtle security problems, even if none of thebiometric data is “compromised.” Recently, Barral,Coron, and Naccache proposed a technique for “exter-nalized fingerprint matching” [8] [40], also a researchprototype from GemPlus under the name BioEasy4.The goal is to enable storing a fingerprint template ona low-cost chip, without requiring the overhead of tra-ditional cryptography. In their scheme, a chip stores afingerprint templatef(D) of a fingerprintD togetherwith a set of randomly chosen fingerprint minutaer.When queried, the chip returnst := f(D) ∪ r andchallenges the reader to determine which minutae be-long tof(D) and which belong tor. The authors arguethat even if an adversary queries the chip remotely andlearnst, recovering the templatef(D) without accessto the fingerprintD is difficult because of the addi-tional minutaer.

4An earlier version of the paper claimed that BioEasy was sold to theglobal ID market; this is not correct. BioEasy is a research prototype, whilethe GemPlus products for the ID market are based on different technologybased on solutions from SAGEM, NEC, or others. We regret the error.

If the same user enrolls in two different organizationsA andB with the same finger, however, these organi-zations will give the user cards withtA = f(D) ∪ rA

andtB = f(D) ∪ rB (we assume that the template al-gorithm can tolerate some fuzziness in the fingerprintreading and obtain the same or very similar f(D)). Ifthe adversary scans the user, then it will learn bothtAandtB . Then the adversary can computetA ∩ tB =f(D) ∪ (rA ∩ rB). If rA andrB were chosen inde-pendently, we expect their intersection to be small, sothe adversary can gain an advantage at determining thefingerprint template. This vulnerability illustrates theissues that could arise when fingerprints are used bothfor e-passports and for other forms of identification.The designers, in a patent application on the technol-ogy, suggest to use a second finger as the source offalse minutae; this avoids the attack we have describedbut demonstrates the need for careful design in a worldwith e-passports [9].

These risks apply even to passport photos. While JohnDoe’s face is a feature of public record, his passport photois not. Passport photos have two special properties:

1. Image quality: Doe’s passport photo is likely to beof a higher quality than the image of Doe’s face thatan attacker can obtain in casual circumstances. Pass-port photos are taken under rigorously stipulated con-ditions. One example is particularly illuminating withrespect to these conditions: To comply with the tech-nical requirements of facial recognition, applicants forU.K. passports may not smile for their photos [10].

2. Disclosure may enable forgery:Passport photos arethe target authenticator: they are the reference point foran attacker aiming to spoof a facial recognition system.Forgery of a face in a biometric authentication systemsmay seem implausible, but Adler shows that holdingup a photo is sufficient to spoof some face-recognitionsystems [4].

Going further, iris scans and fingerprints are secondarybiometrics specified in the ICAO document, and finger-prints are the primary biometric for Malaysian e-passports.In unattended settings, spoofing these biometrics is alsopossible given enough preparation time. For example, Mat-sumoto showed how several fingerprint recognition sys-tems could be fooled when presented with gelatin “fin-gers” inscribed with ridges created from pictures of finger-prints [28].

6

Figure 1. The information stored on an ICAO e-passport. This figure is taken from ICAO Document9303.

Type Feature Name Purpose

Passive Authentication Prevent data modificationMandatory Biometric: Photo Identify passport holder

Active Authentication Anti-cloningOptional Basic Access Control Data confidentiality

Biometric: Fingerprint Identify passport holder

Figure 2. Summary of ICAO security features.

7

4 Cryptography in E-passports

4.1 The ICAO specification

As we have explained, the ICAO guidelines specify a largerange of mandatory and optional data elements. To ensurethe authenticity and privacy of this data, the guidelines in-clude an array of cryptographic measures, discussed next.

The ICAO standard specifies onemandatorycrypto-graphic feature for e-passports [19, 20]:

Passive authentication: The data stored on a e-passportwill be signed by the issuing nation [20]. Permitted signa-ture algorithms include RSA, DSA and ECDSA. As notedin the ICAO guidelines, passive authentication demon-strates only that the data is authentic. It doesnot prove thatthe container for the data, namely the e-passport, is authen-tic.

The ICAO guidelines additionally specify twooptionalcryptographic features for improved security in e-passports:

Basic Access Control and Secure Messaging:To ensurethat tag data can be read only by authorized RFID readers,Basic Access Control stores a pair of secret cryptographickeys (KENC,KMAC) in the passport chip. When a readerattempts to scan the passport, it engages in a challenge-response protocol that proves knowledge of the pair of keysand derives a session key. If authentication is successful,thepassport releases its data contents; otherwise, the readerisdeemed unauthorized and the passport refuses read access.The keysKENC andKMAC derive from optically scannabledata printed on the passport, namely:

• The passport number, typically a nine-character value;

• The date of birth of the bearer;

• The date of expiration of the passport; and,

• Three check digits, one for each of the three precedingvalues.

E-passports use the ISO 11770-2 Key Establishment Mech-anism 6:

Reader TagGet challenge−−−−−−−→

rT ∈R {0, 1}64

rT←−−−−

rR, kR ∈R {0, 1}64

SR := rR||rT ||kR

CR := EKENC(SR)

MR := MKMAC (CR)

CR||MR

−−−−−→

kT ∈R {0, 1}64

ST := rT ||rR||kT

CT := EKENC(ST )

MT := MACKMAC (CT )

CT ||MT

←−−−−−

HereE is two-key triple-DES in CBC mode with an all-0IV, and M is the ANSI “retail MAC” [21]. In this proto-col, the Tag first checks the MACMR and then decryptsthe valueCR. The Tag then checks that therT in the de-crypted value matches therT which it previously sent. Ifeither check fails, the Tag aborts.

Similarly, when the Reader receivesCT andMT , it firstchecks the MACMT and then decryptsCT . The Readerthen checks that the correctrR appears in the decryptionof CT . If either check fails, the Reader aborts. Otherwise,the Reader and Tag proceed to derive a shared session keyfrom the “key seed”kR ⊕ kT , by using the key derivationmechanism in Section E.1 of the ICAO PKI report [20].

The intent of Basic Access Control is clearly spelled outin the ICAO report: the Basic Access Control keys, andhence the ability to read the passport contents, should beavailableonly when a passport holder intends to show hisor her passport. Unfortunately, the scheme falls short ofthis goal in two ways.

First, the entropy of the keys is too small. The ICAO PKITechnical Report warns that the entropy of the key is at most56 bits. The ICAO report acknowledges that some of thesebits may be guessable in some circumstances. We believethat the key length is in fact slightly shorter for a generalpopulation. We estimate that the birth date yields about14bits of entropy and the expiration date, which has a 10-yearmaximum period, yields roughly11 bits of entropy. Theremaining entropy depends on the passport number schemeof the issuing nation. For concreteness, we discuss the pass-

8

Country RFID Type Deployment Security Biometric

Malaysia Gen1 non-standard 1998 Passive Authentication + Unknown FingerprintMalaysia Gen2 14443 2003 Passive Authentication + Unknown Fingerprint

Belgium 14443 2004 Unknown PhotoU.S. 14443 2005 Passive, Active Authentication Photo

Australia 14443 2005 Unknown PhotoNetherlands 14443 2005 Passsive, Active Authentication, BAC Photo

Germany 14443 2005 Passsive, Active Authentication, BAC Photo

Figure 3. Current and near-future e-passport deployments. The Belgium, U.S., Australia, and Nether-lands deployments follow the ICAO standard, while Malaysia ’s deployment predates the standard.The chart shows the type of RFID technology, estimated time o f first deployment, security featuresemployed, and type of biometric used. Here “BAC” stands for B asic Access Control. “Unknown”indicates a lack of reliable public information.

port number scheme of the United States [5].United States passports issued since 1981 have9-digit

passport numbers. The first two digits encode one of fif-teen passport issuing offices, such as “10” for Boston or“03” for Los Angeles. The remaining seven digits are as-signed arbitrarily. Probably some two-digit leading codesare more likely than others, as some offices presumably is-sue more passports than others, but we will conservativelyignore this effect. Given fifteen passport issuing agenciescurrently in the United States, U.S. passport numbers haveat mostlg(15×107) ≈ 27 bits of entropy. This means BasicAccess Control keys have a total of about52 bits of entropy.

