Advertisement

E-Passport: Cracking Basic Access Control Keys

  • Yifei Liu
  • Timo Kasper
  • Kerstin Lemke-Rust
  • Christof Paar
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4804)

Abstract

Since the introduction of the Machine Readable Travel Document (MRTD) that is also known as e-passport for human identification at border control debates have been raised about security and privacy concerns. In this paper, we present the first hardware implementation for cracking Basic Access Control (BAC) keys of the e-passport issuing schemes in Germany and the Netherlands. Our implementation was designed for the reprogrammable key search machine COPACOBANA and achieves a key search speed of 228 BAC keys per second. This is a speed-up factor of more than 200 if compared to previous results and allows for a runtime in the order of seconds in realistic scenarios.

Keywords

E-Passport MRTD Basic Access Control Key Search Machine SHA-1 DES COPACOBANA 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
    Advanced Security Mechanisms for Machine Readable Travel Documents – Extended Access Control, http://www.bsi.bund.de/fachthem/epass/EACTR03110_v101.pdf
  3. 3.
  4. 4.
    Behördenkennzahlen für deutsche Personalausweise und Reisepässe, http://www.pruefziffernberechnung.de/Begleitdokumente/BKZ.pdf
  5. 5.
  6. 6.
    Bundestag verabschiedet Novelle des Passgesetzes, http://www.heise.de/newsticker/meldung/90202
  7. 7.
    FIPS 180-1 Secure Hash Standard, http://www.itl.nist.gov/fipspubs/fip180-1.htm
  8. 8.
    FIPS 46-3 Data Encryption Standard (DES), http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
  9. 9.
  10. 10.
    Privacy issues with new digital passport, http://www.riscure.com/news/passport.html
  11. 11.
    Avoine, G., Kalach, K., Quisquater, J.-J.: Belgian Biometric Passport does not get a pass. Your personal data are in danger!, http://www.dice.ucl.ac.be/crypto/passport/index.html
  12. 12.
    Bosselaers, A.: Fast Implementations on the Pentium, http://homes.esat.kuleuven.be/~bosselae/fast.html
  13. 13.
    Carluccio, D., Lemke-Rust, K., Paar, C., Sadeghi, A.-R.: E-Passport: The Global Traceability or How to Feel Like an UPS Package. In: WISA 2006. LNCS, vol. 4298, pp. 391–404. Springer, Heidelberg (2006)Google Scholar
  14. 14.
    Statistisches Bundesamt Deutschland. GENESIS-Online - Das statistische Informationssystem, https://www-genesis.destatis.de/genesis/online/logon
  15. 15.
    Finkenzeller, K.: RFID-Handbuch. Hanser Fachbuchverlag, 3rd edn. (October 2002)Google Scholar
  16. 16.
    Hancke, G.P.: Practical Attacks on Proximity Identification Systems (Short Paper). In: IEEE Symposium on Security and Privacy 2006 (2006), http://www.cl.cam.ac.uk/~gh275/SPPractical.pdf
  17. 17.
    Hoepman, J.-H., Hubbers, E., Jacobs, B., Oostdijk, M., Schreur, R.W.: Crossing Borders: Security and Privacy Issues of the European e-Passport. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 152–167. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    ISO/IEC 14443. Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Part 1-4 (2001), www.iso.ch
  19. 19.
    Vaudenay, S., Monnerat, J., Vuagnoux, M.: About Machine-Readable Travel Documents. In: Proceedings of the International Conference on RFID Security 2007, pp. 15–28 (2007)Google Scholar
  20. 20.
    Juels, A., Molnar, D., Wagner, D.: Security and Privacy Issues in E-passports. Cryptology ePrint Archive, Report 2005/095 (2005), http://eprint.iacr.org/2005/095.pdf
  21. 21.
    Kc, G.S., Karger, P.A.: Security and Privacy Issues in Machine Readable Travel Documents (MRTDs). RC 23575, IBM T. J. Watson Research Labs (April 2005)Google Scholar
  22. 22.
    Kumar, S., Paar, C., Pelzl, J., Pfeiffer, G., Rupp, A., Schimmler, M.: How to Break DES for C 8,980. In: SHARCS‘06 – Special-purpose Hardware for Attacking Cryptographic Systems, pp. 17–35 (2006), http://www.hyperelliptic.org/tanja/SHARCS/talks06/copa_sharcs.pdf
  23. 23.
    Kumar, S., Paar, C., Pelzl, J., Pfeiffer, G., Schimmler, M.: Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 101–118. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  24. 24.
    ICAO TAG MRTD/NTWG. Biometrics Deployment of Machine Readable Travel Documents, Technical Report (2004), http://www.icao.int/mrtd
  25. 25.
    International Civil Aviation Organization. Annex I, Use of Contactless Integrated Circuit. Machine Readable Travel Documents (2004), http://www.icao.int/mrtd
  26. 26.
    International Civil Aviation Organization. Machine Readable Travel Documents, PKI for Machine Readable Travel Documents offering ICC Read-Only Access (2004), http://www.icao.int/mrtd
  27. 27.
    International Civil Aviation Organization. Machine Readable Travel Documents, Technical Report, Development of a Logical Data Structure - LDS For Optional Capacity Expansion Technologies (2004), http://www.icao.int/mrtd
  28. 28.
    International Civil Aviation Organization. Machine Readable Travel Documents, Supplement to Doc9303-part1-sixth edition (2005), http://www.icao.int/mrtd
  29. 29.
    International Civil Aviation Organization. Machine Readable Travel Documents, Doc 9303, Part 1 Machine Readable Passports, Fifth Edition (2003)Google Scholar
  30. 30.
    Robroch, H.: ePassport Privacy Attack, Presentation at Cards Asia Singapore (April 26, 2006), http://www.riscure.com

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Yifei Liu
    • 1
  • Timo Kasper
    • 1
  • Kerstin Lemke-Rust
    • 1
  • Christof Paar
    • 1
  1. 1.Horst Görtz Institute for IT Security, Ruhr University BochumGermany

Personalised recommendations