Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

No Encryption For RFID passports 73

Spy der Mann writes "Despite widespread criticism from security experts, the government is declining to encrypt data on RFID passports. Lee Tien, an attorney at the Electronic Frontier Foundation, said: 'It is my understanding it's possible to read this information from 10 to 30 feet away with the right equipment.' Considering gadgets like the BlueSniper as 'right equipment,' I think he's got a point. Tinfoil covers, anyone?"
This discussion has been archived. No new comments can be posted.

No Encryption For RFID passports

Comments Filter:
  • by Andy_R ( 114137 ) on Monday February 28, 2005 @07:12AM (#11801400) Homepage Journal
    Even if you accept that RFID should be incorporated in passports (and the concept of terrorists and criminals owning a hand-held US-passport detector should be more than enough reason to realise it's a completely dumb idea), then why on earth should there be any locally stored data?

    If the passport held a unique ID number and nothing else, then sensitive data could be stored somewhere safe off-site, rather than in the back pocket of a potential terrorist.
    • If it is only a ID number, then the picture and info could be stored centrally. But then what about when that server gets hacked?

      I think that if there is no broadcast, but info is on the passport and it is a touch transfer that could solve the problem, What would be so hard about it being a smart card that doesn't transmit?

      A
    • If this scheme is anything like the push for ID cards here in the UK, then it is being driven by the RFID manufacturers. Just a number on the passport would be too cheap. The government has got to spend billions of tax dollars on new and untested technology in order to make fat profits for the businesses that are lobbying for this.
    • From the technical point of view you are right, storing just a unique ID would be the simplest way. But this does not fit well into the scheme of privacy. With your solution you will have no control about who uses the data belonging to your ID. If you store the data directly in the passport chip you have the full control to either allow or deny someone to read it.
      • If you store the data directly in the passport chip you have the full control to either allow or deny someone to read it.
        Yes, stand 30' away from anyone you wish to deny access, Never been to a big city, like NYC, Chicago, SF, Brussels, etc., eh?
        • Re:Full Control (Score:2, Interesting)

          by JRIsidore ( 524392 )
          Duh... there are some security concepts that require the reading machine to have visible access to your passport. Before any personal data is exchanged the reader has to authenticate itself by sending the RFID chip a secret key that is imprinted inside the passport. So without making an image of the passport or reading a barcode etc. the reader is unable to retrieve any data.
    • by Wwolmack ( 731212 ) on Monday February 28, 2005 @08:02AM (#11801574)
      It's an anti-counterfeiting measure.

      From TFA:
      [the RFID contains] all the information on the data page of the passport, including name, date and place of birth, and a digitized version of the photo passport [passport number, and date/place of issuance]

      So thanks to the digital signature (however strong that may be), passport forgers will need to crack the signature to create a passport with matching name, photo, etc. that would pass muster. Its basically adding another layer of difficulty for forgers.

      Of course, this still ignores the potential of:
      -Skimming via a bluesniper
      -Forgers creating fake rfid chips (how hard/far off can it be, now that this will be the primary goal of passport forgers?)

      The decision to rely on a digital signature (which is basically crypto!) and not encrypt the data is positively loopy. They haven't even decided what kind of signature it will be, and weakenesses in cryptographic methods are discovered [slashdot.org] all [slashdot.org] the [slashdot.org] time [slashdot.org].
      • Well digital signatures, without a handshake type of auth just means that if someone copies your info exacty, they can copy your digital signature exactly also. Of course if someone feels the need to change something slightly, than yes digital signature would make that difficult.
      • The decision to rely on a digital signature (which is basically crypto!) and not encrypt the data is positively loopy.

        It is clearly an intentional choice. The goal is to make luser's data easy to get at. When talking about "lusers" in the context of government, read aloud as "anyone who doesn't get a bodyguard on government payroll".

      • The reason is quicker transfer of more data (high resolution pictures of your face, biometric information like fingerprints) than can be achieved with the paper version.

        It should be noted that it is only the US that does not deploy "basic access control", which effectively locks out RFID readers unless they can optically read the passport (e.g. it is on the scanner).

        Europe and Japan are implementing this privacy protection. The irony is that especially for US citizens the threat of identity theft is (sti

    • If the passport held a unique ID number and nothing else, then sensitive data could be stored somewhere safe off-site, rather than in the back pocket of a potential terrorist.

      Opens up an attack where the "terrorists" cut off access to the central server(s). The response is to either shut down access to an entire area (i.e. stop all outgoing flights) or just let people through by relying on other ID.

      I would also suspect that requiring communications back to a central server dramatically increases the amo


    • If the passport held a unique ID number and nothing else, then sensitive data could be stored somewhere safe off-site, rather than in the back pocket of a potential terrorist.

      Passports still need some low tech means for border guards to perform a cursory check of people passing through national boundaries that, believe it or not, may not have internet connectivity.

      I'd guess that the majority of international border crossings have little more than unreliable telephones and military radios.

    • Hand-held? Think 'bomb mounted'.

      RFID passports would be an assassins dream; you could drop a whole load of ID triggered bombs along a victims possible routes. And then a few extra at the nearest hospital, should they survive. The assassin would be halfway around the world by the time one goes off.

      And as there would be no problem surreptiously reading an ID, just a number wont do either, as it could be pre-scanned and used later.
  • Better yet (Score:5, Insightful)

    by Creepy Crawler ( 680178 ) on Monday February 28, 2005 @07:19AM (#11801422)
    Either remove the RFID bug or fry it with microwaves.

    Either way, just guarantee there's nothing to harvest information from.

    Still, I fail to understand why anybody would want encryption on it.. Encryption schemes are broken, as are signing algorythims and other complex mathematical constructs. COnsidering how long passports have been around, would you trust your data to DES?
    • If you fry it, then you have an invalid passport. So you're a terrorist. You win a free holiday in Cuba.
      • Actually they'd most likely just go "Aww crap someone did something stupid with their passport again" and be forced to READ it with their EYES (dear god how low-tech, the horror). Also this is mostly pointless anyway since they already have to visually check the RFID-transmitted picture against the person holding the passport, and it introduces the likelyhood of all this newfangled technology having dead batteries or some user-induced malfunction.

        Can't think of much good reason to stick RFID in passports,
    • Personally, I'd prefer having some sort of encryption on it, especially if the alternative is plaintext. Although it is true that it is possible to break encryption, as was recently shown with SHA-1, it takes time and effort to do this. Simply because it CAN be broken doesn't mean that we shouldn't use it. I'd much rather have it that only people willing to invest copious amounts of time into breaking the encryption can get to my personal data as compared to anyone who can read the chip.
      • Repeat after me...

        SHA-1 is not an encryption agorithm (in the most common sense of the word).

        SHA-1 is a hashing algorithm (or one-way encryption algorithm if you insist on using word "encryption").

        SHA-1 can not be used to store data, only to verify that data you already have is the same data that was used to create the SHA-1 hash.
        • SHA-1 is not an encryption agorithm (in the most common sense of the word). SHA-1 is a hashing algorithm (or one-way encryption algorithm if you insist on using word "encryption"). My apologies. I guess the point I was trying to make is that though algorithms can be broken, I'd much rather have an algorithm there that needs to be broken than simply the data sitting open and unencrypted.
          • SHA-1 IS an encryption algo IF your message is the same size or smaller than the SHA-1 keysize.

            Encryption implies a 1-1 ratio of encrypted content to plaintext. Signing implies there's a 1-many ratio between signed content to plaintext.

            There IS a 1-1 ratio on a SHA-1 message when it's smaller or equal to the bits in SHA-1.
            • SHA-1 IS an encryption algo IF your message is the same size or smaller than the SHA-1 keysize.

              How exactly do you decrypt it?
              • Well, you reverse the algo.

