The PACE|CA Protocol for Machine Readable Travel Documents

Bender, Jens; Fischlin, Marc; Kügler, Dennis

doi:10.1007/978-3-319-03491-1_2

Jens Bender¹⁸,
Marc Fischlin¹⁹ &
Dennis Kügler¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8292))

Included in the following conference series:

International Conference on Trusted Systems

519 Accesses
9 Citations

Abstract

The International Civil Aviation Organization (ICAO) has adopted the password-based connection establishment protocol (PACE) for securing the contactless communication between the machine-readable travel documents and the readers at border controls. This Diffie-Hellman based protocol achieves impersonation resistance at password strength. To reinforce authentication of the travel documents beyond this lowentropy security, the challenge-response based active authentication protocol could be executed afterwards. However, this optional protocol is often omitted for efficiency reasons. In order to salvage strong security we investigate the possibility to provide active authentication almost “for free” with the PACE|CA protocol, by re-using some of the randomness from the PACE protocol for authentication.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)
Chapter Google Scholar
Bellare, M., Palacio, A.: The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 273–289. Springer, Heidelberg (2004)
Chapter Google Scholar
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Chapter Google Scholar
Bender, J.: Chip authentication for ICAO. ISO/IEC JTC1 SC17 WG3 Meeting (March 2012)
Google Scholar
Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: The PACE|AA protocol for machine readable travel documents, and its security. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 344–358. Springer, Heidelberg (2012)
Chapter Google Scholar
Bender, J., Fischlin, M., Kügler, D.: Security analysis of the PACE key-agreement protocol. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 33–48. Springer, Heidelberg (2009)
Chapter Google Scholar
Brier, E., Coron, J.-S., Icart, T., Madore, D., Randriam, H., Tibouchi, M.: Efficient indifferentiable hashing into ordinary elliptic curves. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 237–254. Springer, Heidelberg (2010)
Chapter Google Scholar
BSI: Advanced security mechanism for machine readable travel documents extended access control (EAC). Tech. Rep (BSI-TR-03110) Version 2.05 Release Candidate, Bundesamt fuer Sicherheit in der Informationstechnik, BSI (2010)
Google Scholar
Coron, J.-S., Gouget, A., Icart, T., Paillier, P.: Supplemental access control (PACE v2): Security analysis of PACE integrated mapping. In: Naccache, D. (ed.) Cryphtography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 207–232. Springer, Heidelberg (2012)
Chapter Google Scholar
Hada, S., Tanaka, T.: On the existence of 3-round zero-knowledge protocols. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 408–423. Springer, Heidelberg (1998)
Chapter Google Scholar
Hanzlik, L., Krzywiecki, Ł., Kutyłowski, M.: Simplified PACE|AA protocol. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 218–232. Springer, Heidelberg (2013)
Chapter Google Scholar
ICAO: Machine readable travel documents. Tech. Rep. Doc 9303, Part 1 Machine Readable Passports, 6th edn., International Civil Aviation Organization, ICAO (2006)
Google Scholar
Icart, T.: How to hash into elliptic curves. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 303–316. Springer, Heidelberg (2009)
Chapter Google Scholar
Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany
Jens Bender & Dennis Kügler
Darmstadt University of Technology, Germany
Marc Fischlin

Authors

Jens Bender
View author publications
You can also search for this author in PubMed Google Scholar
Marc Fischlin
View author publications
You can also search for this author in PubMed Google Scholar
Dennis Kügler
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institute for Applied Processing and Communications, Graz University of Technology, Austria
Roderick Bloem
Institute for Applied Processing and Communications, Graz University of Technology, Graz, Austria
Peter Lipp

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Bender, J., Fischlin, M., Kügler, D. (2013). The PACE|CA Protocol for Machine Readable Travel Documents. In: Bloem, R., Lipp, P. (eds) Trusted Systems. INTRUST 2013. Lecture Notes in Computer Science, vol 8292. Springer, Cham. https://doi.org/10.1007/978-3-319-03491-1_2

Download citation

DOI: https://doi.org/10.1007/978-3-319-03491-1_2
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-03490-4
Online ISBN: 978-3-319-03491-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics