Tin Foil Passports?

Daedala writes "The debate over contactless chips with biometric information in passports continues. Vendors have been chosen for testing in the U.S. and Australia. Privacy advocates are still arguing about the measure, as are security reporters and bloggers. The specs themselves are interesting, to say the least. The EETimes says that in interoperability tests, the potential chips could be read from 30 feet away. However, both they and the New York Times have published articles reporting vendors' low-cost solution: '[I]incorporate a layer of metal foil into the cover of the passport so it could be read only when opened.' Don't they know that the whole tinfoil hat thing is supposed to be a joke?"

Not actually based on a joke.

[paganizer]

A charged layer of tin foil will block most electromagnet signals, AKA Farrady cage.
a simple layer just won't cut it, though.

Re:Not actually based on a joke.

[paganizer]

I can't believe I spelled it farraday. did I think those measurements I was taking all the time were in farrads? sheesh.
I was in a rush to get first post. some example FARADAY cages are here, here and here.

Re:Not actually based on a joke.

[dougmc]

Better still, save the metallized ziplock bag that your video card probably came in, and use it. Dual purpose -- keep RFI out, as well as moisture.

The anti-static bags that computer cards come in do very little to stop RF. Doubt this? Put your cell phone in one, then call yourself. It'll work fine. Tin foil will work *much* better, and no, it doesn't need to be grounded. (In fact, grounding will have no effect.) Again, this is very easy to test -- just wrap your cell phone (or any other radio) in tin foil -- it will not work.

Anti-static bags have high resistances. They're not completely insulators, but not good conductors either, and a Faraday cage needs a good conductor. Their high resistances allow static electricity (with many thousands of volts) to drain off, slowly. Tin foil *can* be used instead of an anti-static bag, but 1) if your circuit has potential somewhere (like a battery, or a charged capacitator) the tin foil will basically short circuit this, which is bad, and 2) it tends to look like a wad of tin foil, which may get thrown away as trash :)

I don't think that you would actually need to drag a chain behind you to stay at earth ground -- that's what the Faraday cage does.

A Faraday cage really has nothing to do with Earth ground. It certainly does not have to stay at the same potential as the Earth unless it's somehow connected to the Earth, and it'll equally as well connected or not connected to the Earth.

Old fashioned Faraday cages did have problems -- they generally use a wire mesh of some particular size, which doesn't stop ALL RF signals.

There's nothing `old fashioned' about any of this -- the first Faraday cage was built in 1836, and once the radio was invented, it was learned not long after that a Faraday cage will block any RF who's wavelength is much larger than the gaps in the cage. I'll bet this was known (and probably understood) long before 1930 or so. People use Faraday cages with a wire mesh today because it does what they need it to do. To do more would cost and weigh more, and might cause other problems (like not let air in, etc.) -- it's as simple as that.

Faraday cages block *electrostic* fields, and you really don't need a tight mesh at all for this. Even your car makes a reasonable Faraday cage. Blocking RF is an added bonus, but for that, you need to make sure the mesh is a good deal smaller than the wavelength of what you need to block.

So, if you need absolute protection against all frequencies of electromagnetic radiation, then you use something with no holes at all. If you also want to block magnetic fields (as the government will want to do to completely prevent TEMPEST attacks and such), then you'll make it out of something magnetic (mu-metal is ideal) and thick. And heavy, and expensive. But secure.

Re:Not actually based on a joke.

[gladbach]

actually, shoplifters have been using this method for a while now. same kind of concept.

Re:Not actually based on a joke.

[Taladar]

Might have something to do with the Microwave operating at 2.4 GHz http://www.zyra.org.uk/microw.htm which is absorbed by water better than many other frequencies and if you used it for mobile phones you wouldn't be able to use your phone when it rains. 802.11b and g (11 and 54 MBit/s WLAN) operate in the 2.4 GHz band so they would have problems working from inside your microwave oven, your mobile phone does not.

It doesn't work that way, it's passive

The distance from which you can read an RFID chip depends almost entirely on how much power you're willing to run through your transmitter. The RFID chip is just a passive thing that runs on the correct frequency of radio waves coming in.

Anyone trying to read your passport is likely to be less concerned about damaging your kidneys than you would like.

Not tin foil... but

a thin metal 'mesh' in the cover should work

He ain't kiddin'.

[Moofius.the.Cow]

I've actually seen one of these things in use during after-Christmas returns season. We were standing in the excessively long line, an' this guy comes up to one of the clothing racks. He opens up his shopping bag lined with foil and duct tape, stuffs a sweater inside, and walks off through the security gate without setting it off. Clerk was busy, it was done at an oblique angle from the security cameras, and 5 minutes later he looks just like some regular bloke walkin' the mall.

All he'd have to do after that is pull the tags and trash them, and he could pick off any store he wanted.