                Im not familiar with the interworkings of SHA-1 personally, but understand crypto ideas.

                I assume that SHA-1 throws away parts of the numbers needed to reverse SHA-1.

                Still, the message is a 1-1 as long as it's the SHA-1 signature size or less... I GUESS you could brute force it ;P
                • Well, you reverse the algo.

                  You cannot reverse the algorithm -- that's the point. SHA-1 is a cryptographic hash algorithm.

                  Still, the message is a 1-1 as long as it's the SHA-1 signature size or less...

                  No, because the hash algorithm does not guarantee that two input values smaller than the output value do not produce the same output value.

                  I GUESS you could brute force it ;P

                  There is no guarantee you will find the original input, only an input that produces the same output.
    • Re:Better yet (Score:2, Informative)

      by Wwolmack ( 731212 )
      From the link in TFA:
      Under the proposed rule, a passport that contains a damaged, defective, or otherwise nonfunctioning electronic chip or with observable wear and tear that render it unfit for further use as a travel document may be invalidated by the Department of State.
      So without the working RFID, you are at the mercy of the Dept of State.
      You also get to apply for a new passport, and boy is that fun (2 hour wait) and cheap ($85/$145 rushed)!
      • How is this any different than right now? If your passport is mutilated (missing photo, pages, etc.), you need to get a new one anyway. It adds one other thing that can go wrong, sure, but it's nothing new.

        Besides, considering the limited staff at the State Dept. and most embassies, you would think they would do their best to keep the teeming hordes and their RFIDs as far away as possible.
        • I want to put on my tin foil hat and make sure that my passpord it free of micro-organisms by PUTTING it into the MICROWAVE, YEAH!

          While this woulnd't incur any damage to my current passpord, my Enhanced Password with RFID action may not fair as well.

          And I woulnd't want to pay $_$ to have a perfectly good, micro-organism free passport replaced, would I?
      • Sigh.

        First off, this is more annoying than a paper passport that's damaged because you can TELL that your paper passport is damaged before you head for the airport. With this, I could have what I believe to be a perfectly-functioning passport, get to the airport in time for a critical flight, then discover I can't get on because it's damaged. Bluh.

        Also worth noting (but not as a follow-up to what you've said) I remember reading that these RFID-equipped passports would be lined with a grid of metal wires,
    • Re:Better yet (Score:3, Informative)

      by swillden ( 191260 ) *

      would you trust your data to DES?

      You do, every day. You trust your money to DES. Ever use an ATM? Your PIN is encrypted with DES. How about a debit card? Same thing. How about on-line payment? While the SSL connection may or may not use DES, the bank-to-bank communications involved in moving the money are protected with DES.

      BTW, If you ask your question of a professional cryptographer, the answer will be "Yes". And you won't find a more paranoid group than cryptographers.

      Encryption schemes a

      • I don't know what banks use, but standard DES uses 40-bit keys, which can be broken by brute force in a matter of hours at most. Maybe you're thinking of triple-DES, which uses longer keys (120-bit, I think) and is quite strong by today's (2005) standards.
        • Standard DES uses 56-bit keys. Actually 64-bit keys, but every eigth bit is a parity bit and doesn't contribute to the calculation. Yes, the banking industry uses 3DES for many purposes, usually double-key 3DES, which gives 112 bits of key material (triple-key 3DES has 168 bits of key material, but due to the meet-in-the-middle attack is not that much stronger than double-key 3DES).

          Single-DES can be brute-forced in a matter of a day or so with a special-purpose machine, a few weeks with a moderate numbe

          • Thanks for the corrections about key lengths.

            From a theoretical security perspective brute force does not count as a "break", and so DES is essentially unbroken although insecure due to the small keyspace.

            For all us non-theoreticians out here, it seems to me that there's a big difference between two systems if one is "insecure due to the small key space" and the other is not, even if the cryptographic algorithm behind each is equally good (or just plain equal, as in this case). If I'm depending on a s

            • If I'm depending on a system that is in fact insecure, whether it's a practical or theoretical insecurity is less important than the fact that it is insecure.

