Slashdot Mirror
E-Passport Cloned In Five Minutes
Last month a panel of EU experts warned that the e-Passport's security is "poorly conceived", and in fact a week later a British newspaper demonstrated a crack. Now another researcher has shown how to
clone a European e-Passport in under 5 minutes. A UK Home Office spokesman dismissed it all, saying "It is hard to see why anyone would want to access the information on the chip."
Now another researcher has shown how to clone a European e-Passport in under 5 minutes.
Thanks to a software he himself has developed, called RFdump, he downloads the passport's data onto his computer and then onto a blank chip.
How long would it take for some 3 letter agency to show up at their door in the US?
thegodmovie.com - watch it
1. They claim that there is little useful on a passport's details page. Can someone confirm whether this is the case for the purposes of general information theft?
2. If the passport page contains anything useful, how easy or difficult will it be to get hold of this information? Can you stand next to someone in a queue and scan the passport in their carry bag, or do you actually need to hold it close? My ID card at work has an RFID chip, that works only at about 4cm.
3. Is it correct that forging RFID passports will be more difficult? Obviously, if you used to have to manufacture a passport or switch a picture, and you now need to _both_ do that _and_ insert or change an RFID chip, then that raises the bar. So the followups to this question are;
3a. Will passport controls be replaced by RFID scans, or in addition to? I would hardly think the former, but please inform.
3b. Is it possible to change the information on an RFID chip without actually having physical access to the circuitry? As in, are there read/write scanners so you can avoid having to manufacture a chip and replacing it in a passport?
If the answers to these are no, difficult, yes, in addition to and no/no, then I can certainly see it providing additional security. And vica versa. Someone in the know?
but then it's never been very hard to visually look at it and read the paper
Not when it's in my pocket.
I can't believe how juicy this is. Imagine being able to get your dirty fingers on the theft prevention system at the doors or a department store. Just a slight modification of the frequency and code, and let the harvesting begin.
thegodmovie.com - watch it
Cheers,
-b.
Before the goons come to get me!! I'll say I know NOTHING about these new passports beyond what's on slashdot. I got no expertise in RFID beyond looking at it. A good security system should have something in place to prevent this sort of "cloning" attack... you'd hope like hell that somebody's thought about this!!! and they don't just send the goons to cover it up.. after all, that's the new policy for scientific reports now... and has been the policy for security reports since 9/11.
So what is the paranoid meant to do to shield their passports? We all joke about the tin-foil, but is there something that actually does the job?
How about having an electronic switch built in to the passport, so that the chip only works when someone holding it wants it to work. For example, you could set it up so that the chip only works when the passport is opened flat on the details page at the front.
I can't imagine it being that hard in theory, although divising a reliable and rugged switch may be a bit more challenging.
Still, I bet it could be done, and it pretty much eliminates all the concerns about people reading the chip without your permission.
There is a huge difference between "RFID chips" and "contactless smart cards"! They both use the same frequency band and similar communication protocols, but RFID chips have no crypto while contactless smart cards have all the AES, MAC, etc. stuff plus secure filesystem storage.
There is a huge difference, I keep posting this but nobody seems to get the point: the walmart RFID chips have zero crypto, but the passport, payment cards have a ton of crypto. You can't just dump their contents
The government calls them contactless smart cards because that is what they are, of course the media and everyone else uses the blanket term "RFID" to refer to all of it and works themselves up into a frenzy while not understanding the characteristics of the technology.
But isn't the whole point of a secure passport to secure the identity of an individual? If the identity is not secure, we may as well not waste the time or money.
I do not fail; I succeed at finding out what does not work.
Except that you can use #2 with no crypto or bad crypto as well. Which is exactly what the epassports are doing. They have such bad keys that it is easy to brute-force crack them open in a couple of minutes. Most well-designed systems using the same standard have non-trivial keys, which makes them a lot more secure than the ICAO epassport standard.
:)
The fun thing is that the moment the standard was created, everyone said that this is going to be a field day for the press when the first researcher figures out that the keys are so weak. The day has arrived
In reality the issue is blown out of proportion: the epassport is not that much of a privacy issue. Tourists can be spotted by a mile away by simply the way that they look and walk, and the smart tourist will leave the passport in the hotel safe anyway, carrying only a photocopy with him. You are in far more trouble if your passport gets stolen than if it gets copied: if you do not have your passport, dealing with any authorities in a strange country is going to be a problem, whereas if your passport gets copied, you still have the original.
Also, forging a passport is no easier than before - in fact, getting the digital and the physical passport data to match becomes a lot harder with the epassports. Reading something does not mean you can change it and write it back, as surely is well understood by anyone familiar with digital signatures.
