Analysis of Electronic Passport Security
These comments on the security of electronic passports are an excellent primer on the dangers of the technology. Definitely read Attachment 1: “Security and Privacy Issues in E-Passports,” a more technical paper by Ari Juels, David Molnar, and David Wagner.
Israel Torres • April 11, 2005 8:54 AM
Aside from the obvious vulnerabilities stated in Attachment 1 (attacks on the technology itself). There is little mention of the vulnerabilities rooted in the registration phase of “E-Passport” deployment. If an attacker can successfully manipulate the system at the root such as to convince the system the attacker is a legitimate authorized entity through a battery of attacks (e.g. social engineering, identity theft, etc…) all this technology is no better than current forms of identification. In fact it becomes more of a danger since the identification issued will be deemed almost irrefutably correct. Of course they may not be as simple to forge, but then there really is no need to technically forge something that one can gain legitimately and remain illegitimate at the same time.
Israel Torres