Schneier on Security
A blog covering security and security technology.
« Digital Privacy Manual |
| Airport Credentials Manipulated to Commit Crime »
March 13, 2007
Cloning an RFID Passport
Nothing I haven't said before, only a demonstration of how insecure they are.
Posted on March 13, 2007 at 10:53 AM
• 23 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
This is not only a demonstration of how insecure the passports are, this is a demonstration that the Identity and Passport Service does not have an entry for 'security' in their dictionary at all.
Even for passports without the RFID the procedures are too insecure.
OK, this I find kind of funny:
"The next day Miss Wood met an official for ten minutes. The details on her application form were verified using two forms of ID - normally a household bill and a bank statement. Her photograph was also examined."
I realize that I get several of my household bills as HTML and my bank statement as a PDF. Just how difficult is it to manufacture this sort of ID? I mean, yes, it's never been secure, but at least it used to take *some* modicum of skill to "forge" this sort of document. Now it's just trivially easy.
What do you expect? You take people who fundamentally do not understand security as proven by existing systems, and you expect them to build a new system with computers. The computer chip merely magnifies the flaws in the existing system. Forget two-factor authentication; let's start with one-factor authentication.
I wonder if it would be cost effective to mail the passports in tamper resistant envelopes that block RFID signals.
Why not just take the RFIDs out off the passports and put them in a bin at the bordercrossing with a sign "take one"?
In the 2nd story, the reporter says that ICAO has planned for the compromise of the master signing keys. I wonder what those plans include: revocation of passports signed by the lost key would seem to be required, but how long a grace period?
I think the major problem in the discussion is that officials look at security of the RFID passport from security against forgery and citizens from security against identity theft.
The current RFID passport protects well against forgery - at least as well as old passports. Now you can nolonger replace the photo and you still need all the special materials to produce well fake passports.
The attack mentioned used information on the envelope to reduce the time needed to crack the code, rather than brute force.
It has before been mentioned that the cover ought to be protective such that the passport must be opened to read the chip. If that is done, the above attack will fail as will brute force based attacks.
This is /the/ flaw of RFID passports.
Actually this has no meaning at all - it is the kind of attack that is easy to mount but has no relevance to real-life . I think it is used as a publicity stunt by all those that dont want e-passports . actually the e-passports are very secure and as long as countries require them this is the best technology .
Suggesting ways to more securely deliver the passport is meaningless. It has nothing to do with RFID security, that's mail delivery security. Once someone has physical access to just about anything, the game is pretty much lost anyway.
The core problem here, imho, is the attempt to concentrate vulnerable information and then try to make it impossible to crack. I'd much rather have my valuable information dispersed so that instead of having to crack one security system (say, clone the RFID signal on my passport), you'd have to break several disparate systems.
Using RFID in passports is one of the most idiotic "security" concepts ever thought invented. How much brains does it take to get the thing to transmit its information, then replay that information to airport scanners? And now that nearly everything you've ever done is tied into that *one* identity code, this is going to be paradise for identity thieves, and Internet criminals.
The other point that we do not seem to understand is that someone's identity is only one part of the equation. This does not tell us whether someone is likely to be a threat to our country or its citizens. By concentrating attention on the least-likely-to-be-threatening occurances, we are also ignoring the most-likely-to-be-threatening.
We have a precedent for this. After the aborted attempt to free the US hostages in Iran, our nation decided that on-the-ground intelligence-gathering would be replaced by increasingly-accurate overhead photos. So we relied on images of closed-top railroad cars and wound up invading an unarmed country. It is slower and subject to interpretation to actually send spies into places and groups where threats are likely to arise, but when the information comes that "X is thinking about doing Y", it is a lot more sound than "Z's passport came through the scanner already, so this one must be an imposter." There was an I Love Lucy episode where she drops something and crosses underneath the barrier to retrieve it, causing a zealous border guard to deny her re-entry. This is what RFID passports (and the concentration of information that they represent) are likely to cause.
How obvious was the key?
As in the numbers are printed in plain view that anyone who enjoys a Sunday newspaper puzzle would figure out?
Now, you can obscure that information easily via a hash, with a salt that is not "public."
But even in that event, I wonder how long the salt would stay secure...before a passport scanner or it's software is stolen and the salt compromised?
Oh well, at least had their been a salt at least it seems this particular bit of publicity wouldn't have happened.
@juju: "Actually this has no meaning at all - it is the kind of attack that is easy to mount but has no relevance to real-life . I think it is used as a publicity stunt by all those that dont want e-passports . actually the e-passports are very secure and as long as countries require them this is the best technology ."
Actually, having a "valid copy" of a passport has much meaning, if the "forger" has lots of prep-time. Makeup, etc., to look like the photo. The actual owner not knowing about it just keeps it from being revoked sooner.
I don't know if the biometric data includes enough info to reconstruct a "good-enough" matching set of prints, but it might. Most places probably don't actually check fingerprints, anyway.
How difficult/conspicuous would it be to use RFID-monitoring to find "mail of interest"?