Other nations may have different passport numberingschemes, which yield less entropy. For example, the se-curity firm Riscure recently announced that Dutch passportnumbers yield Basic Access Control keys with about 35 bitsof entropy, which is small enough for a laptop to brute forcein a few hours [33]. On the other hand, Markus Kuhn notesthat passport numbering schemes may be changed to acco-modate the issuing of passports with Basic Access Control,including the introduction of longer passport numbers [27].

Furthermore, the passport number is not typically con-sidered a secret. Entities such as cruise ships, travel agents,airlines, and many others will see the number and may in-clude it on paper documents.

Second, a single fixed key is used for the lifetime of thee-passport. As a consequence, it is impossible to revokea reader’s access to the e-passport once it has been read.If a passport holder visits a foreign nation, he or she mustgive that nation’s border control the key for Basic AccessControl. Because the key never changes, this enables thatnation to read the e-passport in perpetuity. This capabilitymay be misused in the future, or databases of keys may beinadvertently compromised.

Despite its shortcomings, Basic Access Control is muchbetter than no encryption at all. As we will see, however,

the United States originally elected not to include Basic Ac-cess Control in its e-passport deployment. In contrast, theNetherlands and Germany both plan to include Basic Ac-cess Control in their ICAO passport deployments.

“Active Authentication”: The ICAO spec urges use ofanother, optional security feature called “Active Authenti-cation.” While Basic Access Control is a confidentialityfeature, Active Authentication is an anti-cloning feature.It does not prevent unauthorized parties from reading e-passport contents.

Active Authentication relies on public-key cryptography.It works by having the e-passport prove possession of a pri-vate key. The corresponding public key is stored as part ofthe signed data on the passport. The ICAO guidelines aresomewhat ambiguous, but appear to specify an integer fac-torization based signature such as RSA or Rabin-Williams.To authenticate, the passport receives an8-byte challengefrom the reader. It digitally signs this value using its privatekey, and returns the result. The reader can verify the correct-ness of the response against the public key for the passport.The ICAO guidelines specify use of the ISO/IEC 7816 In-ternal Authenticate mechanism, with ISO 9796-2 SignatureScheme 1 padding for the underlying signature:

Reader Tag

rR ∈R {0, 1}64

rR−−−−→

M1 ∈R {0, 1}64

X := M1||rR

SigSK

(X)←−−−−−−

Here SigSK

(X) is an RSA or Rabin-Williams signaturewith 9796-2 padding signed with the secret keySK of the

9

e-passport. Notice thatX contains both a random noncegenerated by the Tag and a challenge from the reader; wespeculate that this may be intended to counteract paddingattacks such as those of Coron, Naccache, and Stern [13].The 9796-2 padding itself makes use of a hash function,which may be SHA-1 or another hash function; the ICAOstandard does not restrict the choice of hash. The signa-ture can then be verified with the public key supposedlyassociated with the passport. If the signature verifies, theReader gains some confidence that the passport presented isthe container which is supposed to hold the presented bio-metric data. The U.S. RFP for e-passports further specifiesin Section C.2.7.2.2 a security policy that e-passport chipsmust support, namely that data cannot be overwritten on thechip after personalization [14]. Signing the chip’s publickey is a statement that the chip with the corresponding se-cret key is trusted to implement the security policy.

The public key used for Active Authentication must betied to the specific e-passport and biometric data presented.Otherwise a man-in-the-middle attack is possible in whichone passport is presented, but a different passport is usedas an oracle to answer Active Authentication queries. TheICAO specification recognizes this threat, and as a resultmandates that Active Authentication occur in conjunctionwith an optical scan by the reader of the machine-readablezone of the e-passport. As a result, every reader capable ofActive Authentication and compliant with the ICAO speci-fication also has the hardware capability necessary for Ba-sic Access Control. Deployments which neglect this partof the specification open themselves to a risk of cloned e-passports.

