Towards a More Secure and Scalable Verifying PKI of eMRTD

  • Nicolas Buchmann
  • Harald Baier
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8341)


The new electronic passport stores biometric data on a contactless readable chip to uniquely link the travel document to its holder. This sensitive data is protected by a complex protocol called Extended Access Control (EAC) against unlawful readouts. EAC is manifold and thus needs a complex public key infrastructure (PKI). Additionally EAC is known to suffer from unsolved weaknesses, e.g., stolen (mobile) passport inspection systems due to its missing revocation mechanism. The paper at hand seeks for potential approaches to solve these shortcomings. As a result we present an evaluation framework with special focus on security and scalability to assess the different candidates and to give a best recommendation. Instead of creating new protocols, we focus on solutions, which are based on well-known protocols from the Internet domain like the Network Time Protocol (NTP), the Online Certificate Status Protocol (OCSP), and the Server-based Certificate Validation Protocol (SCVP). These protocols are openly standardised, widely deployed, thoroughly tested, and interoperable. Our recommendation is that the EAC PKI would benefit most from introducing NTP and OCSP.


Smart Card Solution Candidate Inspection System Replay Attack Biometric Data 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bickenbach, H.J., Brauckmann, J., Alfred, G., Horváth, T., Knobloch, H.J.: Common PKI Specifications for interoperable Applications, v2.0 (January 2009),
  2. 2.
    BSI: Certificate Policy für die ePass-Anwendung der hoheitlichen Dokumente. Bundesamt für Sicherheit in der Informationstechnik (BSI) (October 2010)Google Scholar
  3. 3.
    BSI: Technical Guideline TR-03110 Advanced Security Mechanisms for Machine Readable Travel Documents - Extended Access Control (EAC), Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI). Bundesamt für Sicherheit in der Informationstechnik (BSI), 2.05 edn. (October 2010)Google Scholar
  4. 4.
    Chaabouni, R., Vaudenay, S.: The extended access control for machine readable travel documents, EPFL (February 2010)Google Scholar
  5. 5.
    Deacon, A., Hurst, R.: The Lightweight Online Certificate Status Protocol (OCSP) Profile for High-Volume Environments. RFC 5019 (Proposed Standard) (September 2007)Google Scholar
  6. 6.
    Hoepman, J.-H., Hubbers, E., Jacobs, B., Oostdijk, M., Schreur, R.W.: Crossing borders: Security and privacy issues of the european e-passport. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 152–167. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    ICAO: ICAO MRTD Report, vol. 1(1) (March 2006)Google Scholar
  8. 8.
    ICAO: ICAO MRTD Report, vol. 2(1) (April 2007)Google Scholar
  9. 9.
    IETF: RFC 2560 – X.509 Internet Public Key Infrastructure – Online Certificate Status Protocol - OCSPGoogle Scholar
  10. 10.
    IETF: RFC 3820 – Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate ProfileGoogle Scholar
  11. 11.
    IETF: RFC 5055 – Server-Based Certificate Validation Protocol (SCVP)Google Scholar
  12. 12.
    IETF: RFC 5246 – The Transport Layer Security (TLS) Protocol - Version 1.2Google Scholar
  13. 13.
    IETF: RFC 5905 – Network Time Protocol Version 4: Protocol and Algorithms SpecificationGoogle Scholar
  14. 14.
    ISO: Identification cards – Integrated circuit cards – Part 8: Commands for security operations – ISO/IEC 7816-8 (September 2009)Google Scholar
  15. 15.
    Moses, T.: Protecting biometric data with extended access control – securing biometric datasets in electronic identification documents, Entrust, Inc. (January 2010),
  16. 16.
    Papapanagiotou, K., Markantonakis, C., Zhang, Q., Sirett, W.G., Mayes, K.: On the Performance of Certificate Revocation Protocols Based on a Java Card Certificate Client Implementation. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds.) SEC 2005. IFIP AICT, vol. 181, pp. 551–564. Springer, Heidelberg (2005)Google Scholar
  17. 17.
    Pasupathinathan, V., Pieprzyk, J., Wang, H.: An on-line secure e-passport protocol. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 14–28. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Rankl, W., Effing, W.: Smart Card Handbook, 4th edn. Wiley (August 2010)Google Scholar
  19. 19.
    Straub, T., Hartl, M., Ruppert, M.: Digitale Reisepässe in Deutschland - Prozesse und Sicherheitsinfrastruktur. In: Dittmann, J. (ed.) Sicherheit. LNI, vol. 77, pp. 233–243. GI (2006)Google Scholar
  20. 20.
    van Tilborg, H.C., Jajodia, S. (eds.): Encyclopedia of Cryptography and Security, 2nd edn. Springer (September 2011)Google Scholar
  21. 21.
    Vaudenay, S., Vuagnoux, M.: About machine-readable travel documents. Journal of Physics: Conference Series 77(1) (2007)Google Scholar
  22. 22.
    Wiegers, K.E.: Software Requirements, 2nd edn. (Pro-Best Practices). Microsoft Press (March 2003)Google Scholar
  23. 23.
    Yum, D.H., Lee, P.J.: Separable Implicit Certificate Revocation. In: Park, C., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 121–136. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Nicolas Buchmann
    • 1
  • Harald Baier
    • 1
  1. 1.da/sec Biometrics and Internet Security Research GroupHochschule DarmstadtDarmstadtGermany

Personalised recommendations