Cloning a passport has become no harder or easier thanks to RFID. But Identity theft will become much much easier.
Couldn't one kill the RFID chip by putting the passport in a microwave oven for a minute?
I can't imagine the rubber-stamper at immigration control not letting me through because he can't read my RFID tag... I'm sure a good percentage of non-zapped passports would fail to scan for one reason or another. If enough people did it, then they justn wouldn't be able to rely on them, period.
I guess that's what they call a failure of imagination.
It's a common failure that occurs in these scenarios.
As part of my research on driver's licensing issues, when states added photos to driver's licenses (starting in the late 60's) the word "fraud" never entered the picture. Driver's licenses were essentially fraud free documents before the photographs were added--so it really never entered anyone's mind that things would change once the document became more powerful/useful/trusted.
The problems with passports can be much more subtle, so I wouldn't count on the fact that adding the same data in RFID mode didn't do anything else than just have some redundancy to prevent reading errors.
A little tale from my experience: We were flying to Brasil from Lisboa with a flight that was first landing in Natal, and then flying to Recife. For some reason we never spotted an immigration office. I don't know if we were supposed to step out in Natal, get immigration stamps in the passport and then go back to the plane (the flight from Natal to Recife was domestic, because new passengers were boarding to Recife), or if we were supposed to look for immigration at Recife Airport. We didn't, and nobody seemed to care. When we were trying to leave Brasil three weeks later, the officer at border control pointed out that we were missing the immigration stamps. We were argueing, telling the story, he was insisting on immigration stamps. In the end he just pointed us to the gate, telling us "Nao entrada, nao saida" (No entrance, no exit), meaning "You have never been here, and you have never left."
A similar occurrence was when I was cycling with a group through the then still existing Czechoslovakia. We entered through the polish-slovakian border, and everyone got his passport stamped. We were leaving a week later through the czech-german border, and the officials were just stamping the list of all members of the group. A few weeks later I was again with the bicycle in Czechoslovakia, and I got controlled by the normal police about 30 km from the border, and the police got suspicious with me because I had two immigration stamps, but no exit stamp. So looking from the papers I had entered twice without leaving once. The patrol took me to the office, and then they phoned around for 1 1/2 hours, before just setting me free around midnight, when the train I was planning to take to Prague had just left.
What I am trying to say: Whenever some inconsistencies come up with your passport, they aren't migitated by having RFID chips somewhere. No one actually cares about this type of redundancy. Immigration officers are humans only, and errors will occur, and most of them will not be solved by looking at RFID chips, but in the end by reluctance of the powers in charge to press any further because it is late, because they don't want hassle or because it's easier to pretend nothing had happened. Given U.S. immigration procedures it will probably solved by just handing persons like me to indefinite detention without access to legal counsel. Because Electronics is always right, and if not, lock up everyone not hiding fast enough.
The most important question here (and, at the same time, a question I see nobody asking) is: what is the range of these RFID chips?
If they have a range of one or more feet, so that somebody can scan my passport from across the room, then I really see a big privacy and security problem.
If, on the other hand, they have a range of one inch or less, then I don't see any reason of concern: if scanning my passport requires roughly the same effort as stealing it, and also if by scanning it one obtains the same information (d.o.b., height, picture, etc.) that he would have obtained by stealing it, where's the problem here?
For whatever reason, this brought to mind part of one of Laurie Anderson's song/stories from her "The Ugly One with the Jewels" album:
A marriage is always made up of two people who are prepared to swear that only the other one snores.
My point was really that (here in the UK at least, so I don't expect you to realise it) the ID cards are always pushed by the government as the way to make us all more secure against terrorism. It will save us all, you see. It's the primary reason for introducing the scheme. Never mind that most experts (inc. the police and MI5, iirc) disagree - and you, as someone living in an ID card carrying country, seem to disagree too.
I can tell however that not having an ID card was one of the reasons it took so many time to know the identity of all the victims of UK bombings.Oh yay, you certainly know how to sell me on the benefits of having an ID card! :-) I think I speak for many people when I say that being able to identify my charred body via an ID card is not top of my priorities.
I can also tell that it was probably much easier for the police to find the terrorists that did the 11-M bombingsEr, got a source for that assertion?
(since they probably had to use their IDs for so many things, getting internet connextion requires filling in your ID number).Ah. So no, then.
It also probably saves lots of money to the administration.That's 'probably' why the UK govt keeps refusing to give an estimate of how much the ID card system would cost.
A lot of the resistance, as well as a dislike for the general concept/system, is merely that it won't improve anything, so why waste billions of pounds of UK taxpayers' money implementing it?