Tin Foil Passports?

Daedala writes "The debate over contactless chips with biometric information in passports continues. Vendors have been chosen for testing in the U.S. and Australia. Privacy advocates are still arguing about the measure, as are security reporters and bloggers. The specs themselves are interesting, to say the least. The EETimes says that in interoperability tests, the potential chips could be read from 30 feet away. However, both they and the New York Times have published articles reporting vendors' low-cost solution: '[I]incorporate a layer of metal foil into the cover of the passport so it could be read only when opened.' Don't they know that the whole tinfoil hat thing is supposed to be a joke?"

Not actually based on a joke.

[paganizer]

A charged layer of tin foil will block most electromagnet signals, AKA Farrady cage.
a simple layer just won't cut it, though.

Re:Not actually based on a joke.

[paganizer]

I can't believe I spelled it farraday. did I think those measurements I was taking all the time were in farrads? sheesh.
I was in a rush to get first post. some example FARADAY cages are here, here and here.

Re:Not actually based on a joke.

umm...you spelled it Farady

Re:Not actually based on a joke.

[quarkscat]

A tin foil wrapper should actually work,
as well as a lead foil wrapper. Better
still, save the metallized ziplock bag
that your video card probably came in,
and use it. Dual purpose -- keep RFI
out, as well as moisture. If you have
money to burn, buy a nice gold or silver
cigarette case of the right dimensions.

BTW: I don't think that you would actually
need to drag a chain behind you to stay
at earth ground -- that's what the Faraday
cage does. Old fashioned Faraday cages did
have problems -- they generally use a wire
mesh of some particular size, which doesn't
stop ALL RF signals. That is why all the
"spooks" use walk-in steel safes ...

Re:Not actually based on a joke.

[neoform]

here's the inventor

http://rave.ca/data/gallery/012596.jpg

Re:Not actually based on a joke.

a simple layer just won't cut it, though.

Why not?

Re:Not actually based on a joke.

[shamilton]

Dude, check out the hottie on the left. I'm glad I'm not old enough to have searched for mates on CB.

Re:Not actually based on a joke.

[dougmc]

Better still, save the metallized ziplock bag that your video card probably came in, and use it. Dual purpose -- keep RFI out, as well as moisture.

The anti-static bags that computer cards come in do very little to stop RF. Doubt this? Put your cell phone in one, then call yourself. It'll work fine. Tin foil will work *much* better, and no, it doesn't need to be grounded. (In fact, grounding will have no effect.) Again, this is very easy to test -- just wrap your cell phone (or any other radio) in tin foil -- it will not work.

Anti-static bags have high resistances. They're not completely insulators, but not good conductors either, and a Faraday cage needs a good conductor. Their high resistances allow static electricity (with many thousands of volts) to drain off, slowly. Tin foil *can* be used instead of an anti-static bag, but 1) if your circuit has potential somewhere (like a battery, or a charged capacitator) the tin foil will basically short circuit this, which is bad, and 2) it tends to look like a wad of tin foil, which may get thrown away as trash :)

I don't think that you would actually need to drag a chain behind you to stay at earth ground -- that's what the Faraday cage does.

A Faraday cage really has nothing to do with Earth ground. It certainly does not have to stay at the same potential as the Earth unless it's somehow connected to the Earth, and it'll equally as well connected or not connected to the Earth.

Old fashioned Faraday cages did have problems -- they generally use a wire mesh of some particular size, which doesn't stop ALL RF signals.

There's nothing `old fashioned' about any of this -- the first Faraday cage was built in 1836, and once the radio was invented, it was learned not long after that a Faraday cage will block any RF who's wavelength is much larger than the gaps in the cage. I'll bet this was known (and probably understood) long before 1930 or so. People use Faraday cages with a wire mesh today because it does what they need it to do. To do more would cost and weigh more, and might cause other problems (like not let air in, etc.) -- it's as simple as that.

Faraday cages block *electrostic* fields, and you really don't need a tight mesh at all for this. Even your car makes a reasonable Faraday cage. Blocking RF is an added bonus, but for that, you need to make sure the mesh is a good deal smaller than the wavelength of what you need to block.

So, if you need absolute protection against all frequencies of electromagnetic radiation, then you use something with no holes at all. If you also want to block magnetic fields (as the government will want to do to completely prevent TEMPEST attacks and such), then you'll make it out of something magnetic (mu-metal is ideal) and thick. And heavy, and expensive. But secure.

Re:Not actually based on a joke.

[dougmc]

Faraday cages block *electrostic*

Just in case somebody has never heard of this, I meant to say electrostatic :) This link may be useful to some who wish to understand this.

and it'll equally as well connected or not

... and it'll _work_ equally as well ...

Re:Not actually based on a joke.

[gladbach]

actually, shoplifters have been using this method for a while now. same kind of concept.

Re:Not actually based on a joke.

[ArsenneLupin]

The anti-static bags that computer cards come in do very little to stop RF. Doubt this? Put your cell phone in one, then call yourself. It'll work fine.

Here's an even scarier experiment: put your cellphone into your microwave oven. Close door. (No, DON'T TURN IT ON!). Call phone. It rings just fine. Now, considering that the frequency of GSM and microwaves are roughly the same (around 900 Mhz), this lets you wonder: if this frequency gets in that easily, how easily does it get out? Well, obviously, you can stand in front of the nuker just fine, even if it is on, so this is definately odd...

Or maybe, cellphones are just designed to very sensitive, even to very low levels of signal. The nuker (or ziplock bag) could actually be blocking 99% of signal strength, but the phone is sensitive enough to detect the 1% remaining...

Re:Not actually based on a joke.

[Taladar]

Might have something to do with the Microwave operating at 2.4 GHz http://www.zyra.org.uk/microw.htm which is absorbed by water better than many other frequencies and if you used it for mobile phones you wouldn't be able to use your phone when it rains. 802.11b and g (11 and 54 MBit/s WLAN) operate in the 2.4 GHz band so they would have problems working from inside your microwave oven, your mobile phone does not.

Re:Not actually based on a joke.

[wjsteele]

Wrong, Wrong, Wrong! Microwave ovens work by exciting the water molocules at ~2.39ghz. That's how they work, by exciting the water, it in turn heats up... causing your food/cat/phone to cook.

Bill

Re:Not actually based on a joke.

Old fashioned Faraday cages did
have problems

Dude, your MICROWAVE has an "old fashioned faraday cage" as you call it. (It's not old fashioned.) Look at your microwave door. See those holes in it that allow you to see through? If those holes were too big, the RF WOULD leak out and cook you.

Re:Not actually based on a joke.

[mindstrm]

It's not used because it's absorbed better by water.. in fact it's almost the opposite (as indicated by the site you linked)

Other frequencies are absorbed FAR better by water.
The 2.4Ghz is arbitrary, and far, far below the peak absorbtion frequency for water.

"The absorption vs. frequency graph is in the web site I provided previously; it shows that as the water heats up, the peak in absorption increases in frequency, from about 15 GHz in cold water up to close to 100 GHz near the boiling point. The microwave oven frequency is chosen to be below the peak absorption point, so that as the surface of the cooked object heats up, absorption will decrease, allowing the microwave radiation to penetrate into the center of the object and heat it up and thus encouraging more uniform cooking."

Re:Not actually based on a joke.

[dougmc]

Or maybe, cellphones are just designed to very sensitive, even to very low levels of signal. The nuker (or ziplock bag) could actually be blocking 99% of signal strength, but the phone is sensitive enough to detect the 1% remaining...

No, that's not it. Sure, they're relatively sensitive, but not unusually sensitive.

As for 1% of the signal, that's only a factor of 100, or two bars on an S meter. I imagine that would cost you a bar or two on your cell phone, but not too much. Depending on the application, the ratio between a strong signal and a weak signal's power is often 10^6 -- or more. A factor of 100 is signifigant, but certainly not enough.

If you can see into your anti-static bag, look at your cell phone display. Mine doesn't even lose any bars when put inside.

The reason the anti-static bag makes a poor Faraday cage is that it's a poor conductor. It's not meant to be a Faraday cage, because one is not required to protect something from static electricity buildups.

Re:Not actually based on a joke.

[ArsenneLupin]

If you can see into your anti-static bag, look at your cell phone display. Mine doesn't even lose any bars when put inside.

I checked it out:

• Nuker: loses 1 bar, ocasionnally 2
• Grey anti-static bag: loses 1 bar
• "Black grid" anti-static bag: loses nothing
• Going down to the basement (lots of reinforced concrete): no reception at all (i.e. 5 bars...)

Re:Not actually based on a joke.

[dougmc]

Nuker: loses 1 bar, ocasionnally 2

Nuker = microwave? Interesting, I'd expect more attenuation. Most cell phones now use frequencies in the microwave region, and of course your microwave itself works at about 2.4 gHz. I guess a few watts of EM being leaked by the microwave just isn't a concern. (If it's 700 watts, leaking 1% means leaking 7 watts, which generally isn't considered dangerous at all, though it'll certainly mess up your WiFi.)

Going down to the basement (lots of reinforced concrete): no reception at all (i.e. 5 bars...)

Concrete is indeed re-enforced with a `mesh' of rebar, which makes a nice Faraday cage. However, the mesh is way too large to stop the RF frequencies used by cell phones. The reason you get no reception in your basement is probably the ground. Ground conducts, especially when moist. It's not a particularly good conductor, but it's quite thick :)

Re:Not actually based on a joke.

[gtkuhn]

I must try this too. Reminds of the experiments in kid science magazines. To the microwave!

Re:Not actually based on a joke.

Someone read Wikipedia.

Seriously though, he is correct.

Re:Not actually based on a joke.

[_the_bascule]

getting into the elevator in my block, 18 storey flats, all 5 bars. Just about a garauntee really.

Re:Not actually based on a joke.

Only if the metal is thicker than the skin depth of the EM wave. Since skin depth goes monotonically with frequency at low \omega, you'd have top have a really thick sheet there.

Re:Not actually based on a joke.

[bwcbwc]

A faraday cage doesn't actually have to be charged. A connection to ground is sufficient. In the case of the passport, this would be the ground of the RFID circuit. However the cage + ground should fully enclose the item to be isolated, so in a passport, there would probably be some leakage along the open edge of the booklet unless other measures were taken.

Re:Not actually based on a joke.

[Muad'Dave]

The choice of 2450 MHz has more to do with it being in an ISM (Industrial, Scientific, Medical) band where powerful magnetrons were plentiful and leakage regs are way more relaxed. The article you quote points this out down in the blue text labeled "Dan Writes..."

Water's absorption of approx .001 dB/km at 2450 MHz is not particularly high compared to a local maximum of .1 dB/km at 22 GHz or a whopping 25 dB/km at 180 and 300 GHz. The numerical ratio of A(300GHz):A(2.45GHz) is something like 316:1. See this chart for a graph of water vapor and oxygen attenuation vs frequency.

So, they really are out to get me...

[www.whitehouse.org]

They laughed when I wore my tinfoil hat.

They tried to have me committed when I said the government was tracking me.

Now they all want to buy my sporty Faraday Cagewear (TM) line of geek clothing, made of fine woven nylon and copper wire.

Bwahahaha!

Re: So, they really are out to get me...

[Alwin+Henseler]

They laughed when I wore my tinfoil hat.

Maybe then you can put your new passport on your head? Or no, that wouldn't work, because... "they" put the tinfoil on that passport, so *that* tinfoil would surely allow mind-control rays to pass through.

(For uninformed /. readers: for good shielding from "them", you need to make your own tinfoil from raw material)

Now they all want to buy my sporty Faraday Cagewear (TM) line of geek clothing..

Where can I buy some? I need some new underwear, and a couple of T-shirts. Have them in black? Oh yeah, and some socks too. Strange... never seen that brand in a shop... "they" had it removed from the shelves, I suppose?

Re: So, they really are out to get me...

[mrcdeckard]

(For uninformed /. readers: for good shielding from "them", you need to make your own tinfoil from raw material)


the problem is, is that the raw materials are on a watch list -- you must be careful that you don't attract attention when gathering the materials, or THEY will know you're on to them . . . and will use the purchase to help track your movements. . .

oh yeah, when burying food and supplies underground (so that the satellites don't detect them, duh), you must wrap them in tinfoil as well. lead, of course, is better.

Re:So, they really are out to get me...

[serviscope_minor]

Now they all want to buy my sporty Faraday Cagewear (TM) line of geek clothing, made of fine woven nylon and copper wire.

Hey, I'd buy that! Sounds cool to be Tazer-proof!

Re: So, they really are out to get me...

[HiThere]

IF you do it just right, it also helps keep out the mice.

Re:Hah!

A much better idea than my tinfoil condom turned out to be.

Christ, what was I thinking?

Weird

[StarWreck]

A tinfoil hat and a tin foiled passport. Now I just need a Farrady cage around my computer monitor so I don't have to worry about any troublesome Van Eck Phreaking.

Still

[comwiz56]

Even if the tinfoil blocks it, there's still alot of ways that the information could be stolen with little effort. And how durable would this paper be?

Re:Still

[aichpvee]

Maybe it was used as an acronym with improper capitalisation.

They probably just meant to say: "Even if the tinfoil blocks it, there's still Airborne Lightweight Optical Tracking of ways that the information could be stolen with little effort. And how durable would this paper be?"

Basic electronics

[Dorsai65]

With the passport shaped so there was some overlap in the edges of the cover, a nice layer of foil would shield it very nicely, thank you. Even without overlapping edges, the foil would greatly reduce the effective range.

Professional Shoplifters

[stratjakt]

Have been lining their purses/trenchcoats/whatever with foil for years to avoid those little tag detectors at the door.

I was watching it on TV, you saw this lady open up her purse and could see the tinfoil.. She shoved a waffle iron or some such thing in there and out she went.

Re:Professional Shoplifters

Still on the helpdesk? You, sir, are a prince among men. Please see the post titled "Tinfoil Alternative"

Re:Professional Shoplifters

[NiTr|c]

Bit off topic, but I wouldn't say professional shoplifters use this technique. It's more of something an amateur would do, that they probably saw on TV or read on the internet. The professionals are the ones who get the managers to walk out with it and help them to their cars ;).

Re:Professional Shoplifters

[metricmusic]

When I required an 'extended loan' from the school libary for my exams, I used to do this. =)

Re:Professional Shoplifters

[tigerc]

This seems akin to the metal sleeve you get when you buy an ez pass. If you don't want the machine to read your ez pass, you put it in the bag.

Re:Professional Shoplifters

[beebware]

My old school library had pressure-sensitive magnetic swip checks. Basically, you walked out towards the door, steped on the pad and then the detectors either side of the pad would check for the books. I'm tall and have quite long legs, so you can guess what I did....
Not the most secure system - but given the fact they had a computer room at the back of the library with a door from the computer room to a classroom - without any detectors in between - it was quite simple to "borrow books on extended loans" anyway. As for the barcoded library tickets. I managed to edit mine (including the barcode check digit[s]) with a black pen and borrow a number of items under someone elses name. I didn't think it would be possible until I tried it myself(!)

Re:Professional Shoplifters

That's absolutely true. What many of the stores so worried about shoplifting don't seem to understand is that so much of theft is an inside job.

Re:Professional Shoplifters

[stratjakt]

Heh, I knew a guy who stole a canoe from a big Sears-like store (can't remember which one).

The employees saw him walking towards the door with a canoe and held it open for him, after all, who's going to walk out with a canoe?

Here's the punchline... Dude got busted the next day when he returned to steal the paddles.

I'm not kidding, I couldn't make something like that up.

Irony

[NiTr|c]

Hah, if this isn't sweet sweet irony I don't know what is. One could wonder if they are laughing at this too, or doing it just for spite.

I know bugger all about EE

[Nailer]

But perhaps the joke re: tinfoil hats is that the government isn't really trying to comtrol your mind?

Re:I know bugger all about EE

No..they are trying to control your mind

Re:I know bugger all about EE

[nomel]

I never understood the tinfoil hats, because there's a chance that the signal would resonate in the hat, increasing it's field strength :O!

10 bucks says...

[ilyanep]

That in about 5 years or so they'll implement this technology and we'll see a story, "Identity Theft On The Rise As Biometrics Are Stolen From Traveller's Passports".

Re:10 bucks says...

It's "identity infringement."

Re:10 bucks says...

[aichpvee]

So you're saying that my identity is my personal intellectual property? Does that mean I can use the DMCA to force credit card companies to destroy records of my debt after running a few hundred thousand dollars on stuff I don't need?

why

why do they need to read passports from miles away?

The whole point of the biometrics (even the lowly photography) is that you confirm the data in the passport with the person in front of you at a booth as you check everyone as they go through.

There is no reason to broadcast this info at ALL.

It's like having two computers next to each other (2 meters apart) in a "security" installation and using 2 wifi cards to link them instead of cat5.

1) it's more expensive to use wifi
2) you have no need to broadcast due to range
3) not only do you not need to, there are now a pile of security problems you have to deal with which aren't needed.

When will these fucktards learn to stop pissing taxpayers money away on "futurists" to help enslave us with at worst crappy overbearing over intrusive government leaning toward fascism, at the least they are wasting our money and enslaving us with red tape.

Re:why

to find fakes, foo.

Re:why

[pjt33]

The reason they put forward is that if they require electrical contacts to read the data, the contacts will wear away. I don't quite understand the reasoning: the chip-and-PIN credit and debit cards recently introduced in Britain use metal contacts, and most people use their credit or debit cards more frequently than their passports.

Re:why

[xSauronx]

when they are voted out of office BECAUSE of this type of thing. Which will never happen, because the average voter doesnt know, and doesnt care about this. I could ask anyone I know and most of them wouldnt know what a RFID is at all just off the top of their head; most dont realize its what makes the detectors and places like wal-mart and wherever go off if an item wasnt scanned and thats an amazingly common use of the technology that is now almost unavoidable.

People are ignorant and just dont care; thats why they dont know about this type of thing, and its why they dont know how to use a computer, or how to change the oil in their car, how to hardboil an egg (yes, ive heard people ask how to do it) among a number of other things that some people take as common knowledge because we give a damn and most people dont.

oops /rant

Re:why

[iminplaya]

When will these fucktards learn to stop pissing taxpayers money away on "futurists" to help enslave us...

When you vote them out of office. The majority of people posting here have that power. Otherwise, you're just enslaving youselves. If you can't out vote the whackos, then pick up a gun and defend yourself.

Just don't microwave it...

[Mulletproof]

Tinfoil shielding? While that may work, why not just design it to be readable at a shorter range?? I mean, it can't be that hard, can it? Over-engineering strikes again...

Oh, and let me guess... I'm going to have to remove this from my person as well just to pass through the metal detector unmolester, right?

Re:Just don't microwave it...

[Sycraft-fu]

Because how far away you can read something isn't fixed by design. They can't make the radio waves suddenly stop propagating at a certian distance. So someone could just design a bigger, more sensitive antenna and read it from further away. They also want to make it strong enough so that the legit readers can be simple and small. A shielding just solves the problem. You can't read it period, unless it's open.

Re:Just don't microwave it...

[joshuaobrien]

A shielding just solves the problem. You can't read it period, unless it's open.

And when it's open, the bad guys can read it from around the corner without your consent.

Back to square one.

Was my idea!

[MalikChen]

They stole my idea! I guess I should use a thicker tin-foil hat when walking around in public.

All it takes

[Lord_Dweomer]

All it takes is one person to steal someone's identity via this method and people will hopefully wakeup to the crock of shit this really is.

Of course the first person to steal that data would most likely be labeled a terrorist and be...disappeared.

Re:All it takes

Here's a clue: no one wants your identity, you worthless reject.

Re:All it takes

Here's a clue they don't give a shit whos identity it is, so long as it isn't theirs they can do what they hell they like and YOU will get the blame.

Cliche

[jbfaninmo]

So now I can walk around with a real life cliche in my pocket, and use it to enter foriegn countries?

Now I just have to wait for the day that my PDA, phone and laptop can form a wireless Beowulf cluster that I can wear...

Re:Cliche

It's not just for foreign countries. It will be for domestic use also.

If the issue is forged passports

[Coryoth]

The what's wrong with cryptographic signing? Strong cryptography should have been used in passports a long time ago. The principle would be simple enough:

The name, photo and other information is hashed and then signed by the issuing authority. Airport checks are then a matter of verifying the signature. You can't forge a passport without the private key of the issuing country (which I presume they will guard closely), and modifying an existing passport will invalidate the signature.

The only tricky point here is photos: You can't scan the straight photo for the check because of all sorts of tricky alignment and scan quality issues, but that's what a chip might be useful for - it contains a hi res photo, along with the other data and signature. The hi-res photo from the chip is displayed on a terminal for the person checking the documents, along with signature verification.

Yes, you still have to have people checking photos. No, that isn't foolproof. But realistically it is as good as what we have now, with the added bonus that forged, faked, or munged passports will display as invalid due to the signature check. That's pretty damn good, especially when the resulting passport is no more invasive than what we have now.

Jedidiah.

Re:If the issue is forged passports

[Jebediah21]

It would never have popular support. Many people don't have a clue about crypto and this would mean nothing to them. Look at air port screening. Everybody here knows it's bullshit but it makes the clueless feel safer. Each flight attendant would be made to hold a yellow balloon the entire flight if it made people feel safer.

Re:If the issue is forged passports

[Sycraft-fu]

Well it's not normal people that need to know or care, it's the governments, since they issue them. Normal people woldn't even need to know what the new string of letters and numbers meant. It's not about making people feel safe, it's a really good suggestion for making passports very hard to forge. I'm actually kind of supprised it hasn't been suggested before. I mean unless the algorithm in use was broken or something like quantum computers comes out, it'd be unbreakable. You could not modify a passport and produce the correct signature.

Re:If the issue is forged passports

[Coryoth]

Really the people don't need to know or understand the crypto. They just need to be told that a lot of very smart people made sure that you can't fake a passport and still have the green "verified" symbol show up when you get checked. You'd be surprised how many people aren't interested in asking "why?", or "really, how?" when told "it works, trust me" as long as the person saying "trust me" is the government.

And what of all the people who don't trust the governments word? Well the paranoid are exactly the people that will know and understand the crypto, so it's not a problem.

I think the real issue is that it would actually involve real change, and odds on if they did do it they'd make a complete mess of the crypto used, there would be outcries from those in the know, and everyone else would just blindly assume it worked perfectly.

Jedidiah.

Re:If the issue is forged passports

[geoff_smith82]

I think this idea could also extended to cheques. Instead of just having bank/branch,account number and cheque number on the cheque, some extra numbers could be added that was a hash and then signed by the bank to signify a genuine check.

Re:If the issue is forged passports

[tater86]

If I understand what you are saying correctly, this wouldn't help the problem. Your solution would be vunerable to a replay attack. All someone would have to do is copy the data and the signature, there would be no need to forge it. If the picture is stored on the chip it makes it even easier.

Re:If the issue is forged passports

[caino59]

yea, and then they pull up the photo on the card and whoa - it doesnt match who they're looking at.

thanks for playing, try again.

Re:If the issue is forged passports

[tater86]

Based on the number of people I know who use other people's IDs to get into bars, I don't think you have to look all that much like the person in the picture. Passports are good for 10 years, people's appearance can change quite a bit in that amount of time. Dyed hair, a beard, or glasses can make it even easier to make it difficult to determine if you are actually the person in your picture.

Re:If the issue is forged passports

[FlopEJoe]

I was with you until "...unless the algorithm in use was broken..."
It's been said many times, here and elsewere, a secret algorithm doesn't make it good. PGP's source is available and it still takes brute force to crack it. Unless the masses can see and hack at an algorithm, you can't be sure it's good.

Re:If the issue is forged passports

Perhaps you misread him. I read that statement as "a flaw is found in the algorithm", which can happen to *any* algorithm. And I'd add the problem of using a sufficiently large key.

Re:If the issue is forged passports

[joshuaobrien]

They just need to be told that a lot of very smart people made sure that you can't fake a passport and still have the green "verified" symbol show up when you get checked.

But you will be able to do that. There's always some way around it. The government doesn't need to make the system perfectly secure, they just need to make it sufficiently difficult to forge passports or defeat the checking process some other way.

And the people should get to choose how many of their tax dollars go to hardening that process.

Re:If the issue is forged passports

[anum]

Normal people vote. Where do you think these Governments come from anyway?

Re:If the issue is forged passports

[PSC]

what's wrong with cryptographic signing?

There's nothing wrong with cryptographic signing, nothing at all. In fact, it would be a pretty good thing for precisely the reasons you gave, and I would even extend it to banknotes.

But what I strongly object to is contactless transmission, including any kind of RFID.

Nowadays everybody and his dog can read out RFID chips. They don't have to decipher it, they don't have to forge it - it's bad enough they can read it. It's just none of their business! Back in 1890, the later US Supreme Court Justice Louis Brandeis said, privacy is "the right to be left alone." I couldn't agree more.

Your concept doesn't even require contactless transmission. Let the card have some smart card-like readout pins. At the airport, have the security guard put the ID card in some card reader, and pronto your hi-res photograph complete with signature validation is on the screen, the guard looks at it, looks at your face, and returns the card. Pretty painless, uh?

And in fact even more secure: the check-in lines are long at airports, so lots of people with their ID cards near the readout point. Makes RFID more difficult (though not impossible, just a bit more error-prone). No problem at all with contact-based readout.

Following the idea of RFID-signed banknotes, the drawbacks of contactless transmission become obvious: a criminal can check you for money by simply pointing an RFID reader in your direction. He knows in advance that you're worth a shot, figuratively speaking. And he'll find the money in your money belt, too. Stupid, stupid idea!

(And this example also demonstrates that the need for privacy has nothing to do with this "I have nothing to hide" bullshit simple-minded people often give you. The amount of money I'm carrying falls by no means in the "nothing to hide" category, nor is it embarrassing, or sinister, or something. It's just not your business. Period.)

Have it contact-based and all those severe security and privacy problems disappear.

Re:If the issue is forged passports

[Jebediah21]

Heh, you're right they would probably make a mess of it. It would be far easier and less risky to make passports shiny than implement crypto.

Re:If the issue is forged passports

[Jebediah21]

It's a good idea, no doubt. The thing is it costs money to do and won't make people feel all warm and fuzzy. Take the newer $20 bill for instance. That serial # helps track and prevent counterfitting but it's the shiny 20 in the corner or redish color that everybody notices.

In summary if the crypto could be pretty it would have a better chance of being implemented.

Re:If the issue is forged passports

[Devalia]

... patent submitted...

:D

Re:If the issue is forged passports

[caino59]

i should hope that someone leaving/entering the country would warrant more than a casual glance at an id....

bars vs airport security/border security are a lil different....

Re:If the issue is forged passports

[tater86]

Have you ever left the country? You can hope all you want, but no one has ever looked at my id for more than a few seconds. When I've had people in my car, we've never been asked to get out. Looking from a booth at customs into the far back seat of a car is at least 8 feet. If a photo were a reliable form of identification, there wouldn't be so much interest in biometrics.

Re:If the issue is forged passports

[caino59]

yah, i guess lately they are more concerned about groping people than who they really are...

Re:If the issue is forged passports

[Knetzar]

Why not just have a unique number on the passport (I'm sure there already is one), and then have the airport request the importent information from some central server? Makes it even harder to hack (especially if WORM media is used on the server).

That would be a major PITA

[Hanji]

With airport metal detectors, if you ask me. You know most people are gonna forget to remove their *passport* before going through the scanner ... after all, what the hell would be metal in there, and most people are uneasy about letting their passports out of their possession, even just for a trip through the metal detector.

Re:That would be a major PITA

[dokebi]

RFID are too small to trigger airport metal detectors. I walk through them all the time with my RFID tag.

Re:That would be a major PITA

[Igmuth]

RFID tags by themselves are too small yes. But the topic at hand is Tin foil wrapped passports!!!!

Re:That would be a major PITA

[dokebi]

I read the parent post as about regular folks leaving the passport in their pockets, thinking there would be no metal in there.
I wonder if electro-static bags would trigger metal detectors. I would think because they are not laminar, they won't. I should try this out the next time I fly.

Re:That would be a major PITA

Wouldn't it be ironic if the next 9/11 used metal blades hidden in rfid passport sleeves.

Bzzt. American over here!

[bluntyetsharpe]

It's one thing to get a reader to gather all my personal data, but at what distance can equipment detect the presence of one of these chips? Is the US the only country using them? I don't like the idea of walking around with a US Passport emitting signals to advertise my nationality.

Re:What? ITS A JOKE?

[ravenspear]

Given the stupidity of some of our current leaders, and the content of your post, I wouldn't be surprised if that has already happened.

You're dumb.

The idea is that anyone going around with a portable RFID scanner could get all sorts of fun personal info from you and potentially steal your ID. Even if it only worked from 1 foot, in a crowded airport a person walking through could scan hundreds.

One step forward...

[webender]

The new passport is smaller, lighter, more durable and contains more information than any previous passports, however the lead carrying case kind of makes it a wash.

Re:Hah!

It depends upon what you think with.

Ain't gonna happen

Your proposal makes FAR too much sense to ever be implemented by a government.

Re:Ain't gonna happen

[jonwil]

And besides, like the USA is going to allow the "strong crypto" required to make it happen to be installed in all those airports around the world :)

It doesn't work that way, it's passive

The distance from which you can read an RFID chip depends almost entirely on how much power you're willing to run through your transmitter. The RFID chip is just a passive thing that runs on the correct frequency of radio waves coming in.

Anyone trying to read your passport is likely to be less concerned about damaging your kidneys than you would like.

Not tin foil... but

a thin metal 'mesh' in the cover should work

Good Times

[Alex+Belits]

Good Times email-borne virus was a joke, too.

Then Microsoft "blessed" the world with Outlook Express.

Re:Good Times

[Flatline_hun]

As well as picture viruses. (or virii? which one is correct?)

what happens if the private key is compramised?

[vena]

are you suddenly faced with several billion passports that are no longer valid or what?

Re:what happens if the private key is compramised?

Have multiple private keys with only 10's of thousands of people per key?

Re:what happens if the private key is compramised?

[AndyL]

You could rotate the private keys based on the date issued and the suspect passports would eventualy expire.

Still not perfect, but even if the cryptographic part failed completely it would still work as well as it does now.

Re:what happens if the private key is compramised?

[Coryoth]

are you suddenly faced with several billion passports that are no longer valid or what?

Presumably each country has it own keys, and potentially a large number of keys each. If one key gets compromised the number of passports invalidated is reduced to a manageable size. You can create a new key pair whenever you need to, so potentially a single key might only cover 10,000 people or so.

But yes, compromise of a key would be a very serious issue indeed, even with those measures. That just means that protecting the keys needs to be taken seriously. It wouldn't be hard to have large keys that won't be soon broken. And remember, most passports need to be reissued every 5 to 10 years, so you can simply roll them through to newer larger keys when they get renewed to cover increasing compute power.

Jedidiah.

Re:what happens if the private key is compramised?

[Coryoth]

Sure, and people will always be stupid. The passports get invalidated, and if everyone in a given country has to get their passport reissued they'll be pissed off. If it happens more than once they'll vote in someone with more sense. Well, hopefully they would. You can never tell with some countries.

Jedidiah.

Re:Wait...

[poningru]

No, he was marked redundant because this exact same scentence was already in the post.

He ain't kiddin'.

[Moofius.the.Cow]

I've actually seen one of these things in use during after-Christmas returns season. We were standing in the excessively long line, an' this guy comes up to one of the clothing racks. He opens up his shopping bag lined with foil and duct tape, stuffs a sweater inside, and walks off through the security gate without setting it off. Clerk was busy, it was done at an oblique angle from the security cameras, and 5 minutes later he looks just like some regular bloke walkin' the mall.

All he'd have to do after that is pull the tags and trash them, and he could pick off any store he wanted.

Warning:

[lawpoop]

If you feel you need a tinfoil hat, do not use aluminum foil. Make sure you use actual tin foil. Aluminum foil hats actually broadcast your thoughts to anyone who might be attempting to... intercept.

Re:Warning:

[joshuaobrien]

Oh no you don't. You're just trying to get us to switch foils so that you'll be able to read our thoughts!

Re:Warning:

[xystren]

Make sure it's shiny side out....Your brain will melt if it's shiny side in.

Oh, wonderful.

Now someone can phish for identities by building a reciever in their car and driving around down looking for signals.

Does this strike anyone else as a bad idea?

Tin foil wallet

Hmm... I see a business opportunity offering tin foil wallets for paranoid, err I mean concerned citizens.

It's scarey they think that is a solution

[goombah99]

I'm not sure which is more worrisome, one that they are so cavalier about leaving unencrytped biometric information one is force to reveal (to get a passport) or that they actually beleive tinfoil solves the issue.

why does tin foil not solve the issue? well in most european countries you have to hand over your passport to get a hotel room. Presto, the passport reader can work.

likewise their other solution, putting a printed password inside the passport is equally broken. Again the hotel has access to your passport pasword.

these people are dangerously a) stupid, b) in charge.

Re:It's scarey they think that is a solution

[nomel]

They should use some optical mehtod...say, a picture, and printed text :P

Seriously though, they could use some type of barcode system like the UPS and FedEx use..but with data compression, if it's not already. If they laminated it, and used big enough dots, it should be fairly robust.

I'm not a fan of magnetic data storage since magnets are too common. Although, they could use a high coercivity strip...still though.

Re:It's scarey they think that is a solution

[4r0g]

why does tin foil not solve the issue? well in most european countries you have to hand over your passport to get a hotel room. Presto, the passport reader can work.

Reading too much of "The Da Vinci Code" eh? As an EU citizen, I'm not even carrying a passport when I'm going to an another EU country (except UK). And I never get asked a passport when checking into a hotel, credit card is all they're interested in. Whereas when traveling to the US, one has to answer all sorts of questions (including whats the purpose of the trip and which hotel).

Re:It's scarey they think that is a solution

But you are aware that you're required to bring your passport when travelling to another EU country, right?

Thanks to the propaganda of the EU fanatics, not many are aware of this...

Re:It's scarey they think that is a solution

[The+Flying+Guy]

That would be a very bad idea, you need to be able to identify yourself in a foreign country (and even inside your own country for many of them (Holland from 1st of january, Belgium, etc). Also hotels but more so campings require you to leave some form of legal ID with them.

Re:It's scarey they think that is a solution

[Xolotl]

Actually, no, you don't have to bring your passport. You just need legal ID, which in most EU countries means a national ID card. It's quite enough to move around in the EU with.

Re:It's scarey they think that is a solution

[moonbender]

I just checked this, and you're right: when travelling to France or the Netherlands I need to be have some ID. Either my passport, or my national ID card, which is more convenient. I guess the same will be true for those EU countries other than Germany that also have their own national ID card.

I don't see what the big deal is, though, but then I was brought up in a country where having an ID card is taken for granted. The cool thing about the Schengen countries is that you don't have to pass through some border control post. I don't like waiting in line for an hour. I could care less if I need to be able to identify myself when passing the border.

Re:It's scarey they think that is a solution

[Drache+dreizehn]

Actually, I think the issue really isn't about officals being able to read the RFID, but rogue scanners (identity theives, terrorists, whatever) grabbing information from individuals in a crowd that do not realize that their passports are being scanned. Check out Bruce Schneier's blog entry http://www.schneier.com/blog/archives/2004/10/rfid _passports.html

Re:It's scarey they think that is a solution

[rew]

I am (an european and..) by law not allowed to hand over my passport unless there is a legal duty to do so.

Most hotels honor my: "Sure you can make a copy, but I have to keep my passport on me". That's enough of a middle ground that it is usually accepted as a solution.

Of course, they have to do business with me. So if I fail to comply with their house-rules, they can refuse my business.

So now I can't open my passport safely?

[YouHaveSnail]

However, both they and the New York Times have published articles reporting vendors' low-cost solution: '[I]incorporate a layer of metal foil into the cover of the passport so it could be read only when opened.'

Well that's just a fantastic idea. Now I don't have to worry about someone surrepticiously snagging my personal data as long as my passport is closed. Of course, my passport isn't actually useful if I can't let someone open it.

RFID is an interesting technology with a lot of potential, but passports are a stupid, stupid application for RFID. There are much better technologies for passports. Magnetic stripes and bar codes both do the same thing RFID does, but only at close range and with the permission of the document's holder. There are some 2D bar code symbologies out there that store more than enough data for this application and which are highly redundant, therefore resistant to dirt, wear, etc. Bar codes can be read very quickly and require no contact, which means less wear on both the documents and the readers.

The main thing that RFID gives you over bar codes is the ability to read them without the document holder's knowledge, and that makes me very suspicious of anyone who insists that we must have RFID in passports, drivers licenses, etc.

Re:So now I can't open my passport safely?

[okmnji]

Don't attribute to malice that which stupidity sufficiently explains. In case you haven't noticed, the Marketing Department (tm) has picked up on the terms 'RFID', 'wireless', and 'biometric identification' recently on the technology front. They have also picked up on the words 'terrorism', 'passport', and 'security'. True to marketoid form, the buzzwords are taken and randomly thrown together with such words as: 'paradigm', 'synergy', 'low-cost', and 'solutions' among others. Since all the words are important, any combination of them must also be important and good.

Some people probably do want to use the itty-bitty chips to track others. But most of the people pushing things like this are just plain stupid, not out to get you.

Re:So now I can't open my passport safely?

[YouHaveSnail]

But most of the people pushing things like this are just plain stupid, not out to get you.

Of course, but these stupid people control the passport that I must carry when I leave the country. Their stupidity therefore exposes me to significant potential harm.

The idea that random bad guys might be likely to have an RFID reader may seem far-fetched, but that's only because RFID is relatively new technology. In just a few years it'll be commonplace, and any yahoo will be able to buy a reader and use it for whatever they like. At that point, we'll all be talking about exactly how much information all these RFID tags expose, and wondering about the best way to disable them.

Security checkpoint

[srenker]

Will you have to put it through the x-ray in a separate plastic bin?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Will there be...

[TrashGod]

a variety of switches available to control readability? You may want a slim, built-in slide-switch; but I want a big ol' single-pole-single-throw toggle switch with a huge, flip-top guard like on a missle launch console!

Wireless?

Why does it have to be a contactless system? I think it would be a hell of a lot more fun if my passport had a contact-based system. And it would beat this casual tapping system.

Valid ten years

[morcheeba]

I've been tracking this for a while, so I waited to make sure I got one of the last non-RFID passports. It's valid for 10 years, and hopefully people will have solved the privacy problem by then. Hopefully.

Re:Valid ten years

You do not travel often, do you?

Re:Valid ten years

[morcheeba]

I do a bunch, depending on circumstances. I've lived in three continents and have visited five. The last time out of the States on my old passport was about 5 years ago, but I just got a job where I'll be traveling to Asia about three times a year.

Hang on - metal detectors now obsolete?

Now that the gov't wants us to wrap our passports in tinfoil I assume that all the metal detectors that we're forced to walk through at airports will be declared redundant and we won't need to ever worry about them again?

Re:Wait...

And now you are calling it a "scentence" because you think the remark smells bad?

wront thing at the wrong time

[cshah+1]

There really isnt anything wrong with our passports right now. It curreny isnt much of a security/privacy concern to anyone. so why would they want to make passports more convinent when it can cause these concerns?

Nope

Nope, he spelt it Farrady...

Re:Nope

[trick-knee]

did you mean fahrrad ?

So why not microwave it??

[foobar77]

Just zap that little chip

either as a social protest, or just to convert it back to a paper-based document.

Re:So why not microwave it??

Any one attempting to use a passport without a functioning RFID is obviously a terrorist with a forged passport.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Thank your monkey president

[rasz]

see it here :
http://www.policestate21.com/
Download it here :
http://slotorrent.zapto.org:6969/stats.html?info_h ash=9238008272765e1ef64b0b64b6387930f197b900

And now the voting thing. Look at Ukraina - they stood up AGAINST the evil government, against corrupted Russian powers trying to unite those two countries against ones will. But noo, your too stupid and too fat to move your stupid fat ass from your "I'm watching Ophra on the couch eating McDonalds and I dont care" position.

There is a very effective mind control device,,,,

installed in just about every American home:
It's called a television set.

Nice Solution Really

[Buzz_Litebeer]

If they insist on moving to RFID etc... Would it not be a nice solution to give people some kind of protective covering of this sort.

Maybe not necssarrilly tin foil, but something with tin foil in it to block it.

I think we here at slashdot are going to have to realize that these things are coming, no matter how badly we want to fight them and make them go away. We understand the risks involved, but perhaps instead of fighting the problem we should be looking at ways to make it less evil.

Not that we should have to, but we are a relatively small group who probably dont have active lobbyists working for us in the halls of government.

Crypto for a ten year document? Not likely . . .

[StateOfTheUnion]

Most passports are valid for at least 5 years. In the USA, adult passports are valid for ten years. Do you really think that we could come up with a good crypto today that would be virtually unhackable over a ten year period of time? Think about how much more powerful home PCs will be in 10 years . . .

Of course one could start issuing passports with a shorter expiration time . . .but then one must get into a cost benefit analysis of replacing passports on a much more frequent timeframe . . .

T-shirt Passport

[bamb8s]

If the Australian government makes it a requirement that new passports be e-passport then anyone holding them might as well walk around with T-shirts with all our passport details on them. Given their current track record on privacy you know that they'll stuff this up and make it relatively easy for someone with a high power transmitter and high gain antenna to snoop personal details.

Re:T-shirt Passport

[thegrassyknowl]

Who said anything about high power? They only need a low power transmitter and a fairly basic receiver that understands how to activate the wireless transponder in the passport.

That said, there was talk of the US allowing a thin metal lining in the passport cover that only allows reading the passport when the cover is open; effectively voiding the requirement for wireless, because the person processing you now has to receive and open your passport to process it! Bah!

Given that Australia (well the government, not the general populous) is so keen to become yet another US state, I would expect the thin metal lining idea to flow down under as well.

Re:Correction:

[_defiant_]

A Faraday (one r) cage needs to be grounded or it won't work. A tin foil is sufficiently 'cage-like' (when it comes to passports), but it isn't grounded.

Huh? Correct me if I'm wrong, but according to my 4.5 years of EE, Faraday cages work on the principal of Gauss' Law. That is, no EM field can be present inside because there is no charge inside. Wikipedia seems to agree with me.

So where does all this discussion of grounding come in? Googling for Faraday cage brings up this detailed article about building one, but it doesn't mention grounding either.

This page mentions grounding, but only in relations to the instruments, not the table. And this humorous article says grounding is only required if you have to have edges on your cage (we could design passport books so the edges are metal contacts).

I'd be more concerned with whether tin foil is a sufficient conductor for the higher frequencies.

Its worked before

[novalogic]

Thats how a lot of people have stolen music, etc from mall stores, line a mall shopping bag with tin foil, and it shields the RFID chip, thus letting them get past security.

Re:Correction:

[tftp]

I'd be more concerned with whether tin foil is a sufficient conductor for the higher frequencies.

Tin or lead foil is not a good conductor anyway. What you need is a copper or silver foil, best if polished. Aluminum is also OK. Direction of polishing affects the conductivity.

Australia is the new US Poodle

[Ars-Fartsica]

Move over Britain, your former penal colony is attempting to usurp your position a little yip dog fawning over the big lumbering hound. I haven't seen Australia manifest one national opinion independent of the US status quo in over two years. What has happened there?

I have a great idea

Instead of wrapping it in tin foil, it would be fun to start a company that made "rfid wrappers". The
wrappers would send a hilarious message back to the scanner like "FUCK YOU", or "THE NEW WORLD ORDER SUCKS", etc.

Microwaving it should make it invalid

[dexterpexter]

But then, when they actually applied the intended use of the RFID, your passport would appear invalid.

An invalid passport should be only as good as no passport at all. Your social protest would have little more success than holding you up, and then, you would need to get a new RFID-enabled passport before you could do anything for which a passport is needed, and you would be back exactly where you started.

I doubt that they are putting the RFIDs in for the hell of it; they probably actually intend to use that identification technology. However, if they don't have readers in place for identification purposes or worse, use them as a default-allow unless there is a bad reading (which would be a complete security hole if they use it as the sole form of identification and removed the human interaction aspect since you wouldn't throw any alarms, not being read, and thus wouldn't be flagged), your idea would work. If they are smart about it, however, it should not.

Re:Microwaving it should make it invalid

I'm guessing that the chips in the passports aren't indestructable(people WILL accidentally put them in washing machines, chrush them, etc.).
Since there's no way a normal person can test whether their passport works or not I'm guessing a lot of people will be stopped at the airport for not having a valid passport even though they believed they had.
How would you feel if you were on your way home for the holidays and they didn't allow you to fly just because of a damaged chip, a problem that didn't exist just a few years earlier? When chips start to fail, people will start complaining.

Re:Microwaving it should make it invalid

[foobar77]

Passports are valid for 10 years. Once they cut in this RFID'd versions, they will still need to accept the paper versions in parallel for 10 years until current versions expire.

Many places you travel won't have the readers. The document will need to be a valid paper document. The RFID device can only be for additional security. If the device dies, the paper must still suffice.

Anyone see Tom Hanks in The Terminal? If you require a working RFID device to reenter the country, we will have many folks living at the airport.

Re:Correction:

[pVoid]

See, here's how I remember it from class:

A Faraday cage is a conductor, so charges are free to move inside.

When the outside is exposed to a negative charge, all the electrons 'flee', and leave a positive charge on the surface. They 'flee' to the other side of the surface, to bunch up in negative charges: that is, inside the cage. Hence exposing the inner volume of the cage to negative charges, exactly at the level of incoming negative field to be exact.

When the cage is grounded, 'fleeing' electrons are not accumulated on the other side of the surface, but rather are dissipated, leaving the inner surface of the cage perfectly neutral, and hence not exposed to electrical fields.

An example of this is Coax cables. Coaxial cables are basically a faraday cage made long. Coax cables are perfectly immune to interference *only* if the outter core is grounded. If it is not grounded, they are subject to any interference the whole system is subjected to.

Wikipedia seems to have it partially right, but not fully:

Faraday stated that the charge on a charged conductor resided only on its exterior, and had no influence on anything enclosed within it. To demonstrate this fact he built a room coated with metal foil, and allowed high-voltage discharges from an electrostatic generator to strike the outside of the room. He used an electroscope to show that there was no excess electric charge on the inside of the room's walls. [Emphasis mine.]

I am fairly sure about this as a whole (about 99.995%), but unfortunately, it's been too long for me to remember the math behind it all. What my instinct tells me is that the proof by Gauss' law must have an obscure provision that is not listed in the Wiki entry either. A condition such as "all charges in the system must be within the sphere" or something of that nature.

Well, they're a bit clangy, and a bit jammy...

[allio]

Eddie Izzard was ever so right.

Rule #1: Passport is in enemy hands

[jayveekay]

A fundamental security principle with client/server architectures is that the client should never be trusted. That is, the client is "the enemy".

