Previous Politech message:
http://www.politechbot.com/2005/10/25/us-passports-to/
-------- Original Message --------
Subject: Re: [Politech] U.S. passports to receive RFID implants starting
inOctober 2006 [priv]
Date: Tue, 25 Oct 2005 17:17:09 -0400 (EDT)
From: Kristopher Barrett <kbarrett@private>
To: Declan McCullagh <declan@private>
CC: politech@private
References: <435E943B.6020309@private>
Declan McCullagh said:
> All U.S. passports will be implanted with remotely-readable computer
> chips starting in October 2006, the Bush administration has announced.
Expect to see passport RFID triggered terrorist bombs shortly afterwards.
Idiots.
--
Regards,
Kristopher Barrett
-------- Original Message --------
Subject: Re: [Politech] U.S. passports to receive RFID implants starting
in October 2006 [priv]
Date: Tue, 25 Oct 2005 14:39:22 -0700 (PDT)
From: David Alexander Molnar <dmolnar@private>
To: Declan McCullagh <declan@private>
On Tue, 25 Oct 2005, Declan McCullagh wrote:
> My read of the regs is that they are final, and BAC is included:
>
> http://edocket.access.gpo.gov/2005/05-21284.htm
> The Department will also implement Basic Access Control (BAC) to
> mitigate further any potential threat of skimming or eavesdropping
>
> Any thoughts on this?
This is good news - BAC is not perfect, but it is better than nothing.
Compared to where we were last year, this is progress.
Still, I have some remaining questions:
* Use of Active Authentication. The main claimed benefit of the
RFID chip is anti-cloning. The ICAO Active Authentication feature provides
anti-cloning by embedding a signature private key into each chip. The
corresponding public ky is certified by the country CA. At read time, the
reader challenges the chip to correctly sign a random nonce to prove the
chip has the correct private key.
Without Active Authentication, someone who has the signed
contents of the passport can clone the chip and create a new passport. For
example, I could take my passport, scan the interior, complete BAC with
the chip, and obtain the signed photo+ID information. Then I could create
a new chip which will be identical to the one in my passport, so far as a
reader can tell. Therefore Active Authentication is key to the security
benefits claimed for the RFID chip - but I don't see any mention of it in
the rule.
There is a note about evaluating the chip to EAL Level 4, which is what I
would expect if the chip is going to hold a private key, but they don't
actually say they're going to use Active Authentication. Why? Note this is
a security concern, not a privacy concern - cloning chips defeats the
State Department's intended use of the technology. I expect they are in
fact going to use it, but I'd like to see it in black and white.
* Tracking by ISO 14443A UID. The ISO 14443A spec includes the use
of a special "UID" as part of the collision avoidance protocol (collision
avoidance refers to the method used to allow a reader to sync with a
single specific RFID device when many might be in range). The spec says
that the UID may be picked uniformly at random each interaction, OR it may
be fixed and globally unique. If it is fixed and globally unique, then the
UID can be used to track passports or trigger devices. Which is it for the
devices that will be deployed in e-passports? I would like to see a
statement that it will be chosen uniformly at random each time.
* Extended Access Control. The German BSI recently field-tested
passport RFID chips that do a Diffie-Hellman key exchange (!) with mutual
authentication of reader and passport. I have the report link around here
somewhere; I'll forward it to you. This would be an advance over Basic
Access Control, because then the key changes with every interaction. The
proposal also includes a way to expire access granted to readers, which is
important given that a reader may be stolen or sold. If we're going to
push deployment back another year anyway, it may be worth looking at this
proposal. I haven't reviewed the crypto involved in any depth yet, but if
they got it right then this looks like a a solution that addresses most of
the concerns in our paper.
-David Molnar
-------- Original Message --------
Subject: Re: [Politech] U.S. passports to receive RFID implants starting
in October 2006 [priv]
Date: Tue, 25 Oct 2005 18:19:36 -0400
From: Paul Howard <paul6412@private>
To: Declan McCullagh <declan@private>
References: <435E943B.6020309@private>
Man, we need to organize and stop this. My grandchildren aren't going to
know what freedom is if we don't.
-------- Original Message --------
Subject: Re: [Politech] U.S. passports to receive RFID implants starting
in October 2006 [priv]
Date: Tue, 25 Oct 2005 16:29:03 -0400 (EDT)
From: MCKAY john <mckay@private>
To: Declan McCullagh <declan@private>
References: <435E943B.6020309@private>
What material encasing such a document would render it opaque to reading?
Jm
--
But leave the wise to wrangle, and with me
the quarrel of the universe let be;
and, in some corner of the hubbub couched,
make game of that which makes as much of thee.
-------- Original Message --------
Subject: Re: [Politech] U.S. passports to receive RFID implants starting
in October 2006 [priv]
Date: Tue, 25 Oct 2005 14:52:33 -0600
From: Tom Neff <tneff@private>
To: Declan McCullagh <declan@private>
References: <435E943B.6020309@private>
Keep your passport in an aluminum case. You can bet they'll be easy
to buy by 10/06.
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Wed Nov 02 2005 - 22:31:54 PST