That way, a mail-thief could steal "choice" pieces - such as new credit cards, passports, etc. - without disturbing the general flow of mail (and thus, alerting the postal patron).
Sure, the passports in the article arrived in distinctive, easily-spotted envelopes. However, credit-card companies currently make some attempt to keep the actual card-delivery packages inconspicuous...
My passport (issued by another EU Member State) also contains a RFID. Even though I don't believe in the 'added' security as the government claims fortunately my government is no so stupid that it sends passport by mail. Let alone that I would be able to obtain a passport with just an utility bill as proof of identity (talking about function creep) or without a face-to-face interview.
Come on, this is getting silly. If the attacker is able to establish a connection to the passport, he already has had access to all of the data there is in the passport chip (except the photo which can easily be captured in public if you want to).
So please, before posting more of this badly researched sensation-style journalism, take a break and look at the relevant specs.
This is a confusing story for a typical news reader:
- The government are playing down the weaknesses and potential problems with their new passports. As usual, they don't want to admit any mistake and respond to media reports by giving out misleading information.
- The media are hyping up the problems and probably exaggerating the risks associated with passport data skimming
- There are two cryptographic methods involved - one is strong and the other is unacceptably weak. Imagine proposing a new WiFi security protocol based on MRZ - you'd be laughed off the stage. I see no reason that the MRZ keys could not have been designed to be unguessable. The government can correctly state that the data is protected by digital signing using strong cryptography without mentioning the ridiculous MRZ.
- Different parties have different agendas - the passport *IS* a bit more secure for the government's requirements but less so for passport holders; the word security is being bandied about without saying whose security is concerned.
- The effects of private digital signing keys being compromised by corruption and poor security hasn't really been dealt with yet. I suspect that most governments will encounter serious media problems if they try to revoke a signing key due to the number of innocent people caught up in the crossfire.
- It will take about a decade to get rid of the older style passorts so forgers will not really need to bother about chip cloning for years anyway.
Lastly, the potential for data collection and mining by non-governmental organisations will not be resolved for some time. See the section headed "Who will be allowed to read the RFID passport data?" in
@X the Unknown
>Actually, having a "valid copy" of a passport has much meaning, if the
>"forger" has lots of prep-time. Makeup, etc., to look like the photo. The
>actual owner not knowing about it just keeps it from being revoked sooner.
That's one attack: make yourself look like the photo you have.
The other attack is to have a large enough library of data to be able to pick a passport where the photo already looks like the attacker, or at least enough like him to be able to say "it was a bad photo, and I've aged since then".
The latter kind of "forgery" doesn't require changing any data in the passport itself.
Security for re-issuing passports appears to be poor everywhere, not just Britain. As a New Zealander living in Australia I have twice renewed my passport by mail, each time sending the old one to the NZ Consulate-General in Sydney with my application. Due to changes in hairdo and increasing weight and age, the me in the photo attached to each application looked quite different to the me in the old passport enclosed with it. No questions were ever asked. The old passport was sufficient ID.
(Mind you, having recently changed my hairdo again and lost a lot of weight, I was pleased to observe that the 40-something in my new RFID passport is undeniably the same person as the 20-something in my oldest passport.)
I am stuck by the complete idiocy of using "household bills" as some sort of proof of ID.
I still keep a bank account open in the Old Country and after a recent change of address was asked to produce a household bill as proof of may new address, so some bod in an intrasourcing centre in a UK unemployment blackspot is going to know what a Belgian electricity bill looks like, and, I am going to be able to provide this after one weeks residense?
The most personally annoying aspect of this is they rejected the options of offcial residense documents from the town hall or a copy of the lease.
The most annoying thing from a professional point of view is that the people producing these documents telephone, gas, electricity only want tell people what services they used and how much they need to pay, they have no , nada, absoluty nil security agenda. To make matters worse due to a severe attack of "Free Market Fundimentalism" there are now dozens of companies producing these bills -- reprising a previous point -- so some bod in an intrasourcing centre in a UK unemployment blackspot is going to know what a telphone bill issued by a London cable TV company looks like?
Notwithsanding the previous posters points that a computer literacy age of about 7 is sufficient to produce a convincing forgery.
Anyone who holding shares in a UK bank should read the accounting small print under the headings of "Provisions for Low Grade Debt" and "Provisions for fraudulent losses" before deciding to hang on to the shares.
I am going to be able to ....
OK. So the information on the passport data and the image of the holder’s photo aren't protected from copying (stealing, if you prefer).
It's a pity, of course, but it's not devastating news.
Now the real question:
is possible to successfully forge a new passport with select
holder’s photo and select data ? There isn't check data on the chip (or signed data)
And again, why use a chip only to store a bunch of bits? for that, it's enough a good 2D graphic code and digitally signed data: less cost, more interoperability, same strength
I know you are thinking: Ehi! an Italian is speacking about e-ID!! But you have to remember the adage: Don't shoot the messenger.
This can't be about having a secure ID.
It's got to be a scam for tracking peoples' movements.
I would guess that within 2 years, someone is going to propose that we need to carry these passports with us at all times.
Just like in the old Soviet Union, or Nazi Germany.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.