E-Passport Cloned In Five Minutes

Last month a panel of EU experts warned that the e-Passport's security is "poorly conceived", and in fact a week later a British newspaper demonstrated a crack. Now another researcher has shown how to clone a European e-Passport in under 5 minutes. A UK Home Office spokesman dismissed it all, saying "It is hard to see why anyone would want to access the information on the chip."

Well then,

"It is hard to see why anyone would want to access the information on the chip."

I guess that's what they call a failure of imagination.

Re:Well then,

Well, it's true that if you already possess a passport and want to copy it, it's essentially the same problem with and without an RFID. It's also true that the RFID chip does stop the basic hack of replacing the photo in the passport (since the data on the chip is persumably read-only, and the chip can't be replaced without mutilating the passport). I think what the esteemed spokesman missed is the privacy implications (I can now read your passport without your knowledge). In particular, you can clone these passports without actually holding the original. In the past to clone a passport you needed the co-operation of its owner (if you steal a passport it's known to be stolen). Now you can make your own sure-to-be valid passport by just stepping into the airport and choosing an appropriate victim (someone who looks like you, perhaps?).

Re:Well then,

A UK Home Office spokesman dismissed it all, saying "It is hard to see why anyone would want to access the information on the chip."

But isn't the whole point of a secure passport to secure the identity of an individual? If the identity is not secure, we may as well not waste the time or money.

Tin foil hats, everyone

The ID cards themselves are just a distraction. The real agenda is the setting up of a big database with information on all citizens. While everyone debates ID cards, they get to do what they want with the database proposal. They can back down on ID cards later, and everyone is happy.

Such ID numbers already exist

Your birth certificate number could be read as CN.DN.cert-number. You have a social insurance number, social security number, or equivalent. You are numbered by your driver's license, your chequing account, your power bill, and a host of other unique identifiers.

I have no objection to SECURE identification. I object to wasting billions on useless crap.

Yes, but not co-ordinated like this

Yes, governments have databases about the citizens of their countries, for tax purposes, medical purposes, driver licensing and so on. That in itself is not unreasonable, as long as the data collected is necessary for the purpose, properly and securely handled, with suitable checks made on those with access to it and confidentiality maintained.

The National Identity Register in the UK, however, will combine most of the existing government databases into a single, centralised point of failure. In practice, it will likely be the case that most government departments and many outside agencies will have access to all of the records about an individual, not just those they have reason to see.

A second major concern is that the NIR will track every time it is checked. That won't help with the identity theft problem that follows from the above, unless the security of access is near-perfect across many thousands of people with access to the database. It will, however, mean that once the national ID card becomes the "easy option" for identity verification, the government has a handy record of each citizen's entire life: where they shop, which financial services they've been using, jobs they've been applying for, where they've travelled and who with, etc. There is simply no need for any state organisation to keep this sort of information about any citizen, other than when conducting legitimate surveillance of a suspect for genuine security purposes, with independent oversight.

Identity thieves, however, already happy to be part of the fastest-growing and most profitable crime wave in recent history, have hit the jackpot. Just along the Slashdot front page from this story as I write this, there is another article estimating that 100 million personal information leaks have occurred within the past couple of years or so. If that combination isn't reason enough to stop the NIR plans right now, I don't know what kind of sanity prevails in the government's universe.

Re:Well then,

It's also true that the RFID chip does stop the basic hack of replacing the photo in the passport (since the data on the chip is persumably read-only, and the chip can't be replaced without mutilating the passport).

Stronger than that, the data on the chip is digitally signed, so even if you can tracelessly replace the chip in the passport with a different one that has the photo you want, you're not going to be able to generate the appropriate digital signature for the altered data. This technology makes the passports effectively unalterable, as long as the chip is intact.

I think what the esteemed spokesman missed is the privacy implications (I can now read your passport without your knowledge). In particular, you can clone these passports without actually holding the original.

