Abstract
Millions of citizens around the world have already acquired their new electronic passport. The e-passport is equipped with contactless communication capability, as well as with a smart card processor enabling cryptographic functionality. Countries are required to build a Public Key Infrastructure to support digital signatures, as this is considered the basic tool to prove the authenticity and integrity of the Machine Readable Travel Documents. The first large-scale worldwide PKI is currently under construction, by means of bilateral trust relationships between Countries. In this paper, we investigate the good practices, which are essential for the establishment of a global identification scheme based on e-passports, together with the security and privacy issues that may arise. We argue that an e-passport may also be exploited in other applications as a globally interoperable PKI-enabled tamperproof device. The preconditions, the benefits, and the drawbacks of using e-passports in everyday electronic activities are further analyzed and assessed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ICAO: Document 9303, Machine Readable Travel Documents, 6th edn. (December 2005)
ICAO: Machine Readable Travel Documents: Development of a Logical Data Structure – LDS, Technical Report, ver. 1.7 (May 2004)
ICAO: PKI for Machine Readable Travel Documents offering ICC Read-Only Access, Technical Report, ver. 1.1 (October 2004)
Gritzalis, S., Katsikas, S., Gritzalis, D., Stamatiu, Y., Lekkas, D., Marias, Y.: PKI Services in the Public Sector of the EU Member States – Chapter 6: Good Practices. University of the Aegean, Report to the Greek Presidency of the European Union (2003)
Housley, R.: Cryptographic Message Syntax, RFC 3369, IETF (2002)
Housley, R., Polk, W., Ford, W., Solo, D.: Internet, X.: 509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, RFC 3280, IETF (2002)
Jonsson, J., Kaliski, B.: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1, RFC 3447, IETF (2003)
Lekkas, D.: Establishing and managing trust within the Public Key Infrastructure. Computer Communications 26(16), 1815–1825 (2003)
Bosworth, K., Tedeschi, N.: Public Key Infrastructures - the Next Generation. BT Technology Journal 19(3), 44–59 (2001)
Juels, A., Molmar, D., Wagner, D.: Security and privacy issues in e-passports. In: SecureComm 2005, 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, Greece (2005)
Yoshida, J.: Tests reveal e-passport security flaw. Electronic Engineering Times 1336, 1 (2004)
Maurer, U.: Intrinsic limitations of digital signatures and how to cope with them. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 180–192. Springer, Heidelberg (2003)
Hancke, G.: Practical Attacks on Proximity Identification Systems. In: Proc. of the 2006 IEEE Symposium on Security and Privacy (S&P 2006), pp. 328–333 (2006)
Dimitriou, T.: A Lightweight RFID Protocol to protect against Traceability and Cloning attacks. In: SecureComm 2005, 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, Greece (2005)
Kugler, D.: Advanced security mechanisms for Machine Readable Travel Documents, Technical Report, Federal Office for Information Security (BSI), Germany (2005)
Convey, A., Kupiszewski, M.: Keeping up with Schengen: Migration and policy in the European Union. The International Migration Review 29(112), 939–963 (1995)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lekkas, D., Gritzalis, D. (2007). E-Passports as a Means Towards the First World-Wide Public Key Infrastructure. In: Lopez, J., Samarati, P., Ferrer, J.L. (eds) Public Key Infrastructure. EuroPKI 2007. Lecture Notes in Computer Science, vol 4582. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73408-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-73408-6_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73407-9
Online ISBN: 978-3-540-73408-6
eBook Packages: Computer ScienceComputer Science (R0)