Furthermore, to be effective, the private key used in Ac-tive Authentication must never leave a particular e-passport.Here the guidelines in the ICAO PKI report are vague, sim-ply saying that the keys shall be generated “in a secure way”and then stating that “no Key Management is applicable forthese keys.” In particular, the report does not forbid thesekeys from being read by a remote reader; while allowingsuch reading is almost surely not the intention of the stan-dard, the exact requirements are not clear. The U.S. Con-cept of Operations document is also vague. While it spec-ifies requirements on what data cannot be overwritten afterpassport personalization, it does not appear to specify thatActive Authentication keys cannot be read after personal-ization. The chips used in e-passports must also resist thesame range of side channel and fault injection attacks tradi-tionally applied to smart cards.

Active Authentication also raises subtle issues concern-ing its interaction with Basic Access Control and privacy.The certificate required for verifying Active Authenticationalso contains enough information to derive a key for BasicAccess Control; as a result the certificate must be kept se-cret. In addition, when Active Authentication is used with

RSA or Rabin-Williams signatures, responses with differ-ent moduli, and hence from different e-passports, can bedistinguished. As a result, Active Authentication enablestracking and hotlisting attacks even if Basic Access Con-trol is in use. We recommend that Active Authenticationbe carried out only over a secure session after Basic Ac-cess Control has been employed and session keys derived.Because Active Authentication requires an optical scan ofthe e-passport, just as Basic Access Control does, we donot believe this presents more of a burden than the existingspecification.

4.2 Cryptographic measures in planned deploy-ments

At this point, more information is publicly available forthe United States deployment of ICAO e-passports than anyother of which we are aware. An unclassified State Depart-ment memo obtained by the ACLU describes elements ofthe U.S. PKI architecture as envisioned in 2003 [36]. AFederal Register notice dated 18 February 2005 provides anumber of details on U.S. e-passport plans [2]. Appendix Dof the State Department Concept of Operations documentspecifies that readers should support Active Authentication,leaving open the possibility of its future deployment in U.S.and foreign e-passports [14]. The Federal Register notice,however, confirms that U.S. passports will not implementBasic Access Control. The Federal notice offers three rea-sons for the decision not to implement Basic Access Con-trol: (1) The data stored in the chip are identical to thoseprinted in the passport; (2) Encrypted data would slow entryprocessing time5; and (3) Encryption would impose moredifficult technical coordination requirements among nationsimplementing the e-passport system. Further, this notice in-timates that e-passports will carry Faraday cages and that e-passport readers will be shielded to prevent eavesdropping.

Our analysis suggests this reasoning is flawed. ActiveAuthentication requires an optical scan of a passport to pro-vide the claimed anti-cloning benefit. This is why the ICAOspec mandates readers supporting Active Authentication beable to optically scan e-passports; this optical scan capa-bility is also sufficient for Basic Access Control. Reason(3) is also flawed: because all the data required to derivekeys for Basic Access Control is present on the data page ofthe e-passport, no coordination among nations is required.Coordination among vendors is required for interoperabilityof e-passports and readers, but such coordination is alreadyrequired for e-passports without Basic Access Control. Fi-nally, as we have argued, Faraday cages are not sufficientto protect against unauthorized eavesdropping, and so theydo not rule out the attacks on security and privacy we have

5Presumably this refers to the requirement for optical scanning in asso-ciation with Basic Access Control.

10

outlined.In fact, our analysis shows that the original deployment

choices of the United States put e-passport holders at riskfor tracking, hotlisting, and biometric leakage. The lack ofBasic Access Control means that any ISO 14443 compliantreader can easily read data from an e-passport, leading di-rectly to these attacks. We are also concerned that a pushtowards automatic remote reading of e-passports may leadthe U.S. to neglect optical scanning of e-passports, therebyweakening the anti-cloning protections of Active Authenti-cation. Following the original publication of this paper andthe receipt of over 2400 public comments responding to e-passport policy, the U.S. State Department indicated that itwould reconsider Basic Access Control, but at this writingno final decision has been announced.

As it pre-dates the ICAO standard, the Malaysian iden-tity card/passport is not compliant with that standard. Pub-lished information suggests that it employs digital signa-tures (“passive authentication”) [3]. There appears to be noreliable public information on other security mechanisms,although the US patent filed on the technology suggests a“proprietary and secret” encryption algorithm is used formutual authentication between e-passport and reader [38].Belgium began issuing e-passports to citizens in November2004, while the United States, Australia, and the Nether-lands expect large-scale issuing by the end of 2005. For theICAO e-passport deployments, the specific choices of eachcountry as to which security features to include or not in-clude makes a major difference in the level of security andprivacy protections available. We summarize the known de-ployments, both current and impending shortly, in Figure 3.

Other nations may or may not meet the United Statesmandate for deployment in 2005. Indeed, the reason thatthe United States has favored a minimal set of security fea-tures appears to stem from problems with basic operationand compatibility in the emerging international infrastruc-ture [1]. Following complaints by several contries, in June2005 the United States extended its original October 2005deadline for electronic passports to October 2006, but re-tained a requirement for digital photographs associated withpassports.

5 Strengthening Today’s E-passports

5.1 Faraday cages

One of the simplest measures for preventing unautho-rized reading of e-passports is to add RF blocking materialto the cover of an e-passport. Materials such as aluminumfiber are opaque to RF signals and could be used to create aFaraday cage, which prevents reading the RFID device in-side the e-passport. Before such a passport could be read,therefore, it would have to be physically opened.

The ICAO considered Faraday cages for e-passports, asshown in a discussion of “physical measures” in Section 2.4of [20]. Because Faraday cages do not prevent eavesdrop-ping on legitimate conversations between readers and tags,however, Faraday cages were deprecated in favor of BasicAccess Control.

While a Faraday cage does not prevent an eavesdropperfrom snooping on a legitimate reading, it is a simple andeffective method for reducing the opportunity for unautho-rized reading of the passport at times when the holder doesnot expect it. Recently, the U.S. State Department indicatedthat U.S. e-passports may include metallized covers, fol-lowing discussion of privacy risks by the ACLU and othergroups.

The research community has proposed a number of toolsfor protecting RFID privacy, including “Blocker Tags” [23]and “Antenna Energy Analysis” [16]. While either of thesemechanisms would be helpful, in the special context of e-passports they would be no more practical or protective thana Faraday cage, given that passive eavesdropping during le-gitimate read sessions is likely to constitute perhaps the ma-jor vulnerability to data leakage.

5.2 Larger secrets for basic access control

As we have discussed, the long-term keys for Basic Ac-cess Control have roughly52 bits of entropy, which is toolow to resist a brute-force attack. A simple countermea-sure here would be to add a128-bit secret, unique to eachpassport, to the key derivation algorithm. The secret wouldbe printed, together with other passport information, on thepassport. Such a secret could take the form of a larger pass-port ID number or a separate field on an e-passport. To aidmechanical reading, the secret might be represented as atwo-dimensional bar code or written in an OCR font to theMachine Readable Zone (MRZ) of each passport.

5.3 Private collision avoidance

Even if a larger passport secret is used as part of keyderivation, the collision avoidance protocol in ISO 14443uses a UID as part of its collision avoidance protocol. Caremust be taken that the UID is different on each reading andthat UIDs are unlinkable across sessions. One simple coun-termeasure is to pick a new random identifier on every tagread. In general, e-passports and other IDs should usepri-vate collision avoidanceprotocols. Avoine analyzes sev-eral existing protocols and proposes methods for convertingthem into private protocols [7].

5.4 Beyond optically readable keys

The ICAO Basic Access Control mechanism takes ad-vantage of the fact that passports carry optically readable

11

information as well as biometric data. In the passport con-text, the ICAO approach neatly ties together physical pres-ence and the ability to read biometric data. In general, how-ever, we cannot count on this kind of tight coupling fornext-generation ID cards. Furthermore, the use of a static,optically readable key leads to readers that must be trustedin perpetuity when all that is desired is to allow a singlepassport read. Therefore an important problem is to createa keying mechanism that limits a reader’s power to reusesecret keys and a matching authorization infrastructure fore-passport readers.