Not exactly. To read the passport data you have to have the authentication key. To get the authentication key, you need to have the passport, because the data that the key is derived from is printed inside. Note, however, that it has been shown that a large enough portion of the printed data is guessable, given basic information like the passport holder's name and a guess at his or her age, that the rest can be brute-forced pretty quickly. So there *is* a possibility it could be read without the owner's knowledge, but it's not completely trivial and does require some additional information.

The US has addressed this issue by putting a shielding mesh in the passport cover, which isolates the chip when the cover is closed.

Re:Well then,

UYFB (Use Your F***ing Brain): Do you want all the info on your passport's personal details page readable by absolutely everyone you walk by?

Passport cloning isn't even the primary security concern here. Cloning a passport has become no harder or easier thanks to RFID. But Identity theft will become much much easier.

Can I zap it?

Cloning a passport has become no harder or easier thanks to RFID. But Identity theft will become much much easier.

Couldn't one kill the RFID chip by putting the passport in a microwave oven for a minute?

I can't imagine the rubber-stamper at immigration control not letting me through because he can't read my RFID tag... I'm sure a good percentage of non-zapped passports would fail to scan for one reason or another. If enough people did it, then they justn wouldn't be able to rely on them, period.

Re:Can I zap it?

Actually, they can and will deport you if the chip doesn't work.

You make the invalid assumption that people at immigration desks are reasonable people - they are *not*. Some of them are little Hitlers with bad attitude, and the ones who aren't have their hands tied by the law - they have no discretion at all. If the law says you can't enter without a working chip, the immigration officer (even the world's friendliest and most reasonable one) has no choice but to deport you. Just as they would deport you if your passport photo was mutilated.

(I'll make one exception for the little Hitlers - one notable aberration is Houston's immigration desks - those people are polite and make you feel welcome to the United States - truly refreshing to get to an immigration desk where it isn't just stony faces and demands to see that you have a return plane ticket. I frequently travel through Houston and they've always had good people there. Dallas Ft.Worth on the other hand - I will never travel through that airport again).

Re:Can I zap it?

Please stop with the FUD. The new passport is bad enough without adding fuel to the fire. Check out the official information according to the US Government.

What will happen if my Electronic passport fails at a port-of-entry?

The chip in the passport is just one of the many security features of the new passport. If the chip fails, the passport remains a valid travel document until its expiration date. The bearer will continue to processed by the port-of-entry officer as if he/she had a passport without a chip.

Re:Well then,

"It is hard to see why anyone would want to access the information on the chip."

Just like it is hard to see why anyone would want to blow up an aircraft? I think that people are still thinking within the sandbox and not realising that the real risk is what we have not yet thought of. There will be lots of reasons to want to access the information and to change it or learn to create false IDs that Joe Average security assumes to be valid because it is state of the art.

Re:Well then,

I guess that's what they call a failure of imagination.

It's a common failure that occurs in these scenarios.

As part of my research on driver's licensing issues, when states added photos to driver's licenses (starting in the late 60's) the word "fraud" never entered the picture. Driver's licenses were essentially fraud free documents before the photographs were added--so it really never entered anyone's mind that things would change once the document became more powerful/useful/trusted.

Re:Then why put it on?

Simple: Now you can be blamed for crimes committed with a clone of your passport, because obviously such passports are impossible to clone.

Was the Home Office spokesman an idiot?

"It is hard to see why anyone would want to access the information on the chip." Hmmm... it's also hard to see why anyone would want my credit card information, SSN, address, etc. I'm sure nobody really wants to know any personal information about me at all, and I'm sure nobody would ever want to forge any of my identifying documentation.

Something is just wrong with the UK's Home Office. Today I read that they will now classify panty theifs as sex offenders [sundaymirror.co.uk], receiving the same long-term classification on the sex offenders' registry as child abusers, rapists, and child pornographers.

Re:and if your name is written on said panties

If my name is written on someone else's panties, I demand to know why!

ob Simpsons:
Skinner: Oh, it's a miracle no one was hurt.
Otto: I stand on my record - fifteen crashes and not a single fatality!
Lou: Let's see your license, pal.
Otto: No can do. Never got one. But, if you need proof of my identity, I wrote my name on my underwear... Oh wait, these aren't mine!
Skinner: Well that tears it! Until you get a license and wear your own underwear, mister, you are suspended without pay!

