Add to collection(s) Add to saved
  1. Engineering
  2. Informatica
  3. Java (programmeertaal)

e-Passports - Radboud Universiteit

advertisement 
e- passports
Erik Poll
Digital Security Group
Radboud University Nijmegen
overview
• e-passports
• functionality and
security mechanisms
• problems, so far
• future
Erik Poll
Radboud Universiteit Nijmegen
2
e-passports
•
e-passport contains RFID chip / contactless
smartcard
– in Dutch passports, a Java Card
•
chip stores digitally signed information:
– initially just facial images (photos)
– soon also fingerprints
– later maybe iris
•
aka biometric passport or MRTD with ICC/chip
•
introduction pushed by US in the wake of 9/11
– to solve what problem??
•
international standard by ICAO (International
Civil Aviation Organization, branch of United
Nations)
Erik Poll
e-passport logo
Radboud Universiteit Nijmegen
3
Protocols & standards
ISO 14443
• defines physical communication for RFIDs
ISO 7816
• originally developed for contact smartcards
• defines standard APDU commands & responses,
ICAO standard for e-passports
• defines specific IS0 7816 commands and
responses for passports
additional EU standards
• standardise optional parts of ICAO specs
& fix timeline
• additional advanced secuity mechanisms on top of ICAO
Erik Poll
Radboud Universiteit Nijmegen
4
National id-cards & terminology
• Nederlandse Identiteitskaart (NIK) conforms to the same
ICAO specification
NB possible confusion
• eNIK is a future extension of NIK,
with digital signature capability
• MRTD = Machine-Readable Travel Document
just has Machine (OCR) Readable Zone,
the MRZ, but need not contain a chip
ie. e-passport = MRTD + chip
Erik Poll
MRZ
Radboud Universiteit Nijmegen
5
Basic Access Control (BAC)
protects against unauthorised access
and eavesdropping
optically read MRZ
Machine
Readable
Zone
send MRZ
receive additional info
encrypted
Erik Poll
Radboud Universiteit Nijmegen
6
Alternative: Faraday Cage
• protects against unauthorised access, but not
eavesdropping
– used in US passports, initially instead of BAC
Erik Poll
Radboud Universiteit Nijmegen
7
Active Authentication (AA)
protects against passport cloning (which BAC doesn't)
ie authentication of the passport chip
public key, signed by government (DG15)
send challenge
prove knowledge of
corresponding private key
Erik Poll
Radboud Universiteit Nijmegen
8
Questions?
•
Open source implementation of passport terminal and
passport applet available at http://jmrtd.sourceforge.net
Erik Poll
Radboud Universiteit Nijmegen
9
Related documents
MEDIATE Expert meeting 25 July 2016
MEDIATE Expert meeting 25 July 2016
“Cultuur in perspectief” (2e semester: 2008) (dinsdag tussen 16u00
“Cultuur in perspectief” (2e semester: 2008) (dinsdag tussen 16u00
Identification of new molecular mechanisms potentially involved in
Identification of new molecular mechanisms potentially involved in
A Novel Mitochondrial ATP8 (MT-ATP8) Gene Mutation
A Novel Mitochondrial ATP8 (MT-ATP8) Gene Mutation
Application Model
Application Model
Mapping and Localization from a Panoramic Vision Sensor
Mapping and Localization from a Panoramic Vision Sensor
Laetitia PETRUSSA DNA methylation reprogramming in human
Laetitia PETRUSSA DNA methylation reprogramming in human
TU/e technische universiteit eindhoven
TU/e technische universiteit eindhoven
Minor Brain and Mind - Vrije Universiteit Amsterdam
Minor Brain and Mind - Vrije Universiteit Amsterdam
using Visio - Technische Universiteit Eindhoven
using Visio - Technische Universiteit Eindhoven
Object-Oriented Software Engineering
Object-Oriented Software Engineering
Curriculum Vitae
Curriculum Vitae
VUBIS library system - Associatie Antwerpen
VUBIS library system - Associatie Antwerpen
Download
advertisement