Before we can move beyond optically readable keys, akey management problem reveals itself. Which key shouldan authorized party use to authenticate with a e-passport?The e-passport dare not reveal its identity to an untrustedreader, but at the same time the reader does not know whichkey to use.

An earlier version of our protocol suggested using theJFKr authenticated Diffie-Hellman key agreement protocolof Aiello et al. for this problem [6]. We also highlightedreader revocation as an open issue in e-passports. We havesince learned that the German government has proposed aDiffie-Hellman based protocol for “Extended Access Con-trol” in the ICAO specification [11].

Reader revocation in the German proposal is accom-plished by time-expiring certificates issued to readers com-bined with a time-stamping service run by each nation. Oneach interaction with a legitimate reader, the reader pro-vides the passport with the most recent known timestampfrom that passport’s nation. While this raises a denial-of-service risk if a nation ever signs a timestamp far in the fu-ture, it fits with the constraints imposed by a mostly-offlinereader architecture. In particular, border control readers insoutheastern Europe may be offline for weeks or months ata time [37].

6 Future Issues in E-passports

6.1 Visas and writeable e-passports

Once basic e-passports become accepted, there will be apush for e-passports that support visas and other endorse-ments. (We note that the presently proposed approach tochanges in basic passport data is issuance of a new pass-port [2]; this may eventually become unworkable.) Becausedifferent RFID tags on the same passport can interfere witheach other, it may not be feasible to include a new RFIDtag with each visa stamp. Instead, we would like to keepthe visa information on the same chip as the standard pass-port data. These features require writing new data to ane-passport after issuance.

A simple first attempt at visas for e-passports might spec-ify an area of append-only memory that is reserved for

visas. Each visa would name an e-passport explicitly, thenbe signed by an issuing government authority just as e-passport credentials are signed. An e-passport might evenimplement “sanity checks” to ensure that a visa is properlysigned and names the correct e-passport before committingit to the visa memory area.

In some cases, however, a passport holder may not wantborder control to know that she has traveled to a particu-lar location. For example, most Arab countries will refuseentry to holders of passports which bear Israeli visas. Asanother example, someone entering the United States viaCanada may wish to conceal a recent visit to a nation be-lieved to be harboring terrorists. The first example is widelyconsidered a legitimate reason to suppress visas on a pass-port; in fact, visitors to Israel request special removablevisapassport pages for exactly this reason. The second motiva-tion may be considered less legitimate, and preventing itmay become a goal of future visa-enabled e-passports.

6.2 Function creep

The proliferation of identification standards and devicesis certain to engender unforeseen and unintended applica-tions that will affect the value and integrity of the authenti-cation process. For example, passports might come to serveas authenticators for consumer payments or as mass transitpasses. Indeed, the ICAO standard briefly discusses the ideathat e-passports might one day support digital commerce.

Function creep has the potential to undermine data pro-tection features, as it will spread bearer data more widelyacross divergent systems. Moreover, function creep maylead to consumer demands for greater convenience, leadingto the erosion of protective measures like optical-scanning-based access control and Faraday-cage use. Passport hold-ers may wish to pass through turnstiles, for instance, with-out having to pause to have their documents opticallyscanned. Unless some new privacy-enhancing features areadded, it is conceivable that e-passports will reveal an ag-gregate record of private information whenever the passportis used, for instance to prove the bearer’s age when enter-ing a bar. The leaked information could include the bearer’sbirthdate, passport number, place of birth, and possibly el-ements of her travel history, as well as optional informa-tion like her profession and emergency contact information.While some of this information is already present in printedform on driver’s licenses, its availability in electronic formwill make it much easier to aggregate and share.

Web cookies are an instructive example of functioncreep. Originally introduced to overcome the stateless na-ture of the HTTP protocol, it was quickly discovered thatthey could be used to track a user’s browsing habits. Today,web sites such as doubleclick.com use cookies extensivelyto gather information about customers.