Re:Was the Home Office spokesman an idiot?

they will now classify panty theifs as sex offenders

      Thank God stealing a bra is still ok...I was worried for a second there.

Re:Was the Home Office spokesman an idiot?

Those are the longest leaps of logic I've seen since "I don't know where the universe came from" -> "God must have done it". Impressive.

Re:Was the Home Office spokesman an idiot?

what a fucking crock of shit. someone stealing a womens underwear off the line is a LONG jump to being a pedo. what possible connection can there be between a weirdo taking an adult womens underwear and them being sexually attracted to children? thats right there isn't. it's same bogus thinking that links homosexuals to pedo. and that crap has been debunked for decades. oh and as for your "it's about protection" argument, yeah they will take your liberty all the while softly whisphering in your ear "it's for your protection"

Re:Was the Home Office spokesman an idiot?

Awesome. Let's book kids who sneak some booze when they're underage with the same charge as heroin dealers. They're probably just building up the courage to do something more serious. Of course, there's always the whacky notion that the punishment should fit the crime that was actually committed rather than what we think they might do in the future.

Re:Was the Home Office spokesman an idiot?

That's because stealing panties is a classic sign of a real sex offender getting up the courage to do something more serious.

Says who? You? Heck, why don't we start arresting people for thought crimes, then?

In a nation of laws, people get punished for what they actually do, not for some prediction of what they might or might not do in the future. Apparently, you prefer to live in a totalitarian nation, in which the state can charge anybody with absolutely anything if they just so please.

Re:Was the Home Office spokesman an idiot?

This is absolute bullshit. There has been absolutly no research to determine if an 18 year old who has sex with a 17 year old classmate, or a guy streaking as part of a college fraternity prank, or a guy who has consentual sex with other adult men in a public-park lavatory, or the couple who park up on "lovers lane" to have sex, or a married couple who has oral sex in Arkansas, or the 90% of "sex offenders" who never did anything that wouldn't be legal or a misdemeanor if they where only done in San Fransico or Amsterdam, are likely to do anything!

Only a tiny fraction of the people who are being branded second class citizens for life, and being subjected to a lifetime of harrasment and violence at the hands of vigilantes, did anything remotely like rape or molestation. Most commited only voluntary, consentual sex acts with people their own age.

Sex offender lists, and their sister paranoia law enforcement, Do Not Fly list, are part of our societies current irrational, paranoid, fear of boogie men - being afraid of sex offenders or terrorists depending on where you live and your political beliefs. Personally, I am far more disturbed by the people who believe their friends or neighbors are all devious sexual preditors lurking to rape their kids - If anything I would be far more worried about the guy who is constantly paranoid of sex offenders (ala Mark Foley), than I would the college football players who get arrested doing a panty raid on the girls sorority. Or I would be far more frightened of the people who think everyone named "Mohammed" may be a terrorist, than I would be of someone named "Mohammed" sitting next to me on a plane.

Maybe read Author Miller's "The Crucible" ( http://en.wikipedia.org/wiki/The_Crucible [wikipedia.org] ) to get a good idea of the sort of Moral Panic ( http://en.wikipedia.org/wiki/Moral_panic [wikipedia.org] ) our society is in today.

In other news, bureaucrats develop sentience

As it may be, the people in charge of budgetary approval for the programs which put all of these RFID solutions
into place will steadfastly deny that anything is wrong until they are forced to do so, as agreeing that those are
potentially high security risks would otherwise equate it with having to backtrack on what they previously approved,
even though they were amply forewarned by many in the security-related field.

It's really about not losing face at any cost, lest people start questioning other methods they employ.

Human nature, really. Look no further than the voting machines controversy for parallels here in the US.

Z.

At least they can publish this...

Now another researcher has shown how to clone a European e-Passport in under 5 minutes.

Thanks to a software he himself has developed, called RFdump, he downloads the passport's data onto his computer and then onto a blank chip.

