Chip Authentication for E-Passports: PACE with Chip Authentication Mapping v2
- Cite this paper as:
- Hanzlik L., Kutyłowski M. (2016) Chip Authentication for E-Passports: PACE with Chip Authentication Mapping v2. In: Bishop M., Nascimento A. (eds) Information Security. ISC 2016. Lecture Notes in Computer Science, vol 9866. Springer, Cham
According to the European Commission Decision C(2006) 2909, EU Member States must implement Supplemental Access Control (SAC) on biometric passports. The SAC standard describes two versions of a password based authenticated key exchange protocol called PACE-GM and PACE-IM. Moreover, it defines an extension called PACE-CAM. Apart from password authentication and establishing a session key, the PACE-CAM protocol executes an active authentication of the ePassport with just one extra modular multiplication. However, it uses PACE-GM as a building block and does not work with the more efficient protocol PACE-IM. In this paper we propose an active authentication extension, which can be used with both PACE-GM and PACE-IM. Moreover, the protocol’s overhead on the side of the ePassport, remains the same despite more universality.