12

7 Conclusion

We have identified principles for secure biometric iden-tity cards and analyzed these principles in the context of theICAO e-passport standard, current ICAO deployments, andMalaysian e-passports. We can draw several conclusions:

• The secrecy requirements for biometric data imply thatunauthorized reading of e-passport data is a securityrisk as well as a privacy risk. The risk will only growwith the push towards unsupervised use of biometricauthentication.

• At a minimum, a Faraday Cage and Basic AccessControl should be used in ICAO deployments to pre-vent unauthorized remote reading of e-passports. Inparticular, the United States deployment of ICAO e-passports does not provide sufficient protection for itsbiometric data.

• Because the United States deployment uses Active Au-thentication, readers supplied to the United States arerequired by the ICAO spec to include the capability tooptically scan e-passports. This capability is sufficientfor Basic Access Control. No change to the readersor coordination with other nations is required to im-plement Basic Access Control in the U.S. deploymentof ICAO e-passports. Therefore, the reasons cited forforegoing Basic Access Control in the US deploymentare not convincing.

Today’s e-passport deployments are just the first waveof next-generation identification devices. E-passports mayprovide valuable experience in how to build more secureand more private identification platforms in the years tocome.

8 Acknowledgements

We thank Neville Pattinson for helpful discussions andfor giving us access to his white paper. We thank SethSchoen and Lee Tien for helpful discussions on e-passportsand Lea Kissner for her comments. We also thank Bart Ja-cobs, Tamas Visegrady, and researchers at IBM Zurich fordiscussions regarding European electronic passports. Wethank Markus Kuhn for pointing us to his RISKS digestarticle. In an earlier version of the paper, we mistakenlyclaimed that Gemplus marketed a system called BioEasy tothe global ID market; in fact BioEasy is a research proto-type and commercial solutions depend on technology fromNEC, SAGEM, and others. Claude Barral and David Nac-cache pointed out our error concerning BioEasy and gave apointer to a way to avoid the attack we showed; we thankthem for the correction. This research was supported by

NSF grants CCR-0093337 and CCR-0325311 and by a gen-erous donation from British Telecom.

References

[1] New-look passports. Economist, 17 February2005. http://economist.com/science/displayStory.cfm?story_id=3666171 .

[2] Department of State, 22 CFR Part 51, Public Notice 4993,RIN 1400-AB93, Electronic Passport.Federal Register,70(33), 18 February 2005. Action: Proposed Rule. Avail-able athttp://a257.g.akamaitech.net/7/257/2422/01jan20051800/edocket.access.gpo.gov/2005/05-3080.htm .

[3] Digicert PKI toolkit — dcTools specification sheet, 2005.http://www.digicert.com.my/toolkits.htm .

[4] A. Adler. Sample images can be indepen-dently restored from face recognition tem-plates, June 2003. http://www.site.uottawa.ca/˜adler/publications/2003/adler-2003-fr-templates.pdf .

[5] U. S. S. Administration. Passports as evidence,2005. http://policy.ssa.gov/poms.nsf/lnx/0302640050?OpenDocument&Click= .

[6] W. Aiello, S. M. Bellovin, M. Blaze, R. Canetti, J. Ioannidis,A. D. Keromytis, and O. Reingold. Just fast keying: Keyagreement in a hostile internet.ACM Trans. Inf. Syst. Secur.,7(2):242–273, 2004.

[7] G. Avoine. RFID privacy: A multilayer problem. InFinan-cial Cryptography, 2005.

[8] C. Barral, J.-S. Coron, and D. Naccache. Externalized fin-gerprint matching. InICBA, pages 309–315, 2004.

[9] C. Barral, J.-S. Coron, D. Naccache, and C. Cardonnel.Biometric identification method and device adaptedto verification on chip cards, patent us2005011946.http://v3.espacenet.com/textdoc?DB=EPODOC&IDX=US2005011946.

[10] BBC. Grins banned from passport pics, 2004.http://news.bbc.co.uk/2/hi/uk_news/politics/3541444.stm .