              The difference is that a keyspace size problem is something that can be addressed (by multiple encryption, ala 3DES) and then the weakness is effectively gone. A break of the algorithm, on the other hand, may be patchable by altering the algorithm, but the result is a new, completely untested algorithm that must be reviewed and analyzed over the co

  • by advocate_one ( 662832 ) on Monday February 28, 2005 @07:31AM (#11801465)
    just what you need when driving around town with your new RFID enabled passport... [theregister.co.uk] amazing how things just pop up when the topics are appropriate...
  • by IO ERROR ( 128968 ) * <error.ioerror@us> on Monday February 28, 2005 @07:36AM (#11801479) Homepage Journal
    From the article:

    The State Department concedes that skimming is a legitimate threat, but says the chips will have a read range of inches, that eavesdropping at border stations would be very conspicuous and that the passports will have a shielding mechanism -- perhaps a foil case or a weave in the cover that will cloak the chip when the passport is closed.
  • by martin ( 1336 ) <`moc.liamg' `ta' `cesxam'> on Monday February 28, 2005 @07:36AM (#11801480) Journal
    Of course should they have encrypted/passwd prototected the security, and then some person cracks that method they'd be in trouble too.

    Knowingly having zero security *can* be better than having poor security and thinking it's strong security. eg the early 802.11 standards where security was thought to be good and turned out to be abismal, the css on DVD's etc.
    • On the other hand, having poor security believing it's strong *may* be better than having no security believing it's unneccessary. The article says that simply having the "foil case or a weave in the cover that will cloak the chip" should be enough to protect the data.
      • So they're going to use an RFID tag, the whole point of which is that it can be read at a distance, with no contact. And they're going to enclose it in a RF shield, so that it can only be read close-up, with someone to open the shield. And someone thinks that this is a good idea?

        Still, two opportunities for profit: the RFID manufacturers and the RF shielding manufacturers can both get their cut.

        • And they're going to enclose it in a RF shield, so that it can only be read close-up, with someone to open the shield. And someone thinks that this is a good idea?

          True, it makes no sense to me that they'd use RFID in the first place. Surely they can come up with a technology which is on by demand (press a button) rather than which is always on. Or maybe there's a way to put a digital signature on the photo itself. I guess it wouldn't be a digital signature then, though, as photos aren't digital. What

          • PDF417 [idautomation.com] allows for 1100 bytes. That's not enough.

            It's not a trivial problem, after all you'd like the device to be battery-free, but maybe you'd have to abandon that requirement. Wouldn't be so horrible to put one of those watch batteries into it, since if the battery was lost or went dead you could just get a new one at the border. Then you can put a button on the damn thing so it's only transmitting when you press the button. And then you can have your digitally signed photo, which is the whole point

          • Or they use a mag stripe hooked up to a little chipset, powered by the host machine. I mean really, you're getting stopped by border patrol. Is it really that much extra effort to physically touch your passport to a machine, when you're likely to be sitting in customs for an hour and a half anyway?

            It sounds to me like someone got lobbied.

  • don't forget - SHINY SIDE OUT.

    This goes for foil hats too, but you already knew that didn't you.
  • take one RFID scanner , one unshielded passport , one laptop and an empty fake. Perhaps im hyping this up a little , but Drive by identity theft

  • by SimianOverlord ( 727643 ) on Monday February 28, 2005 @07:46AM (#11801518) Homepage Journal
    According to the wired article: Agents will also be able to use facial identification software to compare the person to the digitized photo, which is not feasible with current passports.

    Which is interesting because, according to this [wave-report.com] the error rate for real time facial recognition: the current error rate is 20% [...] this implies that out of 50,000 match scores there are 1,000 errors.

    Enjoy the wait. Remind me how many of the 9/11 hijackers had invalid passports?
  • by anthony_dipierro ( 543308 ) on Monday February 28, 2005 @08:02AM (#11801572) Journal
    We're talking about RFID here, these things aren't powerful enough to do any processing themselves, you can just read data from them. So if you use encryption, then you've gotta give anyone who needs to read the thing a decryption key - customs agents in every country of the world. It would be a matter of minutes before the decryption key got into the hands of criminals.
    • You are wrong here.

      If you wanna read a non-RFID passport, you have to take it from the owner and open it. This usually involves the owner willingly giving it to you.

      If you wanna read a RFID passport, you have to get close to the owner (think next few places in a queue here) and use an active (power transmitting) reading device, or you use a passive device that doesn't have to remotely power the RFID chip and eavesdrop on a conversation between a legit passport reading station and the passport. This allows
      • If you wanna read a non-RFID passport, you have to take it from the owner and open it. This usually involves the owner willingly giving it to you.

        Well, there are certainly technologies other than RFID which can transmit over distances, but I think I know what you mean and can agree with you here...

        The security degradation that the conversion from non-RFID to RFID implies is that you now don't need consent from the passport owner to read it, and actually the owner won't even notice you reading it.

        OK..

        • If anyone with a machine reader can read the decryption key, what's the point of encrypting anything?

          To prevent reading without physical access to the passport. The key is printed on some page of the passport and is read via OCR. So you have to open the passport to get the key to decrypt the RFID data.

          The point of encryption is overcoming the "can read without consent" problem.

          It is left to the passport owner whom he allows physical access to his passport, and whoever has that physical access can also g
          • To prevent reading without physical access to the passport. The key is printed on some page of the passport and is read via OCR. So you have to open the passport to get the key to decrypt the RFID data.

            Ah, I see what you're saying. Youe meant litterally "print" the decryption key. Yeah, good idea, that'd solve the problem (though perhaps not in the most efficient way, now that someone else has mentioned it why not just use a mag stripe? I assume they can hold enough data).

            • Yes, a mag stripe would work as well, but i think the problem with that would be durability.

              Passports are usually valid for ten years (might depend on country, so YMMV) and can be used even after they are expired (depending on the country you wanna enter). ATM cards and other mag stripe things usually have a much shorter life.

              Replacing a defective passport would be more costly and involve more standing-in-line-and-stuff than replacing an ATM card.

              If the durability of the mag stripe (or other non-wireless
          • A slight problem with putting the decryption key on the passport (e.g., as a barcode or mag stripe) is that it would make it easier for a forger to make a fake passport (i.e., they just make up whatever encryption key they want, print it on the passport, then encrypt the data with that key and put it on the RFID). The simple solution is to also include a digital signature on the encryption key.

            Of course, this whole thing could be solved by printing a big 2D barcode on a page of the passport instead of inc
  • by Terri416 ( 131871 ) on Monday February 28, 2005 @08:21AM (#11801664)
    Put a nice long Yagi on a sniper rifle and a PDA to control it. Go to a convenient rooftop and survey your choice of targets. Choose a likely one and squeeze lightly .. the Yagi sends an activation pulse to the target's passport and listens for the nationality .. "USA". A second later, one less Merkin.

    Your tax dollars at work!

    Actually, a hidden roadside bomb is more likely. You can even target on the basis of other data, such as name or religion. Great fun.

    I already have my aluminium card holder.
  • by NoSuchGuy ( 308510 ) <do-not-harvest-m ... dot@spa.mtrap.de> on Monday February 28, 2005 @09:13AM (#11801964) Journal
    Tinfoil covers, anyone?"

    Just wait for the law that makes the use of tinfoil illegal.

    No tinfoil pockets
    No tinfoil lining of jackets
    No tinfoil anything

    Tinfoil will be listed as a dual use good with special import/export restrictions like a screw driver for atomic bombs.
    Before the law, tinfoil and atomic bombs will be treated equal.

  • by mizna ( 865484 )
    What if the chip gets broken? How do they distinguish it's fake or it was genuine?

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian

Working...