Given that the passport document is in the hands of an untrustworthy source, it seems that placing trust in the passport is a bad thing, regardless of what information is encoded and how it is stored in the passort. If I put the name "George W. Bush" in my forged passport, stored with my RFID encoded image, iris scan, and fingerprints (which I would have no difficulty obtaining), am I now trusted to be GWB?

If you're going to have biometric scanners, why not lookup the information in a networked database to determine who the person is, regardless of what piece of paper they are carrying?

Re:Rule #1: Passport is in enemy hands

[cpghost]

If you're going to have biometric scanners, why not lookup the information in a networked database to determine who the person is, regardless of what piece of paper they are carrying?

Absolutely! It's far easier to forge documents that people are required to show, than that networked (hopefully heavily secured) database.

Of course, this won't stop a determined attacker from compromizing the database using classic techniques of wetware hacking, corruption etc... It's always possible (given enough resources) to modify entries in government databases. That's how intelligence agencies work, when issuing fake IDs to their spies.

Re:Rule #1: Passport is in enemy hands

[FlopEJoe]

'the client is "the enemy".'

You're a Best Buy manager, aren't you?

Use Copper Instead

[dexterpexter]

Actually, if you wanted to be really clever about it and doubted the quality of tin foil (although it should be noted that most people unknowingly actually use aluminum foil), you could use a copper mesh and wrap the passport several times. Copper shielding is rather hefty.

The problem is that a shielded passport, if the RFID is applied correctly, would be an invalid passport. It therefore should do you no good since the identification methods (which should not be set to allow all until a problem comes up) should flag you for coming through without being read. Otherwise, the only ones they would likely catch are those who aren't smart enough to know how to shield their ids, which is something someone with the motive to do something would make it their business to know, thus rendering this measure ineffective. Also, if one has to remove their passport from the shielding to be read, then it is exposed (if briefly), and that invalidates the measures taken if you subscribe to the privacy concerns that someone with a reader (which you will be suprised to know are very accessible and fairly cheap for someone who stands to benefit from having one, and can actually be built practically by someone with enough know-how) could use that time to lift the information.

I am hoping that there is strong encryption involved with this implementation of RFID; not all RFID implementations are very secure and, the sad truth is, from my experience, that most are not.

This reminds me of a story I was once told by someone who did work that brought in all kinds of conspiracy nuts claiming that they were reading these people's minds. This woman came in every day with an aluminum foil hat folded on her head. Every day they would sort of shrug her off, feigning interest in what she had to say. Well, finally one day one of them decided to have a little fun with her and said "You know, we can read your mind because your little hat there isn't grounded." The next time she came by the desk, she had a chain of paperclips from the hat, dragging the ground. heh heh. Needless to say, it provided a bit of amusement for some time.

Re:Correction:

[IgnoramusMaximus]

I think you are correct. Further proof of this would be rather simple. If the cage is not grounded, and if the antenna of whatever is inside makes contact with it (or is close enough to form a hi-frequency passage via the capacitance of the gap) the cage would in effect become an extension of the antenna of the device inside.

Faraday cages

[srleffler]

Of course, if the Faraday cage isn't grounded Gauss' Law says that its outer surface is an equipotential, but it doesn't guarantee that the potential of this surface is zero. One reason why Faraday cages are usually grounded is to ensure that they do not accidentally become charged, especially when they contain equipment that is running on an external power supply.

There are other, more subtle issues. The usual textbook explanation of how a Faraday cage works assumes a static equilibrium. Fluctuating electric or electromagnetic fields will pass through the cage to some degree, depending on the frequency of the field and the construction of the cage. Grounding sometimes makes a difference in how well a cage blocks external high-frequency waves. It's not just a matter of whether the cage is grounded, but also where and how it's grounded.

In case anyone else reading this is unclear on why a Faraday cage is not a perfect barrier for non-static fields: loosely speaking, the usual analysis assumes the electrons on the surface of the metal have had time to adjust their positions so as to "cancel out" the external electric field everywhere inside the cage. If the external electric or electromagnetic fields fluctuate fast enough, the electrons will not move fast enough to completely cancel the field at all times and the signal leaks through the cage.

You're probably right, though, that an ungrounded Faraday cage would be fine for shielding a passport. I have no idea whether tinfoil would be sufficient for blocking RF though.

Re:Correction:

[IgnoramusMaximus]

Furthermore, along the same line of thought, the simplest form of "disabling" the RF chip inside the passport wold be to simply "short" its antena when not in use, say a tab one has to pull out to activate the thing.

A seriously dumb idea

[Semisane]

It's easy enough to think about how any technology that lets passports be read at range could be abused. How easy would it be, say, for a suicide bomber to use a portable RFID scanner to ensure that they choose a 'target rich' area in which to detonate themself? Even if the personal information was encrypted, the format of that information would probably betray the nationality of the bearer, which is certainly a characteristic plenty of unsavoury characters would want to know. Weight those risks against the complete lack of benefits and this seems a pretty dumb idea indeed.

Re:A seriously dumb idea

[SCHecklerX]

Even worse: Now a bomber can program his bomb to automatically go off when a specific person goes by, or a person from a specific country. No self-sacrifice necessary.

Re:A seriously dumb idea

Normally dumb ideas arise from an ulterior motive.

Perhaps they want to see who has two passports in their luggage or home.

Make it a stealth passport...

[outanowhere]

There are some rather nice materials on the market that can keep any rfid device from being detected.

The materials vary, from resistive carbon and film laminates (super-cheap, short-lived) to to ferrite-embedded epoxies (very cheap, very hard, brittle, very long-lived) to amorphous magnetic alloys (cheap, stiff, useless-if-bent, very long-lived) to nanocrystalline magnetic metals (expensive, hard, stiff, bendable, very long-lived) to magnetic nanocystalline-embedded plastics (pricey, soft, flexible, not too long-lived).

Similar to materials used to skin the Northrop B-2 bomber, these will prevent most any rf-powered rfid device from operating and being detected and are a bit more discreet than wrapping a passport in foil like a burrito--and more durable.

They can be made to be like wallets, purses, pouches, hard cases, et cetera.

They do work on library books, SAW devices, Wiegand devices, and those Motorola RFID badges.

They also work on a wireless memory device under development--sort of a RFID device with a super-huge (4Mb++++), alterable "serial number" similar to the DalSem 1-wire stuff except that there's zero wires, read/writeable from 3.2+meters.

From the viewpoint of an RFID reader designer...

[Serious+Simon]

I design RFID readers similar to those that would be used to read these passport tags, so I might be able to add some useful insights.

First of all, I agree it's unlikely that a reader could energize an ISO14443 tag from much farther than about 4 inches. It's possible to use a stronger field than allowed by local EM regulations, but with magnetic coupling antennas such as ISO14443 systems use, the field strength drops approximately with the third power of the distance, and the power needed to get that field is the square of the field strength. To read at 4 inches, a power of about 100 mW is needed. So to read at 40 inches, you would need some 10,000W, and trying to operate a reader for 400 inches would be like detonating a bomb...

So the likely scenario for reading at 30 feet would be "listening in" using a big antenna and sensitive receiver to the exchange of data between a legitimate reader that is much closer to the tag. Such an antenna could be mounted in a big suitcase, for example. As it would not transmit it would be difficult to detect.

Secondly, I can confirm that any well-conducting sheet metal covering the tag will effectively short the magnetic field of the reader, so that the tag can not be energized, there's simply no way to read it. Aluminium foil would work perfectly.

Thirdly, many ISO14443 tags contain support for public-key cryptography. The reason to include this is that the data exchange between the reader and the tag can be encrypted so if someone would be "listening in" it will be very difficult to obtain any useful information. Because of this security feature this kind of tag is often chosen for transport fare systems, access control, etc. It seems a shame not to use this, but I think the reason is that the tags should be readable worldwide, so that many readers containing the private key will have to be in existance. It would only be a matter of time before some wrongdoers get such a reader in their hands, and the private key contained in it gets out. Once an unauthorized party has the private key, the encryption will be practically useless anyway (compare this to the CSS encryption of DVD's).

Happy to Hear This

[HeghmoH]

My objection to this entire scheme was that it would allow random people to read my passport from a distance without my permission. If it can only be read while open, that basically takes care of this problem. Hooray!

Re:Crypto for a ten year document? Not likely . .

[kcb93x]

Not everyone needs a passport, however. So the cost-benefit might be better yet. I don't know, it's late and I'm tired. Just my $0.02.

Re:Correction:

[_defiant_]

Please excuse the spelling. I'm tired, and it is past my bed time tonight.

A Faraday cage is a conductor, so charges are free to move inside.

Let's clarify this real quick: I assume you are talking about the inner and outer surfaces, not the volumes.

When the outside is exposed to a negative charge, all the electrons 'flee', and leave a positive charge on the surface. They 'flee' to the other side of the surface, to bunch up in negative charges: that is, inside the cage. Hence exposing the inner volume of the cage to negative charges, exactly at the level of incoming negative field to be exact.

(digging out my handy Elements of Engineering Electromagnetics, 5th Edition, Rao)

Right, this is a physical explaination of the boundary condition that says the discontinuity in the E field between the sides is equal to the amount of charge present on the conductor. However, you're forgetting to mention that our conductor in this case is a closed surface, and that surfaces are equipotential. Charges don't bunch up on one part of the inner surface, they distribute equally. And assuming the surface is closed, mathematics necessitates that all the internal E fields will cancel.

Otherwise, you would have an imbalence, and would create an E field in a region that does not contain any charge.

When the cage is grounded, 'fleeing' electrons are not accumulated on the other side of the surface, but rather are dissipated, leaving the inner surface of the cage perfectly neutral, and hence not exposed to electrical fields.

True, but unnecessary. The E fields are going to balance perfectly anyways, and cancel themselves out.

An example of this is Coax cables. Coaxial cables are basically a faraday cage made long. Coax cables are perfectly immune to interference *only* if the outter core is grounded. If it is not grounded, they are subject to any interference the whole system is subjected to.

Ummm... not really. Assume you have a positive current on the center wire. Using the right hand rule, this creates a positively charged, cirularly symetric E wave that radiates outwards (think throwing a rock in a pond). If you pass the negative equivalent of this signal on the outer shielding, you generate an opposing E field that will directly cancel the internal one. Again, you don't have to ground the external shielding.

Of course, this is all theoretical. As someone else mentioned, the electrons can only propagate so fast, and there will be some delay. But I believe it will work well enough. I'm not sure what frequency they use for these chips, but it can't be too high for something so simple.

OCR-Line

[Confused]

I'm also totally baffled by this RFID craze.

European Passport have at the lower edge a line printed with the OCR-B font which encodes all the necessary data from the passport. All border stations have a small OCR scanner to swipe passports.

This system is simple, robust, easy to verify in case of inconsistency (eg the reader reads something else than the rest of the passport shows) and quite cheap to implement both on the passport and for the reader.

To top it off, the system raises very few privacy concerns, as the content of the encoded line is the same as the human readable part and everybody can easily verify this. No secret data hidden there.

Re:OCR-Line

[h4rm0ny]

I'm also totally baffled by this RFID craze.

I'll offer two non-mutually exclusive reasons.

First possibility: Someone can make money out of this. We therefore have an incentive for some parties to play up the supposed advantages of this technology.

Second possibility: Some people at "the top" aren't very tech savvy and are easy prey for the former group.

Third possibility: Some people at the top are under constant pressure to be doing something, even if we now have a system that works as well as can reasonably be expected (there comes a point when the resources required to achieve 100% are less than the damage 0.5% that get through). However, if you have to be "doing something" when there is nothing to be done, then you're going to start going backwards.

Re:OCR-Line

[swillden]

European Passport have at the lower edge a line printed with the OCR-B font which encodes all the necessary data from the passport. All border stations have a small OCR scanner to swipe passports.

Not just European passports, all passports currently have this OCRable font -- it's part of the ICAO standards -- and most immigration stations worldwide have the readers.

It's being augmented/replaced because it's considered to be functionally inadequate, not because of some RF technology fixation. There's no way you can encode as much data into a line of printed text as you can store in a few square millimeters of EEPROM. The notion of using an RF interface rather than electrical contacts arises from desires for ease of use, durability and simplicity of manufacturing.

You can, of course, argue that adding more data to the passport is a bad idea. But if you assume that it's a good idea, contactless makes a lot of sense. If it's done with appropriate focus on privacy and security, that it.

Re:OCR-Line

[Embedded]

My Canadian Passport is OCR-B readable as are all EU passports except some British one naturally to CE standards! One problem Database alteration!

In the realm of Hightech Lowtech instead of seeking the highest cost implementation why not put biometrics on a pitted Aluminum foil inside cover of the passport. Yes Will Robinson you read it just like the CD business cards with a circular rotation laser and a cheap feed. If memory serves this is a slightly modified CD burner / reader! All passport covers are blank and burnt at you freindly neighbourhood passport office with of course pgp and thwate digital signature of the issuing office! ..... What problem!

Re:OCR-Line

[Martin+Blank]

RFID makes it inherently insecure. Unencrypted, it allows anyone to read the data. Encrypted, it means you will never know precisely what is encoded in your passport. Unencrypted and containing only information to link to a central database, it means that you will nevr know precisely what is encoded in your passport, and international travel operations come to a complete halt if that database becomes unavailable (crash, telecommunications link outage, whatever).

Barcodes are a far better solution. They can store sometimes amazing amounts of data. Doing a little research, PDF417 stacked linear codes, printable at 100dpi and so fairly robust, can reliably store ~850 bytes of alphanumeric characters and symbols and can include error correction (the specs allow for more, but several sites claim that above this, reading the codes gets problematic). At full size (30 columns by 90 rows with dots of 10 mils wide by 30 mils tall and including some excess size called for in the specs), this results in a code about 2.3cm by 1.1cm -- fairly large, but small enough to fit onto a dedicated page in a passport -- maybe even printed on the back or on the inside front cover for quick access by the customs agent.

This would allow name, country of origin, address, notes on military or government affiliation, immunization, and maybe even a space for optional information desired by the holder, such as allergies and blood type, that could be scanned by a hospital in the destination country should something happen (I don't have a passport myself, so some of this information may already be on it, but you should get the idea). This should be plenty for the basic information, and if tracking information becomes required for each visit, then a printer can be added to each station to allow (much smaller) barcodes to be added, possibly indicating entry and exit dates and information about whatever visas were used and possibly information on if the person is to be let back in (perhaps due to trouble with the law, overstaying a visa, etc).

The advantage here is that the barcode could be read by someone other than customs officials, and one would know exactly what was put in because it would be readable by anyone with a scanner that can read the barcode standard. No worries about someone walking through an airport with a low-powered radio, collecting information about hundreds of people in one pass. Simplicity, practicality, elegance.

Re:OCR-Line

You forgot #4.
Big Brother Loves You.

Re:OCR-Line

[grimwell]

Fourth possibility: It is easier for spy agencies to re-program the chip, then print a new passport.

Re:OCR-Line

[swillden]

Unencrypted, it allows anyone to read the data. Encrypted, it means you will never know precisely what is encoded in your passport... Barcodes are a far better solution.

Barcodes are identical to RFID in this respect.

And there is absolutely no comparison in terms of data capacity. EEPROM and especially Flash RAM can pack much larger quantities of data in very small spaces.

Re:OCR-Line

[Martin+Blank]

Yes, but how much information actually needs to be stored in a passport? And does it need to be encrypted? The point is that RFID can be read from a distance. Even if that distance is under a foot, how many IDs could you grab going through an airport with a low-powered transmitter? Barcodes require the passport be removed from luggage or jacket and the barcode passed under a scanner to be read. No significant risk of ID theft from this method.

Re:OCR-Line

[swillden]

Yes, but how much information actually needs to be stored in a passport?

I don't know. Do you? To answer that question properly, you probably need to be an experienced immigration official, or at least have some in-depth discussions with one.

However, I do know that one of the things that governments want to add to passports is biometric templates. The goal is obviously to make it harder to use a stolen passport. As someone who is concerned about privacy, I don't want unprotected biometric templates stored in my passport, and I really don't want the government keeping the data in a central database.

Fingerprint templates, which are generally in the neighborhood of 500 bytes, can realistically be stored in 2-D barcodes, but most other biometric templates would stretch the limits of barcode capacity.

And does it need to be encrypted?

It does if there's significant non-public or abusable information there. Well, it needs to be protected, anyway, which isn't necessarily the same as encrypted. If I were designing the system the chips would require a cryptographic authentication before they gave up any data, but the data itself wouldn't be encrypted in the EEPROM. It probably would be encrypted while in transit between passport and reader, though.

The point is that RFID can be read from a distance.

Not if it's shielded.

Barcodes require the passport be removed from luggage or jacket and the barcode passed under a scanner to be read.

Same with RF chips that are shielded or otherwise disabled when the passport is closed.

Re:OCR-Line

[walter_wpg]

From what I have read about RFID devices, the "chip" only contains a very long unique-in-the-universe "serial number". It does not contain your name or address or blood type or bank balance. The unique serial number must be used in conjunction with a database somewhere. The serial number points to records in the database where the data is stored, and can be easily updated. You typically cannot write data to an RFID chip, and the serial number is "hard wired" at the time of manufacture.

Re:Correction:

[_defiant_]

Right! But it isn't a faraday cage if you let the internal thing you are trying to protect touch the surface. You've defeated the purpose!

I did it! Now it really does not work at all!

> Again, this is very easy to test -- just wrap
> your cell phone (or any other radio) in tin foil
> -- it will not work.

Man, you are genius! I've done it and my phone does not work! Actually you even do not have to keep it in the foil very long! I kept it for couple of minutes, took it out and tadam! phone does not work!

Yeah, great idea to track us all

[kt0157]

So you're happy with the idea that every place you use your ID will be tracked and stored in a central database?

The UK ID card scheme proposes just this. The Government wants private sector organizations to use the ID card and the database (called the National Identity Register). So everything you do with your ID card gets tracked.

Am I the only one who is a teensy bit troubled by this proposal?

K.

Re:Correction:

[IgnoramusMaximus]

Right! But it isn't a faraday cage if you let the internal thing you are trying to protect touch the surface. You've defeated the purpose!

You dont even have it to touch as I mentioned, a mere proximity will be enough since the gap if small enough will act as a capacitor which passes through RF. Anyhow, I didnt defeat it, since the whole insane idea of RF tags and tinfoil flaps is a product of some seriously bad crack to begin with. Just off the top of my head I can think of many ways of abusing it while at the same time I can think of many much cheaper and more secure ways such as (gasp!) cryptographic signing and barcodes to allow machine reading. Even if you insist on a chip, a traditional full-contact smart-card chip or even an optical, laser activated equivalent of the RF system if you absolutely must. This whole thing is yet another Halliburton-style boondogle/corporate-charity for the admiring corporate "backers" of the elected officials. Much as the whole "war on terror, drugs, imorrality, alcohol, name your strawman here" is.

In other news...

[bStrom]

...companies that make lead passport cases finally profit.

Re:Bzzt. American over here!

[pjt33]

Blunkett wants to have them in British passports too. The signals transmitted will probably include nationality, though, so don't let that make you feel safer.

If You're Going to get Searched With The Wand

[Greyfox]

You may as well have some fun with it. Your tinfoil passport is going to set the metal detector off anyway, so take a page from Spinal Tap and wrap a cucumber in tinfoil and stuff it down your pants, too.

Mmm bet I'll be on the TSA's shit-list after posting this...

Joke?

Don't they know that the whole tinfoil hat thing is supposed to be a joke?

That's just what they want you to think!

Re:Correction:

[Cow+Jones]

Wikipedia seems to agree with me.

Ha! And now Wikipedia agrees with the grandparent again.

(just kidding)

Can anyone confirm this?

[Mark_in_Brazil]

actually, shoplifters have been using this method (wrapping in tinfoil) for a while now. same kind of concept.

Can anyone confirm if this really works?

My mother has one of those electronic passes for the toll highway she takes to work and back. The pass comes with a metallized plastic bag into which the user is supposed to place it when she does not want the toll booth to automatically detect and charge (as in money) the pass.
I am not sure if that device uses RFID, but the basic principle is similar. The tollbooth (or store stocking, security, and possibly checkout systems, or the government's Big Brother-style citizen tracking infrastructure) detects the device at a distance and takes some action upon doing so. For various different reasons, people might want to block detection of these devices, and I'd like to know which blocking schemes work and how well.
Mom did a few experiments with her highway pass. She noticed that the way the tollbooths (both entering and leaving the highway) responded differently when she had the pass in the bag than when there was no pass in the car. So even though putting the pass into the bag did keep it from being used for that particular trip, it did not keep the highway authorities from knowing the bag was there and tracking the user's movements.
I'd really like to see reports of some tests of RFIDs and similar technologies with different shielding schemes. Does a layer of tinfoil work? Two layers? Three layers? etc. (Anything beyond 5 layers starts to get to be difficult). What other schemes work, and how well?
Of course, the DMCA might complicate this, because while I see blocking schemes as a means to protect privacy, others see it as a way to shoplift, and the RFID companies and US government will almost certainly see them as "circumvention."
Maybe somebody in Europe could do some tests...
I found this article in Wired (referenced by most of the first 60 hits in Google), but the article contains exactly what I was thinking:

Privacy activists at the workshop also said the companies promoting the new standard for using RFID tags, called the Electronic Product Code, are exaggerating RFID's limitations in order to assuage consumers' privacy concerns.

So... anybody know of reliable tests?

--Mark

Re:Can anyone confirm this?

[InfiniteWisdom]

She noticed that the way the tollbooths (both entering and leaving the highway) responded differently when she had the pass in the bag than when there was no pass in the car.

Different how? All I've ever seen tollbooths do is say "EZ Pass. $x.xx. OK" and then raise the barrier. Did start to raise the barrier, hesitate, bring it back down and then say "Um. yeah. no ezpass. wink wink"?

Re:Can anyone confirm this?

[russint]

Can anyone confirm if this really works?

My new jacket confirms it.

Re:Can anyone confirm this?

[Mark_in_Brazil]

Different how? All I've ever seen tollbooths do is say "EZ Pass. $x.xx. OK" and then raise the barrier. Did start to raise the barrier, hesitate, bring it back down and then say "Um. yeah. no ezpass. wink wink"?

Not all that far off. The tollbooth gave some message that meant that it had detected the Transpass (I don't remember the details of the message), but did not charge the trip to the transpass, and my mother had to pay in order to get through.

--Mark

Re:Can anyone confirm this?

[gtkuhn]

Parent is really on to something here. My first thought is that consumer guides should rate all RFID chips and readers as to range, frequency, penetration, and any other important info. My guess is that most major consumer guides have never done testing quite like this. Or maybe they just don't see the demand. Either way, it is for Geeks to show them the way. A tutorial is needed explaining the equipment and procedures to test RFID.

Re:Can anyone confirm this?

[John+Harrison]

I can confirm that this works. My day job is as a smart card consultant for a very large computer company. I have a large stack of dual interface (ISO 7816 contact and ISO 14443 type A contactless) cards sitting next to me. If you cover a card in tin foil it no longer can communicate contactlessly. One layer on one side of the card seems to be plenty.

Re:Can anyone confirm this?

[spdt]

She noticed that the way the tollbooths (both entering and leaving the highway) responded differently when she had the pass in the bag than when there was no pass in the car.

It could be that the metallic plastic bag will filter up to a specific frequency, and the toll booth will test a higher frequency, for the presence of the pass.

A Faraday cage, depending on its density, will only filter up to a certain frequency. This is how the Faraday cage in your microwave can shield you from the microwaves, but will still allow you to see your food cooking. I believe tinfoil will filter all frequencies that we presently use for radio communication (mostly because I can't see through it). It certainly can't filter gamma waves.

Re:Can anyone confirm this?

[Mark_in_Brazil]

I believe tinfoil will filter all frequencies that we presently use for radio communication (mostly because I can't see through it).

You can't see through it because it reflects or absorbs (more reflecting than absorbing, I'd say) most visible light. I'm not so sure about radio frequencies.

It certainly can't filter gamma waves

I doubt the device inside my mother's transpass can receive and transmit gammas.
Still, having two frequencies on which the device can respond, one filtered by the bag and the other not, is definitely a plausible explanation (why didn't I think of it?!) for the behavior my mother observed.
I think I'll tell my mom to wrap the transpass in aluminum foil and see what happens. I wonder if they'd notice if some car were scanned (with the transpass in the bag, so it wouldn't be charged) getting on the highway and then never appeared getting off the highway, or vice-versa. It'd be interesting to see if "they" (the highway authorities) monitor that kind of thing and look for cars that might have gone off the road.

What a stupid hacked work around

[t_allardyce]

For fucks sake, why are they even considering wireless chips? what is the mother fucking point? if these incompetent fools are the people in charge of security then we're all screwed. Someone please explain why they are doing it this way instead of with old tried and tested smart card chips? and don't bother spouting crap about 'contacts wearing out' thats bull and you know it, i use my debit smart-card every day and it works fine, and when it does wear out ill just bloody well get off my ass and get a new one instead of being a lazy prick and having my card on offer to anyone with a reader. This is probably the same thing that fuck-face David Blunkett is going to use for our little nanny cards, it makes me sick that we live in a world full of idiots.

Re:What a stupid hacked work around

Might not be in the specs yet, but has anybody else come to the conclusion that the only reason why they are interested in RFID chips is that the _next_generation_passport_ is actually going to be implanted into people. Hence the need for remote reading.

Paranoid, who me?

Is the Faraday Cage the same thing as padded cell?

[Muhammar]

They have been putting these chips into dental fillings for years...

Re:From the viewpoint of an RFID reader designer..

[gatkinso]

While admittedly different technology (but fairly similar in nature), EZ Pass works from about 30 feet... which results much less spectacular than detonating a bomb.

Re:From the viewpoint of an RFID reader designer..

[vrimj]

Would it be possible to use both public key and strong cryptography in the same chip? I am assuming that the problem that this is supposed to solve is people entering the US under forged US passports. If that is the case you could use strong encrytion and never export a reader. You could use strong encrytion for the limited application of US rentry check and use a less safe system for other checks if the chips could handle it

Re: "Tin Foil"

[gordonb]

I know you know this but consumer "tin foil" is aluminum. In the UK, it is made of aluminium.

but it's not a joke

[teddlesruss]

- tinfoil is perfect, we use it to cover rfid tags in the lab while testing.

The problem would arise when a person's passport falls open inside their baggage in a public space, they would be under the mistaken assumption their rfid couldn't be read so they would not be watching for skimmers.

Re:but it's not a joke

or when they present their passport as ID at a bar, ticket counter, checkpoint or other insecure location.

Re:From the viewpoint of an RFID reader designer..

Actually, this wouldn't be too hard to solve.

Store the private key on a central server somewhere secure (cheyenne mountain seems almost safe enough) and have the readers read the private key into memory at startup.

This would require all the readers to be networked but would solve the stolen private key scenario if it was stored in RAM.

The only issue then would be latent shadow on RAM. This wouldn't really be an issue since there wouldn't be enough of a latent image to read the key but just in case you could have the reader integrate a small LiIon battery and when it's disconnected from it's main power source write 1's and 0's to RAM.

DigitalNY

Re:Bzzt. American over here!

[BlueWonder]

Is the US the only country using them?

No. The EU is also discussing this, and most likely, other countries are as well.

I don't like the idea of walking around with a US Passport emitting signals to advertise my nationality.

This is also the reason why Bruce Schneier thinks terrorists will love this technology: if they want to specifically target a certain nationality (e.g. US), they can easily find people of this nationality in a crowd.

I've already tested this

[jridley]

Our company has RFID security badges for going through doors. I figured I'd use the opportunity to test if aluminum foil will block the signal.
With no foil, the card will read from 20 cm. With one piece of foil on the back side, it will read from about 1cm. With the foil on the front, it will read, eventually, if you rub it right on the receiver. With foil wrapped completely around, you can't make it read.

I have no doubt that much more sensitive receivers could be built, but the foil does significantly reduce the read range.

Also, keep in mind that a reader has to transmit an RF pulse strong enough to power the chip for a fraction of a second, and the transmitted power is going to obey the inverse cube law. If the chip is shielded and the RF power pulse has to get through that, if you want to read from 20 feet away, you're going to be carrying around (or mounting if you're part of the establishment) a not-insignificantly-sized battery pack, transmitter, and directional antenna in order to get enough power cranked out to power that chip inside its foil wrap.

In fact, it may be so much power that it would be hazardous if someone stepped in front of it near the antenna.

Re:I've already tested this

Putting on a Black Hat for a second.

The requirement:
- Read an RFID id from 60'.
- Chip may be anywhere in a 10 degree arc from that point.
- Long or even medium term safety for bystanders is not an issue: as long as they don't drop right in front of you you are happy.
- Equivalent of 15A 110V AC may or may not be available (you can pick your spot).
- Physical size is limited to either what you can pack in a car or what you can pack in an apartment. Ideally the whole mess fits in a backpack but that is certainly not a requirement.
- Your antenna has direct LOS to the chip to be read.

These are the basic requirements to read a shielded passport at an insecure (bar, liquor store, nightclub, parking lot etc), limited security (small non-us airport, train or bus station) or temporary (checkpoint) location.

If the passports were unshielded, you could easily get a backback sized omnidirectional (or even directional) reader within 2' of 100s of passports every day.

why not

[coolcold]

just store the photo of the owner of the passport in it to start with so they can fix all sorts of bugs? No one would "really" care if they photo were stolen because their passport was stolen. The other detail would be the usual ones in the passport, which could be written ON the tin so it can't be read with RF

Defcon

I seem to remember that one item of Official Defcon merchandise was an Electro Magnetically shilded wallet.

I’d be happy with a smart chip…

[(H)elix1]

I think the original point was to have electronic versions of biometric data on the passports. Not sure what the point of making that information wireless if they still have to stamp the bloody thing every time you enter and exit a country. If you scrapped the wireless bit, you could actually use a smartcard concept to store not only info on the person, but the travel details in a much more useable form. I'm six stamps away from my third passport expansion (where they add extra pages again) - and there is nothing readable or practical about ink based entry/exit data.

Re:Bzzt. American over here!

[Eskarel]

No offense, I'm an American too, or was until a few months ago, but odds are you're already broadcasting your nationality to the world. We all do, in the way we dress, the way we talk, the way we act. You don't need an electronic transmission to do this.

Does our opinion matter at all?

Recent statistics show that the vast majority of us(~85%) is strongly opposed to the use of RFID chips in drivers licenses or passports. However, our "elected" government that makes us work hard for our tax dollars is not asking our opinion but uses our money for something we don't even agree with.
Thinking about this I somehow feel the urge to write our senators and congress people to stop the RFID madness that would not be only invasive to our privacy but cost us billions.
Let's all write them and speak up about this now before it is too late, otherwise our children and grandchildren will have good reason to blame us.

This is just the first step

When most people have these, the first opportunity will be used to make shielding reason for search and/or illegal.

Re:From the viewpoint of an RFID reader designer..

[qengho]

EZ Pass works from about 30 feet

Because it's a powered transmitter. The RFID tags in passports would be passive.

It is not a joke to the victims

First a few facts:

1. The US government has a history of using its citizens in classified research wihtout their consent:
   
   "From the end of world War II well in to the 1970s, the Atomic Energy Commission, the Defense Department, the military services, the CIA and other agencies used prisoners, drug addicts, mental patients, college students, soldiers, even bar patrons, in a vast range of government-run experiments to test the effects of everything from radiation, LSD and nerve gas to intense electric shocks and prolonged 'sensory deprivation.' Some of the human guinea pigs knew what they were getting into; many others did not even know they were being experimented on."
   
   The Cold War Experiments , Budiansky, Goode and Gest,
   U.S News and World Report , January 24, 1994
2. The US government is good at keeping involuntary experiments on its citizens secret. The news media will not report it:
   
   "Suddenly, at the close of 1993, the public was bombarded with "news" about the feeding of radioactive substances to pregnant women and mentally retarded students, about the unethical irradiation of workers, soldiers, medical patients, and prison inmates, and about the government's own internal fears that these experiments had 'a little of the Buchenwald touch.'
   ...
   I am among those who persistently tried to get national media coverage of this outrageous example of government wrongdoing. To say that the media were reluctant to listen would be an understatement. The fact is that, for more than a decade, documentation was ignored and facts were misreported."
   
   The Radiation Story No One Would Touch,
   Geoffrey Sea, Columbia Journalism Review, March / April 1994
3. When the US government conducts experiments on secretly influencing human behavior, using 'unwitting', i.e. involuntary, test subjects is considered essential:
   
   "... On December 17, 1963, Deputy Director for Plans Helms wrote a memo to the DDCI, who with the Inspector General and the Executive Director-Comptroller had opposed the covert testing. He noted two aspects of the problem: (1) 'for over a decade the Clandestine Services has had the mission of maintaining a capability for influencing human behavior;' and (2) 'testing arrangements in furtherance of this mission should be as operationally realistic and yet as controllable as possible.' Helms argued that the individuals must be 'unwitting' as this was 'the only realistic method of maintaining the capability, considering the intended operational use of materials to influence human behavior as the operational targets will certainly be unwitting. Should the subjects of the testing not be unwitting, the program would only be 'pro forma' resulting in a 'false sense of accomplishment and readiness.' ' [Memorandum for the Record prepared by the Inspector General, 5/15/63]"
   
   Project MKULTRA, the CIA's Program of Behavior Modification,
   Appendix A, XVII. Testing And Use Of Chemical
   And Biological Agents By The Intelligence Community,
   Joint Hearing before the Select Committee on Intelligence,
   U.S. Senate, 95th Congress, 1977
4. The US government is currently conducting experiments to investigate the ability of modulated beamed energy, including electromagnetic, to influence human behavior:
   
   "Scores of new contracts have been let, and scientists, aided by government research on the 'bioeffects' of beamed energy, are searching the electromagnetic and sonic spectrums for wavelengths that can affect human behavior."
   
   Wonder Weapons: The Pentagon's quest for nonlethal arms is amazing. But is it smart?, archived copy

This is a bunch of B.S.

[rice_burners_suck]

A simple layer of foil isn't going to stop Jack Schitt, but what these Jack Hasses want to do is fool the public into thinking that it does something to make everyone safe. But it doesn't do Jack Schitt. They want to know where everyone is. They'll put sensors everywhere. It's going to be very dangerous. 1984. War is peace. Freedom is slavery. Ignorance is strength. We're all gonna die!!!!!

The passport specs are online including anti-skim

Jeez slashdot users, you still haven't found the actual protocol that is to be used? For crying out loud.

General:
http://www.icao.int/mrtd/Home/index.cf m

Anti-skimming and PKI:
http://www.icao.int/mrtd/download/documents/ TR-PKI %20mrtds%20ICC%20read-only%20access%20v1_1.pdf

But I'll probably be late again and this post will be ignored. No tinfoil hats necesary, if your government chooses the right protocol.

Re:Bzzt. American over here!

So?

You can change that you know, it is pretty easy:

Stop being an arrogant asshole who believes he has the right to do anything and everything they want.

Re:From the viewpoint of an RFID reader designer..

I would think that you would use the private key to sign the passport and then the public key would be used to verify the passport. That way the private key would only need to be known when and where the passport was issued. In fact if the passport offices were all networked they could all submit the text, image and whatever else was to be verified electronicaly get and get the key back from one central location. In this configuration the readers would not have the private key. The public key is all that would be needed in all the readers.

Re:Bzzt. American over here!