It's scarey they think that is a solution

[goombah99]

I'm not sure which is more worrisome, one that they are so cavalier about leaving unencrytped biometric information one is force to reveal (to get a passport) or that they actually beleive tinfoil solves the issue.

why does tin foil not solve the issue? well in most european countries you have to hand over your passport to get a hotel room. Presto, the passport reader can work.

likewise their other solution, putting a printed password inside the passport is equally broken. Again the hotel has access to your passport pasword.

these people are dangerously a) stupid, b) in charge.

Re:It's scarey they think that is a solution

[Xolotl]

Actually, no, you don't have to bring your passport. You just need legal ID, which in most EU countries means a national ID card. It's quite enough to move around in the EU with.

Valid ten years

[morcheeba]

I've been tracking this for a while, so I waited to make sure I got one of the last non-RFID passports. It's valid for 10 years, and hopefully people will have solved the privacy problem by then. Hopefully.

Re:Correction:

[pVoid]

See, here's how I remember it from class:

A Faraday cage is a conductor, so charges are free to move inside.

When the outside is exposed to a negative charge, all the electrons 'flee', and leave a positive charge on the surface. They 'flee' to the other side of the surface, to bunch up in negative charges: that is, inside the cage. Hence exposing the inner volume of the cage to negative charges, exactly at the level of incoming negative field to be exact.

When the cage is grounded, 'fleeing' electrons are not accumulated on the other side of the surface, but rather are dissipated, leaving the inner surface of the cage perfectly neutral, and hence not exposed to electrical fields.

An example of this is Coax cables. Coaxial cables are basically a faraday cage made long. Coax cables are perfectly immune to interference *only* if the outter core is grounded. If it is not grounded, they are subject to any interference the whole system is subjected to.

Wikipedia seems to have it partially right, but not fully:

Faraday stated that the charge on a charged conductor resided only on its exterior, and had no influence on anything enclosed within it. To demonstrate this fact he built a room coated with metal foil, and allowed high-voltage discharges from an electrostatic generator to strike the outside of the room. He used an electroscope to show that there was no excess electric charge on the inside of the room's walls. [Emphasis mine.]

I am fairly sure about this as a whole (about 99.995%), but unfortunately, it's been too long for me to remember the math behind it all. What my instinct tells me is that the proof by Gauss' law must have an obscure provision that is not listed in the Wiki entry either. A condition such as "all charges in the system must be within the sphere" or something of that nature.

Faraday cages

[srleffler]

Of course, if the Faraday cage isn't grounded Gauss' Law says that its outer surface is an equipotential, but it doesn't guarantee that the potential of this surface is zero. One reason why Faraday cages are usually grounded is to ensure that they do not accidentally become charged, especially when they contain equipment that is running on an external power supply.

There are other, more subtle issues. The usual textbook explanation of how a Faraday cage works assumes a static equilibrium. Fluctuating electric or electromagnetic fields will pass through the cage to some degree, depending on the frequency of the field and the construction of the cage. Grounding sometimes makes a difference in how well a cage blocks external high-frequency waves. It's not just a matter of whether the cage is grounded, but also where and how it's grounded.

In case anyone else reading this is unclear on why a Faraday cage is not a perfect barrier for non-static fields: loosely speaking, the usual analysis assumes the electrons on the surface of the metal have had time to adjust their positions so as to "cancel out" the external electric field everywhere inside the cage. If the external electric or electromagnetic fields fluctuate fast enough, the electrons will not move fast enough to completely cancel the field at all times and the signal leaks through the cage.

You're probably right, though, that an ungrounded Faraday cage would be fine for shielding a passport. I have no idea whether tinfoil would be sufficient for blocking RF though.

From the viewpoint of an RFID reader designer...

[Serious+Simon]

I design RFID readers similar to those that would be used to read these passport tags, so I might be able to add some useful insights.

First of all, I agree it's unlikely that a reader could energize an ISO14443 tag from much farther than about 4 inches. It's possible to use a stronger field than allowed by local EM regulations, but with magnetic coupling antennas such as ISO14443 systems use, the field strength drops approximately with the third power of the distance, and the power needed to get that field is the square of the field strength. To read at 4 inches, a power of about 100 mW is needed. So to read at 40 inches, you would need some 10,000W, and trying to operate a reader for 400 inches would be like detonating a bomb...

So the likely scenario for reading at 30 feet would be "listening in" using a big antenna and sensitive receiver to the exchange of data between a legitimate reader that is much closer to the tag. Such an antenna could be mounted in a big suitcase, for example. As it would not transmit it would be difficult to detect.

Secondly, I can confirm that any well-conducting sheet metal covering the tag will effectively short the magnetic field of the reader, so that the tag can not be energized, there's simply no way to read it. Aluminium foil would work perfectly.