How long would it take for some 3 letter agency to show up at their door in the US?

completely ignores the point

"It is hard to see why anyone would want to access the information on the chip."
Even if the info on the chip is just the same as what's printed in plain sight as they say... it's still defeating one of the security measures in short shrift. How is that not a concern? The fact that the electronic portion of it can be read and copied without actually needing the item (just need to be near it) is a great concern.

Also, the article states that the key to some encrypted information on the chip is something that's printed, in plain sight, on the passport... oh man.

It's a scary world when those who are old and have little clue about technology (the politicians) are told they need a high tech solution to a security issue. They hear a buzzword (RFID) and tell their people "Get something that used RFID into market STAT!"

Plus, I bet they don't even know what STAT means.

Re:completely ignores the point

It's a scary world when those who are old and have little clue about technology (the politicians) are told they need a high tech solution to a security issue.

      Careful. The hippies used to complain about how all the old farts in power didn't have a clue back then. Now they're running things, and look where we are. I shudder to think about what the world will be like when it's YOUR turn...

Open Rights Group - Biometric passport

The Open Rights Group [openrightsgroup.org](Think UK EFF) have a wiki page that provideds more information on this an othere issues with the British Biometric Passport [openrightsgroup.org] The European version of the biometric passport is planned to have digital imaging and fingerprint scan biometrics placed on the Radio Frequency chip. The government of UK thinks that the public has a negative opinion of RFID chips so instead they call it a contactless chip.

This is all FUD

Yes I'm sure it's not very hard to 'read' what's stored on the Passport - but then it's never been very hard to visually look at it and read the paper - god knows how many photocopies there are of my passport in hotels and car-rentals across the planet.
The point of the RFID passport et al is to be able to verify it's genuine. You wave the passport at a border, it summons the electronic version and a check can be made that they match - i.e. verifies that somebody hasn't inserted an alternate photo etc.
If the RFID is just containing a serial number - then why not just use a barcode etc. If passport is broadcasting full details including photos, then the crack that's interesting is if somebody concocts their own passport - and then gets it recognized as a fully signed valid one.
Seeing as most passport fraud is just a genuine one, obtained by a similar looking (or even using the photo of the person going to use it), non-travelling person - then all these schemes are pointless. The weakest link is right at the start with the passport application process. The person who issues your passport hasn't got the slightest clue who you are - and as passports by their very definition are international, if you have trouble getting one in one country, you can just try from another.

huh?

It is hard to see why anyone would want to access the information on the chip.

If no one would want to access that information, then why is it on the chip? Why even bother with the chip? Why even bother with the information?

Could someone address the points raised?

1. They claim that there is little useful on a passport's details page. Can someone confirm whether this is the case for the purposes of general information theft?

2. If the passport page contains anything useful, how easy or difficult will it be to get hold of this information? Can you stand next to someone in a queue and scan the passport in their carry bag, or do you actually need to hold it close? My ID card at work has an RFID chip, that works only at about 4cm.

3. Is it correct that forging RFID passports will be more difficult? Obviously, if you used to have to manufacture a passport or switch a picture, and you now need to _both_ do that _and_ insert or change an RFID chip, then that raises the bar. So the followups to this question are;

3a. Will passport controls be replaced by RFID scans, or in addition to? I would hardly think the former, but please inform.

3b. Is it possible to change the information on an RFID chip without actually having physical access to the circuitry? As in, are there read/write scanners so you can avoid having to manufacture a chip and replacing it in a passport?

If the answers to these are no, difficult, yes, in addition to and no/no, then I can certainly see it providing additional security. And vica versa. Someone in the know?

And the problem is...

How is this different than Xeroxing a 2D barcode? Isn't that why there's biometric data on the passport and a digitally encoded photo - to render it useless even when cloned? Not to mention that the passport # *could* key to a database with the same data for verification purposes - the database should also contain records of passport #'s invalidated due to theft, cloning, or whatever. The data on the RFID chip is *meant* to be read. Rerecording the bitstream is a trivial exercise.

Cheers,
-b.

Breaking news...

....in further breaking news: "...we would like to encourage the terrorist tourism trade to the UK; why would they cause any problems?"

If this happened in the 3rd world...

If this happened in the 3rd world, those in countries like these (the 1st world) would say:

"What do you expect?" "It's the 3rd world."

They need more "technical assistance" from us who are more developed.

But I am not surprised, after all the US, which is the "most technically advanced" country in the world, cannot secure its borders. But is it?

The Solution is Obvious

Throw the researchers in jail for showing the weakness in the system. Problem solved!

why indeed?

"It is hard to see why anyone would want to access the information on the chip."

If that's true, then why use a chip at all?

a simple way to correct cluelessness

"It is hard to see why anyone would want to access the information on the chip."

I think it's time someone cloned his passport and got busted importing drugs or weaponry or child porn or similar while on that passport. Hell, he's probably got a diplomatic passport == no search. Pure gold to anyone wanting to move anything *really* profitable.

yes minister ...

.... was the name of a very funny tv series during the 80s. Its main characters were a clueless minister of state and his conniving private secretary.

This answer "...it's hard to see why...." is a line right out of this show. It doesn't say that the information is worthless, nor does it criticise e-passports for being insecure. Instead it says that the spokesman found something (irrelevant) hard to imagine. That's something completely different.

A masterpiece of misdirection, IMHO and just illustrates how hard it is to get a straight answer out of the b@$+@%ds

6 years ago...

i'm sure people were wondering "why would you want to fly planes into buildings ?"

Tinfoil

You can always get one of these [difrwear.com] or just wrap your passport in tinfoil.

BRB, I'm making a tinfoil hat for my passport, so it matches mine.

encrypted data is printed on the passport anyway

The various articles seem to suggest that the data accessible on the RFID chip is actually printed on the passport anyway. So what's the big deal? For anyone sufficiently inclined to obtain the data they could simply open your passport and read it. Granted the chip makes it easier to obtain this "sensitive" data, but to own and operate the technology to achieve this seems to be no less complex than having a $20 pick-pocket help you get it. In addition, who cares whether it can be copied to another RFID chip? To make that "cloned" data useful, the actual physical passport still needs to be adequately forged and that's not trivial. This "hack" does not seem to have a negative impact on the security of passports. Sure, it doesn't advance their security any, but neither does it detract from it?

The proper response is...

The proper response to that spokesman is "Well then, you won't mind lending us your passport for a minute, so we can copy it and put copies on sale in <district with notorious reputation>, will you?".

Some politicians simply need the problem made their personal problem before they'll see it.

Shielding?

So what is the paranoid meant to do to shield their passports? We all joke about the tin-foil, but is there something that actually does the job?

How about a switch

How about having an electronic switch built in to the passport, so that the chip only works when someone holding it wants it to work. For example, you could set it up so that the chip only works when the passport is opened flat on the details page at the front.

I can't imagine it being that hard in theory, although divising a reliable and rugged switch may be a bit more challenging.

Still, I bet it could be done, and it pretty much eliminates all the concerns about people reading the chip without your permission.

Imagine this scenario

a smart bomb, planted by a terrorist group, to trigger when n passports from a target country are in the vicinity, as long as fewer than x passports from countries friendly to the terrorists are also present.

Alternatively, imagine a government putting monitoring devices in public places, or at the entry ways to residential buildings, and tracking when/if people of certain profiled countries are congregating.

The technology makes be feel assured

What I worry about is a working hack that allows people to insert a different photograph into the information on the chip. There is not border guard in the world who will reject a passport if his electronic scanner shows the photo of the person standing in front of him.

In the "old days" a passport could have had a new photo glued over the top. These could be spotted and rejected. Any new hacks that had a glued-over photo that corresponded with the pic in the RFID chip, would be far less likely to be picked-up. Guards would believe it, because the technology would convince them the passport was genuine.

In any case, we may get to the situation where nobody would look anyway. I came through the gates of Melbourne Airport in Australia a few days ago with my ePassport. I was told by a border guard that soon I would be able to "check myself in" using the passport, without needing to see a border guard.

Identification isn't the problem.

Just once,