Basic access control

Last updated

Basic access control (BAC) is a mechanism specified to ensure only authorized parties [1] can wirelessly read personal information from passports with an RFID chip. It uses data such as the passport number, date of birth and expiration date to negotiate a session key. This key can then be used to encrypt the communication between the passport's chip and a reading device. This mechanism is intended to ensure that the owner of a passport can decide who can read the electronic contents of the passport. This mechanism was first introduced into the German passport on 1 November 2005 and is now also used in many other countries (e.g., United States passports since August 2007). [2]

Contents

Inner workings

The data used to encrypt the BAC communication can be read electronically from the bottom of the passport called the machine readable zone. Because physical access to the passport is assumed to be needed to know this part of the passport it is assumed that the owner of the passport has given permission to read the passport. Equipment for optically scanning this part of the passport is already widely used. It uses an OCR system to read the text which is printed in a standardized format.

Security

There is a replay attack against the basic access control protocol that allows an individual passport to be traced. [3] [4] The attack is based on being able to distinguish a failed nonce check from a failed MAC check and works against passports with randomized unique identifiers and hard to guess keys.

The basic access control mechanism has been criticized as offering too little protection from unauthorized interception. Researchers claim [5] that because there are only limited numbers of passport issued, many theoretically possible passport numbers will not be in use in practice. The limited range of human age ranges further reduce the space of possibilities.

In other words, the data used as an encryption key has low entropy, meaning that guessing the session key is possible via a modest brute force attack.

This effect increases when passport numbers are issued sequentially or contain a redundant checksum. Both are proven to be the case in passports issued by the Netherlands [ citation needed ]. There are other factors that can be potentially used to speed up a brute force attack. There is the fact that dates of birth are typically not distributed randomly in populations. Dates of birth may be distributed even less randomly for the segments of a population that pass, for example, a check-in desk at an airport. And the fact that passports are often not issued on all days of the week and during all weeks of a year. Therefore, not all theoretically possible expiration dates may get used. In addition, the fact that real existing dates are used further limits the number of possible combinations: The month makes up two of the digits used for generating the key. Usually, two digits would mean 100 (00−99) combinations in decimal code or (36×36=1296) combinations in alphanumeric code. But as there are only 12 months, there are only 12 combinations. It is the same with the day (two digits and 31 combinations or less, depending on the month).

The German passport serial-number format (previously 10-digit, all-numeric, sequentially assigned) was modified on 1 November 2007, in response to concerns about the low entropy of BAC session keys. The new 10-character serial number is alphanumeric and generated with the help of a specially-designed block cipher, to avoid a recognizable relationship with the expiry date and increase entropy. In addition, a public-key based extended access control mechanism is now used to protect any information in the RFID chip that goes beyond the minimum ICAO requirements, in particular fingerprint images.

See also

Related Research Articles

<span class="mw-page-title-main">Encryption</span> Process of converting plaintext to ciphertext

In cryptography, encryption is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Despite its goal, encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.

A passphrase is a sequence of words or other text used to control access to a computer system, program or data. It is similar to a password in usage, but a passphrase is generally longer for added security. Passphrases are often used to control both access to, and the operation of, cryptographic programs and systems, especially those that derive an encryption key from a passphrase. The origin of the term is by analogy with password. The modern concept of passphrases is believed to have been invented by Sigmund N. Porter in 1982.

Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. An RFID system consists of a tiny radio transponder called a tag, a radio receiver, and a transmitter. When triggered by an electromagnetic interrogation pulse from a nearby RFID reader device, the tag transmits digital data, usually an identifying inventory number, back to the reader. This number can be used to track inventory goods.

<span class="mw-page-title-main">Key derivation function</span> Function that derives secret keys from a secret value

In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function. KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudorandom functions used for key derivation.

The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.

<span class="mw-page-title-main">Biometric passport</span> Traditional passport that has an embedded electronic microprocessor chip

A biometric passport is a traditional passport that has an embedded electronic microprocessor chip, which contains biometric information that can be used to authenticate the identity of the passport holder. It uses contactless smart card technology, including a microprocessor chip and antenna embedded in the front or back cover, or centre page, of the passport. The passport's critical information is printed on the data page of the passport, repeated on the machine readable lines and stored in the chip. Public key infrastructure (PKI) is used to authenticate the data stored electronically in the passport chip, supposedly making it expensive and difficult to forge when all security mechanisms are fully and correctly implemented.

In cryptanalysis, attack models or attack types are a classification of cryptographic attacks specifying the kind of access a cryptanalyst has to a system under attack when attempting to "break" an encrypted message generated by the system. The greater the access the cryptanalyst has to the system, the more useful information they can get to utilize for breaking the cypher.

<span class="mw-page-title-main">BitLocker</span> Disk encryption software for Microsoft Windows

BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes. By default, it uses the Advanced Encryption Standard (AES) algorithm in cipher block chaining (CBC) or "xor–encrypt–xor (XEX)-based Tweaked codebook mode with ciphertext Stealing" (XTS) mode with a 128-bit or 256-bit key. CBC is not used over the whole disk; it is applied to each individual sector.

In cryptography, key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources it takes to test each possible key. Passwords or passphrases created by humans are often short or predictable enough to allow password cracking, and key stretching is intended to make such attacks more difficult by complicating a basic step of trying a single password candidate. Key stretching also improves security in some real-world applications where the key length has been constrained, by mimicking a longer key length from the perspective of a brute-force attacker.

