About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« If you can't stand the heat, get out of the chatroom | Main | Where's the virtual Home Office when you need them? »

Not-very-public key infrastructure

By davebirch posted Mar 15 2007 at 8:49 AM

[Dave Birch] One of the most visible digital identity documents, the passport, has been much in the news recently.  Unfortunately, most of the coverage has been about the limitations of Basic Access Control (BAC).  Not that electronic passport control is operational yet because of the problems getting readers installed and configured, which in turn means getting the public key directory working.  This directory is being set up by Netrust, a Singaporean company that last year was selected by ICAO.  Germany, citing security worries, says it is not taking part in the directory, even though the USA and UK are (currently).  Readers won't have the German keys in them (unless they get them directly from the Germans), so they won't be able to validate the digital signatures on German e-passports.  As we've discussed before here, there some genuine problems here that need to be fixed for the e-passport to be effective.

Technorati Tags: , ,

Mind you, I'm sure that's the least of e-passport worries, especially with the rash of newspaper stories about passports being "cloned" in transit.  They're not actually being cloned, of course.  But the idea is this: you can brute force the key to read the data in the chip (but not the secret key in the chip, which is why you can't clone) and therefore obtain the data that is printed inside the passport without having to open the envelope.  Identity thieves use a device to copy the new e-chip while the permit is on its way to its owner, without having to open the envelope.  To do this, they have to brute force the BAC key (because normally you have to read the printed data inside the passport in order to obtain the read key).  Unfortunately, it's easier to brute force than you might think, because you can deduce some of the data in the passport (eg, the validity, because it's ten years from the issue date).  Thus, in about four hours, it is claimed that you can read the chip contents without opening the envelope.

What all of this means is that to get better security, the "system" needs to move to Extended Access Control (EAC) so you can't get access to passport data that isn't on the passport: in particular, the "secondary bioemtrics" (ie, fingerprints).  That's that sorted then.  Remember that to implement EAC the passport readers (at the border control post in, say, Bostwana) would have to be issued with key pairs and certificates to prove to the passport that they are authorised.  If I remember correctly, the certificates will have short life -- say a month -- to reduce exposure should the readers be stolen.  That means, in turns, that gazillions of new key pairs will need to be generated all the time and gazillions of certificates will need to be distributed.  When the reader interrogates a passport, it must provide its public key inside a valid certificate, otherwise passport cannot be sure it is a proper reader.  This, in turn, means constantly sending out masses of data to passport readers.  This is a significant technical problem, so you can expect to read "e-passport cracked/cloned/useless" for some time to come.

My opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public.
[posted with ecto]


The comments to this entry are closed.