[11] G. BSI. Alternative extended authentication, 2005.[12] G. BSI. Biometric passport report, 2005.www.bsi.de/

literat/studien/biop/biop_2.htm .[13] J. Coron, D. Naccache, and J. Stern. On the security of RSA

padding. InCRYPTO 99, 1999.[14] U. S. Department. Abstract of the concept of operations

for integration of contactless chip in the US passport, 2004.http://www.statewatch.org/news/2004/jul/us-biometric-passport-original.pdf .

[15] E. Felten. Freedom to tinker, 2005.http://www.freedom-to-tinker.com .

[16] K. Fishkin and S. Roy. Enhancing RFID privacy throughantenna energy analysis. InMIT RFID Privacy Workshop,2003. http://www.rfidprivacy.org/papers/fishkin.pdf .

[17] I. Z. S. C. Group. Personal demonstration, 2005.[18] T. Halfhill. Is RFID paranoia rational?, 2005.

http://www.maximumpc.com/reprints/reprint_2005-01-14a.html .

13

[19] ICAO. Document 9303, machine readable travel documents,October 2004.

[20] ICAO. PKI for machine readable travel documents offeringICC read-only access, version 1.1, October 2004.

[21] ISO. ISO/IEC 9797-1 algorithm 3, 1999.[22] B. Jacobs. Biometry in passports, 2005.http:

//www.sos.cs.ru.nl/research/society/passport/index.html .

[23] A. Juels, R. L. Rivest, and M. Szydlo. The blocker tag:selective blocking of RFID tags for consumer privacy. InProceedings of the 10th ACM conference on Computer andcommunication security, pages 103–111. ACM Press, 2003.

[24] D. M. J. Kamdi. The Malaysian electronicpassport, 2004. Presentation to ICAO,http://www.icao.int/icao/en/atb/fal/fal12/Presentations/Malaysia.ppt .

[25] Z. Kfir and A. Wool. Picking virtual pockets using relayattacks on contactless smartcard systems. Cryptology ePrintArchive, Report 2005/052, 2005.

[26] M. Kuhn. RFID friend or foe, with a note on passports,2003. RISKS 22.98http://catless.ncl.ac.uk/Risks/22.98.html .

[27] M. Kuhn. Personal communication at SECURECOMM2005, 2005.

[28] T. Matsumoto. Gummy and conductive silicone rubber fin-gers. InASIACRYPT 2002, 2002.

[29] D. McCullugh. House backs major shift to electronic IDs.CNET News, 10 February 2005.http://news.zdnet.com/2100-9595_22-5571898.html .

[30] W. Ness. Microsoft optical desktop comes with fingerprintreader, January 2005.

[31] N. Pattinson. Securing and enhancing the privacy of the e-passport with contactless electronic chips, 2004. Contact:pattinson@axalto.com .

[32] Reuters. US pushes back europe’s e-passport dead-line, 2005. http://ecoustics-cnet.com.com/U.S.+pushes+back+Europes+e-passport+deadline/2100-7348_3-5748629.html .

[33] R. Security. Dutch e-passports, 2005.http://www.riscure.com/news/passport.html .

[34] R. Singel. No encryption for e-passports.Wired News,24 February 2005.http://www.wired.com/news/privacy/0,1848,66686,00.html?tw=wn_tophead_1 .

[35] R. M. Smith. Personal communication, 2005. contact:rms@computerbytesman.com.

[36] A. Team”. IC embedded passport PKI requirements, 20October 2003.http://www.aclu.org/passports/PKIRequirements.pdf .

[37] T. Visegrady. Personal communication, 2005.tvi@zurich.ibm.com .

[38] C. H. E. Yap and F. M. Chua. U.S. patent 6,111,506method of making an improved security identification docu-ment including contactless communication insert unit, 2000.http://tinyurl.com/7ymch .

[39] J. Yoshida. Tests reveal e-passport security flaw, August2004.EE Times.

[40] D. Zhang and A. K. Jain, editors.Biometric Authentication,First International Conference, ICBA 2004, Hong Kong,China, July 15-17, 2004, Proceedings, volume 3072 ofLec-ture Notes in Computer Science. Springer, 2004.

14