Thirdly, many ISO14443 tags contain support for public-key cryptography. The reason to include this is that the data exchange between the reader and the tag can be encrypted so if someone would be "listening in" it will be very difficult to obtain any useful information. Because of this security feature this kind of tag is often chosen for transport fare systems, access control, etc. It seems a shame not to use this, but I think the reason is that the tags should be readable worldwide, so that many readers containing the private key will have to be in existance. It would only be a matter of time before some wrongdoers get such a reader in their hands, and the private key contained in it gets out. Once an unauthorized party has the private key, the encryption will be practically useless anyway (compare this to the CSS encryption of DVD's).

Happy to Hear This

[HeghmoH]

My objection to this entire scheme was that it would allow random people to read my passport from a distance without my permission. If it can only be read while open, that basically takes care of this problem. Hooray!

Re:Correction:

[_defiant_]

Please excuse the spelling. I'm tired, and it is past my bed time tonight.

A Faraday cage is a conductor, so charges are free to move inside.

Let's clarify this real quick: I assume you are talking about the inner and outer surfaces, not the volumes.

When the outside is exposed to a negative charge, all the electrons 'flee', and leave a positive charge on the surface. They 'flee' to the other side of the surface, to bunch up in negative charges: that is, inside the cage. Hence exposing the inner volume of the cage to negative charges, exactly at the level of incoming negative field to be exact.

(digging out my handy Elements of Engineering Electromagnetics, 5th Edition, Rao)

Right, this is a physical explaination of the boundary condition that says the discontinuity in the E field between the sides is equal to the amount of charge present on the conductor. However, you're forgetting to mention that our conductor in this case is a closed surface, and that surfaces are equipotential. Charges don't bunch up on one part of the inner surface, they distribute equally. And assuming the surface is closed, mathematics necessitates that all the internal E fields will cancel.

Otherwise, you would have an imbalence, and would create an E field in a region that does not contain any charge.

When the cage is grounded, 'fleeing' electrons are not accumulated on the other side of the surface, but rather are dissipated, leaving the inner surface of the cage perfectly neutral, and hence not exposed to electrical fields.

True, but unnecessary. The E fields are going to balance perfectly anyways, and cancel themselves out.

An example of this is Coax cables. Coaxial cables are basically a faraday cage made long. Coax cables are perfectly immune to interference *only* if the outter core is grounded. If it is not grounded, they are subject to any interference the whole system is subjected to.

Ummm... not really. Assume you have a positive current on the center wire. Using the right hand rule, this creates a positively charged, cirularly symetric E wave that radiates outwards (think throwing a rock in a pond). If you pass the negative equivalent of this signal on the outer shielding, you generate an opposing E field that will directly cancel the internal one. Again, you don't have to ground the external shielding.

Of course, this is all theoretical. As someone else mentioned, the electrons can only propagate so fast, and there will be some delay. But I believe it will work well enough. I'm not sure what frequency they use for these chips, but it can't be too high for something so simple.

OCR-Line

[Confused]

I'm also totally baffled by this RFID craze.

European Passport have at the lower edge a line printed with the OCR-B font which encodes all the necessary data from the passport. All border stations have a small OCR scanner to swipe passports.

This system is simple, robust, easy to verify in case of inconsistency (eg the reader reads something else than the rest of the passport shows) and quite cheap to implement both on the passport and for the reader.

To top it off, the system raises very few privacy concerns, as the content of the encoded line is the same as the human readable part and everybody can easily verify this. No secret data hidden there.

Re:Bzzt. American over here!

[BlueWonder]

Is the US the only country using them?

No. The EU is also discussing this, and most likely, other countries are as well.

I don't like the idea of walking around with a US Passport emitting signals to advertise my nationality.

This is also the reason why Bruce Schneier thinks terrorists will love this technology: if they want to specifically target a certain nationality (e.g. US), they can easily find people of this nationality in a crowd.

Re:Can anyone confirm this?

[John+Harrison]

I can confirm that this works. My day job is as a smart card consultant for a very large computer company. I have a large stack of dual interface (ISO 7816 contact and ISO 14443 type A contactless) cards sitting next to me. If you cover a card in tin foil it no longer can communicate contactlessly. One layer on one side of the card seems to be plenty.

Re:Can anyone confirm this?

[spdt]

She noticed that the way the tollbooths (both entering and leaving the highway) responded differently when she had the pass in the bag than when there was no pass in the car.

It could be that the metallic plastic bag will filter up to a specific frequency, and the toll booth will test a higher frequency, for the presence of the pass.

A Faraday cage, depending on its density, will only filter up to a certain frequency. This is how the Faraday cage in your microwave can shield you from the microwaves, but will still allow you to see your food cooking. I believe tinfoil will filter all frequencies that we presently use for radio communication (mostly because I can't see through it). It certainly can't filter gamma waves.