Skip to main content
SpringerLink
Log in

Crossing Borders: Security and Privacy Issues of the European e-Passport

  • Conference paper
Advances in Information and Computer Security (IWSEC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4266))

Included in the following conference series:

Abstract

The first generation of European e-passports will be issued in 2006. We discuss how borders are crossed regarding the security and privacy erosion of the proposed schemes, and show which borders need to be crossed to improve the security and the privacy protection of the next generation of e-passports. In particular we discuss attacks on Basic Access Control due to the low entropy of the data from which the access keys are derived, we sketch the European proposals for Extended Access Control and the weaknesses in that scheme, and show how fundamentally different design decisions can make e-passports more secure.

Id: passport.tex,v 1.44 2006/06/30 07:25:14 ronny Exp.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kamerstuk II 2004/2005, 25 764, nr. 26 (Official communication of the Dutch parliament)

    Google Scholar 

  2. Kamerstuk II, 2004/2005, 29 754, nr. 5 (Official communication of the Dutch parliament)

    Google Scholar 

  3. Yearly report on algorithms and keysizes (2005). Technical report, IST-2002-507932 ECRYPT, D.SPA.10 Rev. 2005-0.2 (January 2006)

    Google Scholar 

  4. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: IEEE Security and Privacy, Oakland, CA, USA, pp. 72–84. IEEE, Los Alamitos (1992)

    Google Scholar 

  5. BSI. Advanced security mechanisms for machine readable travel documents – extended access control (eac). Technical Report TR-03110, Bundesamt für Sicherheit in der Informationstechnik (BSI), Bonn, Germany (2006)

    Google Scholar 

  6. Proposal for a council regulation amending regulation (ec) no 1683/95 laying down a uniform format for visas. OJ C 51, 219–220 (February 26, 2002)

    Google Scholar 

  7. Proposal for a council regulation on standards for security features and biometrics in eu citizens’ passports. OJ C 98(39) (April 23, 2004)

    Google Scholar 

  8. Hoepman, J.-H., Jacobs, B.: E-passports without the big picture. eGov Monitor (February 20, 2006), http://www.egovmonitor.com/node/4716

  9. ICAO. Machine Readable Travel Documents. Technical report, ICAO, 5th edn (2003)

    Google Scholar 

  10. ICAO. Development of a logical data structure - LDS for optional capacity expansion technologies, revision 1.7. Technical report, ICAO (May 2004)

    Google Scholar 

  11. ICAO. PKI for machine readable travel documents offering ICC read-only access, version - 1.1. Technical report (Octrober 2004)

    Google Scholar 

  12. ISO 7816. ISO/IEC 7816 Identification cards – Integrated circuit(s) cards with contacts. Technical report, ISO JTC 1/SC 17

    Google Scholar 

  13. ISO 7816-12. ISO/IEC 7816 Identification cards – Integrated circuit(s) cards – Part 12: Cards with contacts – USB electrical interface and operating procedures. Technical report, ISO JTC 1/SC 17

    Google Scholar 

  14. Juels, A., Molnar, D., Wagner, D.: Security issues in e-passports. In: SecureComm 2005 (2005)

    Google Scholar 

  15. Gaurav, S.K., Karger, P.A.: Security and privacy issues in machine readable travel documents (MRTDs). IBM Technical Report (RC 23575), IBM T. J. Watson Research Labs (April 2005)

    Google Scholar 

  16. Kügler, D.: Security mechanisms of the biometrically enhanced (eu) passport. In: Security in Pervasive Computing conference, Boppard, Germany (April 2005), www.spc-conf.org/2005/slides/SPC_Passport.pdf

  17. Massey, J.L.: Guessing and entropy. In: Proc. 1994 IEEE International Symposium on Information Theory, p. 204 (1994)

    Google Scholar 

  18. National Institute of Standards and Technology. Recommendation for key management. Technical Report Special Publication 800-57 Draft, NIST (August 2005)

    Google Scholar 

  19. Evaluation report biometrics trial 2B or not 2B (2005), www.europeanbiometrics.info/images/resources/88_630_file.pdf

Download references

Author information

Authors and Affiliations

  1. Institute for Computing and Information Sciences, Radboud University Nijmegen, P.O. Box 9010, 6500, GL, Nijmegen, The Netherlands

    Jaap-Henk Hoepman, Engelbert Hubbers, Bart Jacobs, Martijn Oostdijk & Ronny Wichers Schreur

Authors
  1. Jaap-Henk Hoepman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Engelbert Hubbers
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bart Jacobs
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Martijn Oostdijk
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ronny Wichers Schreur
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Electro-Communication, The University of Electro-Communications, 1-5-1, Chofugaoka, P.O. Box, 182-8585, Chofu, Japan

    Hiroshi Yoshiura

  2. Department of Computer Science, Communication Engineering, Kyushu University, 812-0053, Fukuoka, Japan

    Kouichi Sakurai

  3. Institute of Business Informatics, Goethe University Frankfurt, Frankfurt/Main, Germany

    Kai Rannenberg

  4. Faculty of Software and Information Science, Iwate Prefectural University, 152-52 Sugo, Takizawa, Takizawa-mura, 020-0193, Iwate, Japan

    Yuko Murayama

  5. Toshiba Corporation, 1, Komukai Toshiba-cho, Saiwai-ku, P.O. Box, 212-8582, Kawasaki, Japan

    Shinichi Kawamura

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hoepman, JH., Hubbers, E., Jacobs, B., Oostdijk, M., Schreur, R.W. (2006). Crossing Borders: Security and Privacy Issues of the European e-Passport. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S. (eds) Advances in Information and Computer Security. IWSEC 2006. Lecture Notes in Computer Science, vol 4266. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11908739_11

Download citation

  • DOI: https://doi.org/10.1007/11908739_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-47699-3

  • Online ISBN: 978-3-540-47700-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation