Another Setback for Biometric Passports

trydk writes "The Register has an article on the lack of security in biometric passports. This time, according to Dutch TV program Nieuwslicht (Newslight), the Dutch biometric passports have been cracked, potentially revealing all biometric information stored in them." From the article: "[...] an attack can be executed from around 10 meters and the security broken, revealing date of birth, facial image and fingerprint, in around two hours. Riscure notes that that the speed of the crack is aided by the Dutch passport numbering scheme being sequential."

Re:It will never be safe.

[swillden]

These things will NEVER be completely secure. Someone will always figure a way to hack them.

That depends on what you mean by "completely secure". In this case, the security design is basically very good, but contains a rather obvious flaw. Fix that flaw (and there are a number of fixes) and the result will be "completely secure", against certain forms of attack, anyway.

The data on the chip is protected by a 3DES key. If you don't know that key, you cannot authenticate to the chip, and the chip will therefore refuse to talk to you. If you do know the key, then you're in. So, someone hit on the simple (and clever) idea of printing the key on the inside of the passport (since all of the data on the chip is also available in printed form on the inside of the passport anyway).

The problem is that they decided that rather than printing a new, random, 112-bit key, they'd just use some data that already existed in the passport, the MRZ. This value consists of your passport number, birthdate and expiration date. That's actually not a whole lot of entropy, especially since passport numbers are pretty predictable, and ages and passport expiration years are pretty easy to guess. The result: the MRZ can be brute-forced, the key guessed and the passport data retrieved.

There are a bunch of obvious solutions:

• Shielded cover. The US is implementing this. The passport cover has an integral wire mesh so that when the cover is closed, the chip's antenna is shielded and the chip is isolated. This also addresses some other potential issues with attackers being able to tell remotely that you have a passport and perhaps even what country it's from, even if it won't actually give them any data about its contents.
• Print a separate, random key inside the cover and use that instead of the MRZ. It doesn't really need to be 112 bits, either. A 50-bit value would work fine, as long as it doesn't have any guessable portions. The brute force search speed is limited to the speed of the passport chip, so you don't need huge keyspaces.
• Configure the chip so that after a certain number of consective failed authentication attempts, it locks itself. This will prevent brute force searches, at the expense of perhaps creating a denial of service attack. However, these chips (if not shielded) are already at risk of denial of service attacks, so I don't think that's significant.

It's popular on slashdot to say "nothing is ever completely secure", and while that statement is literally true, in fact many things can be and are sufficiently secure within the defined operational parameters.