[6Yankee]

I don't like the idea of walking around with a US Passport emitting signals to advertise my nationality.

You mean you're not proud to be American? Off to Guantanamo with you!

I don't recall voting on the last changes

[Sycraft-fu]

I don't know about your country, since I don't know where you are from, but here in the US we have a Constutional Republic type of government, with strong democratic traditions. What that means is that we have a direct vote on only a few things. Mostly, we just elect people to represent us, they then make the actual laws. It means that most things, we needn't concern ourselvs with.

Something like this would be one of those things. The Passport Authority would make the changes, it'd never need to go out for a vote. Congress might need to pass a bill for it first, but I doubt it. I think an administrative decision is all that would be needed.

We are talking about something that is win-win basically. The people who know and care about crypto would be happy, since it would honestly increase security. The rest of the population wouldn't care either way, so no problem. You aren't going to have protests from privacy advocates or anything since there is no privacy issue, it just increases security.

Re:I don't recall voting on the last changes

[magefile]

You might have protests from the "government money going to what?" crowd. They'd be idiots in this case, but when has that ever stopped protests?

Where did I say secret?

[Sycraft-fu]

I meant a public, well tested crypto algorithm. However those aren't invincible. Crypto isn't proven to be strong, it's just repeatedly shown to be not weak to a certian kind of attack. Do enough of that, you can be quite confident it's strong. However math and computer science are open fields, and new thigns are being discovered all the time.

So suppose we go with a prime system like PGP. Then, some time after it's introduction, a brilliant mathematician and programmer figures out how to factor keys at blazing speed. They release a program that you feed it a public PGP key and it spits the private one out in 10 seconds.

Well if that happened, PGP, and other encryption based on primes, would now be broken. The advance in math would mean that they are no longer strong, no longer useful.

All public key crypto is venurable to this sort of thing. We believe the math to be such that there's no flaws, but that doesn't mean our knowledge of math won't advance and we'll discover one.

The only cryptography that we can be sure won't be broken is the one time pad. If you use a truly random pad, it's unbreakable, since someone can never know if they decoded it correctly or not.

Re:Where did I say secret?

[chialea]

Err... generally, if you have a proof of security of an algorithm, you prove that there exists no polynomial-time adversary who can do whatever bad thing x you are trying to prevent. (which is generally a complete overkill kind of x)

This proof is subject to some assumptions that you lay out to begin with. Factorization of safe primes of "sufficient length" is one of them, sure. If someone can break the assumption, they can generally break the algorithm.

This is /still/ not equivalent to saying "x is not vulnerable to these kinds of attacks". It's saying "there does not exist an attack on x that does not break these well-defined assumptions".

Cryptography without assumptions has unconditional security. An example of this is OTP, but it's far from the only one. But yes, all public-key encryption is based on trapdoors, which imply one-way functions, which require complexity assumptions at this point.

I'm professionally nit-picky, as well as professionally paranoid :)

Lea

Re:From the viewpoint of an RFID reader designer..

[swillden]

I design RFID readers similar to those that would be used to read these passport tags, so I might be able to add some useful insights.

And I design high-security systems that make use of contact and contactless smart cards, so I may be able to add a bit more about how their capabilities could be used to thwart attacks.

Thirdly, many ISO14443 tags contain support for public-key cryptography. The reason to include this is that the data exchange between the reader and the tag can be encrypted so if someone would be "listening in" it will be very difficult to obtain any useful information. Because of this security feature this kind of tag is often chosen for transport fare systems, access control, etc. It seems a shame not to use this, but I think the reason is that the tags should be readable worldwide, so that many readers containing the private key will have to be in existance.

No, it's not that bad. It's pretty easy to secure these passports, actually. I understand the desire to Keep It Simple, and I'm sure that's why the issuers aren't taking the precautions they should, but, really, they should. It's not *that* bad. Allow me to explain:

There are two problems to be solved: First, you need to ensure that only authorized readers can query the passport. This is the most important requirement. Second, it's a nice thing if it's also impossible for eavesdroppers to listen in. That can actually be achieved through non-cryptologic means, since the authorities have control over the environment in which the authorized readers are deployed. It can also be accomplished cryptographically, however.

To ensure that the passport will only talk to authorized readers, the passport must be configured to require an authentication transaction before it's willing to divulge any data. In a world without public key crypto, this would be a little bit painful, but possible. With PK, it's pretty easy. Each reader should have its own key pair, with the public key signed by the owning government, whose public key is signed by a central authority, e.g. the ICAO. Each passport need only store the public key of the ICAO. With that infrastructure, the passports can verify the validity of the readers.

Of course, if a reader is lost or stolen, its key has to be invalidated, so there will need to be a mechanism to distribute revocation lists to all of the readers, and for the passports to store a list of revoked public keys. There is a window of vulnerability for any passport to be read by a stolen reader, but assuming that passports in use encounter legitimate readers often enough, that risk is manageable. Particularly if some solution (like the RF-shielded covers) is used to give the passport holder control over when his/her passport can be read.

In reality, it'll be a bit more complex that this, of course. To limit the damage of compromised root or national keys (though those should be *very* carefully protected), a periodic key rotation is probably a good idea. There are several good ways to accomplish that, but a date-based approach is probably a good idea. The passports don't know the current date, of course, but they do know that time never runs backwards so periodic exposure to legitimate passport readers can be used to keep the passports safe. Key expiration should also serve to limit the size of the revocation lists passport chips have to manage.

There are other details to consider and address, but the fact that a full exposition is beyond the scope of a slashdot post doesn't mean that this problem is really a hard one, or anything that the security community doesn't already know how to address.

Oh, as for the second problem -- preventing eavesdropping -- that problem *is* trivial. Just negotiate a shared 3DES or AES key during the authentication step, then encrypt all of the subsequent communication. The validity checks on the reader keys would prevent MITM attacks if they were even possible to begin with, and assuming the environmen

Re:Correction:

[pVoid]

Ummm... not really. Assume you have a positive current on the center wire. Using the right hand rule, this creates a positively charged, cirularly symetric E wave that radiates outwards (think throwing a rock in a pond). If you pass the negative equivalent of this signal on the outer shielding, you generate an opposing E field that will directly cancel the internal one. Again, you don't have to ground the external shielding.

That's the part where grounding comes in: grounding essentially means connecting to a capacitor of infinite capacity (the earth), which is able to always supply you with an equal and opposite field E. The scenario you describe is a very specific one illustrating how you would shield out from one particular intensity (or function wave) of the internal E field. This is more akin to noise cancelation... it is not shielding: in shielding, you can cancel any function wave (even if it is chaotic - e.g. static noise) because of your infinite capacitor.

Again, I believe this proof we are after is based upon a provision, such as "the overall charge of the system" or something of the like. Think of grounding as having a system with infinite capacity.

PS. I will not really discuss the previous points you and I made because I was trying to simplify the situation into layman's terms. We cannot make a proof using "fleeing" charges and what not. The proof is mathematical, and I am suggesting we are missing a crucial requesite that neither of us remembers. The Coax cable thing though, I am positive of, it is without a doubt in my mind a real world application of a Faraday cage. It is also why computers and sensitive electronics need to have a ground plug: so as to avoid data corruption from stray RF fields emenating from the scooter rolling by down your street. Only two plugs (phase and neutral) are not sufficient.

Re:Correction:

You gotta love the conservatives morons on this site that mod down a perfectly legitimate scientific objection.

Yay slashdot! on your way to Creationism!

-pVoid

Metal and RFID

[itsybitsy]

Eight years ago, yes, eight years ago, I was working with the first (or was it second) generation of RFID tags. In one application at a equipment rental company the tags failed on about half of the equipment due to the type of metal. Basically the tags would not work when they were attached to or directly next to the inventory objects. They would work fine two inches away from the metal but not within that distance! This prevented the adoption of the tags by this company. They really wanted to tag ALL their equipment for inventory control puposes but physics prevented it. Needless to say they were very dissappointed as was I since the project didn't continue at that point.

What I'm wondering is if the newest generation of tags works with ALL types of metals even when attached to it or next to it?

MICROWAVE

Microwave fry it problem solved!

Re:You.

yes i do, thank you for watching

Exactly what is happening

This is exactly what the "e-passport" from ICAO will do. The contactless smartcard is just a storage device for signed data files that include the same data as on the paper (for verification), a high resolution version of the picture, and optionally data such as seperately encrypted biometrics, visa data etc.
There are two optional extentions, one that requires the reader to prove that it optically can read the MRZ (the paper passport, in effect asking you to open the passport physically) and only then allow communication (encrypted). This is called Basic Access Control by ICAO and protects reasonably against the remote skimming everyone is so worried about. EU and Japan are pushing this option, US is not. Trouble point will be when EU and Japanese passports require Basic Access Control before giving your somewhat private data and US _border_ stations not supporting it.

The other optional extention is to add a secret key on the card and use it for authentication, to make copying (not counterfitting, that's the signatures job) more difficult.

Really the crux will be to have support of Basic Access Control on all border stations. Without that, a passport that tries to protect your data is useless to enter those countries, which is the whole purpose of a passport....

Re: Still ... Waite

The chip supplier could merge with the
Centers of Disese Control and imbed the
chips in pinus's ... the US administration is
90% male. Then when I go to get certified
for a flight, the TSA official will drop
paints, bend over, and I'll transfer the
"secret code" into his ass-hole in about
60 seconds, and get on the flight.

What a system, rightous so.

I can even see Bush on the day of the
new systems inaguration at Ronald Reagun
Airport to demonstrate, in person, how
easy and hygenic the new security system
works. He'll get on his nees, open his
mouth, the TSA standin official will insert
pinus .... OH NO, Bush misread the instructions
again! Why does he keep doing this, it's
the eleventh time today!

Toodles

Complaints mean nothing if people take no action

[dexterpexter]

On one hand, I agree with this, although I must say that RFID chips do not have internal power sources and would probably make it through a toss in the washing machine (people are often suprised that at electronics manufacturers, newly placed circuit boards are oftentimes run through a large, expensive, glorified dishwasher) and, because they are so small (did you know that some versions of RFID can actually be *printed* with special ink), they are quite hefty and able to withstand a lot of things thrown at them. I agree, though, that this is certainly an imperfect application and that the chips are not indestructable, and that the inconvenience caused by a failed trip would be large. It would be quite annoying to be stuck somewhere and people would indeed complain. I am by no means supporting the RFID-implanted passports and was simply commenting on how the authentication should be run. Since this is in place to make things secure, an allow-all system would certainly decrease security, and having a system that doesn't use the RFIDs at all would just be silly and inefficient. (Why have them in the first place, then?)

However, I should note regarding your comment about chips beginning to fail and people complaining that you would be suprised (or perhaps not) at how complacent people can be. For instance, credit card stripes sometimes wear down with time (after being sat on, heated up, wet, etc.) and won't swipe well. Yet credit cards are still widely used. People stomp their feet, get aggravated, then go home and call their credit card company for a new credit card. The inconvenience of some doesn't automatically mean that the end to an application. Unfortunately, at times, the inconvenience of many does not as well. If anything, that is part of the problem.

People complain about these things, but few do anything to correct it.

cellphone hijacking

[peter303]

Thats more of an interesting threat than RFIDs on passports. You could confirm a persons ID and location. You could even turn it on without the owner knowing and spy on their conversations. Many more people carry cellphones around that passports. However the Great Poodle (Blair' UK) and other countries are considering RFID ID personal cards.

You just proved the point

So in other words you break the tin foil seal and expose it to any possible RF reader. And the copy they make would capture any written password. Thus you proved the point.

Just FYI

[hummassa]

my WAP is 15 meters (16yards?) away from my microwave, with 3 concrete walls in between. I can use my notebook in the kitchen with the microwave on, less than a meter from the microwave, and I have no signal problems.

Re:Bzzt. American over here!

[Eskarel]

Not all Americans are arrogant assholes, doesn't mean we don't all stand out as Americans.