A contactless smart card is a contactless credential whose dimensions are credit card size. Its embedded integrated circuits can store data and communicate with a terminal via NFC. Commonplace uses include transit tickets, bank cards and passports.

<span class="mw-page-title-main">United States passport card</span> U.S. identification card

The United States passport card is an optional national identity card and a travel document issued by the U.S. federal government in the size of a credit card. Like a U.S. passport book, the passport card is only issued to U.S. citizens and U.S. nationals exclusively by the U.S. Department of State. The passport card allows its holders to travel by domestic air flights within the U.S., and to travel by land and sea within North America. However, the passport card cannot be used for international air travel. US passport cards are used to verify identity and US citizenship. The requirements to attain the passport card are identical to the passport book and compliant to the standards for identity documents set by the REAL ID Act.

<span class="mw-page-title-main">German passport</span> Passport issued to German citizens

A German passport is an identity document issued to nationals of Germany for the purpose of international travel. A German passport is, besides the German ID card and the German Emergency Travel Document, the only other officially recognised document that German authorities will routinely accept as proof of identity from German citizens. Besides serving as proof of identity and presumption of German nationality, they facilitate the process of securing assistance from German consular officials abroad. German passports are valid for ten years or six years and share the standardised layout and burgundy red design with other EU passports. Every German citizen is also a citizen of the European Union. The passport, along with the national identity card, allows for free rights of movement and residence in any of the states of the European Union, European Economic Area and Switzerland.

<span class="mw-page-title-main">Kenyan passport</span> Passport of the Republic of Kenya issued to Kenyan citizens

The Kenyan passport is issued to Kenyan citizens in accordance with the Constitution of Kenya, 2010 and as provided for in the Kenya Citizens and Immigration Act that commenced on 30 August 2011. In addition issuance process is regulated by Legal Notice No. 64. If eligible, an individual can apply for a New Passport, Renewal Passport and Replacement Passport. Passports are issued by the Department of Immigration. The department is under the Ministry of Interior and Coordination of National Government. Kenyan passports are usually used as a form of ID as well and would be rated as second to the Kenyan national ID card. Before Kenya got independence from Britain, British passports were used.

Extended Access Control (EAC) is a set of advanced security features for electronic passports that protects and restricts access to sensitive personal data contained in the RFID chip. In contrast to common personal data which can be protected by basic mechanisms, more sensitive data must be protected further for preventing unauthorized access and skimming. A chip protected by EAC will allow that this sensitive data is read only by an authorized passport inspection system.

Wireless identity theft, also known as contactless identity theft or RFID identity theft, is a form of identity theft described as "the act of compromising an individual’s personal identifying information using wireless mechanics." Numerous articles have been written about wireless identity theft and broadcast television has produced several investigations of this phenomenon. According to Marc Rotenberg of the Electronic Privacy Information Center, wireless identity theft is a serious issue as the contactless (wireless) card design is inherently flawed, increasing the vulnerability to attacks.

<span class="mw-page-title-main">German residence permit</span> German identity card

The German residence permit is a document issued to non-EU citizens living in Germany.

Supplemental access control (SAC) is a set of security features defined by ICAO for protecting data contained in electronic travel documents. SAC specifies the Password Authenticated Connection Establishment (PACE) protocol, which itself supplements and improves upon the Basic Access Control (BAC) protocol also established by ICAO. PACE, like BAC, prevents two types of attacks:

The term digital card can refer to a physical item, such as a memory card on a camera, or, increasingly since 2017, to the digital content hosted as a virtual card or cloud card, as a digital virtual representation of a physical card. They share a common purpose: Identity Management, Credit card, Debit card or driver license. A non-physical digital card, unlike a Magnetic stripe card can emulate (imitate) any kind of card.

The Iraqi National Card is an biometric identity card issued by the Ministry of Interior from January 1, 2016. It replaced the Nationality Certificate and Civil Identification Document and the Residency Card. This card has a high security platform and is connected directly to the Iraqi Civil System, and can be used to travel within Iraq and Syria.

Crypto-shredding is the practice of 'deleting' data by deliberately deleting or overwriting the encryption keys. This requires that the data have been encrypted. Data may be considered to exist in three states: data at rest, data in transit and data in use. General data security principles, such as in the CIA triad of confidentiality, integrity, and availability, require that all three states must be adequately protected.

References

  1. "ICAO Document 9303, Part 1" (PDF). Retrieved 2023-04-12.
  2. Archived December 30, 2007, at the Wayback Machine
  3. Goodin, Dan (2010-01-26). "Defects in e-passports allow real-time tracking, The Register, Dan Goodin, 26th Jan 2010". Theregister.co.uk. Retrieved 2012-01-15.
  4. "A Traceability Attack Against e-Passports, Tom Chothia and Vitaliy Smirnov, 14th International Conference on Financial Cryptography and Data Security 2010" (PDF). Retrieved 2012-01-15.
  5. Hancke, Gerhard (2006). "Practical Attacks on Proximity Identification Systems (Short Paper), Security and Privacy, 2006 IEEE Symposium on, Gerhard Hancke, 10 April 2012" (PDF). Security and Privacy, 2006 IEEE Symposium on. Retrieved 2012-05-10.

Sources