Abstract
The first generation e-passport standard is proven to be insecure and prone to various attacks. To strengthen, the European Union (EU) has proposed an Extended Access Control (EAC) mechanism for e-passports that intends to provide better security in protecting biometric information of the e-passport bearer. But, our analysis shows, the EU proposal fails to address many security and privacy issues that are paramount in implementing a strong security mechanism.
In this paper we propose an on-line authentication mechanism for electronic passports that addresses the weakness in existing implementations, of both The International Civil Aviation Organisation (ICAO) and EU. Our proposal utilises ICAO PKI implementation, thus requiring very little modifications to the existing infrastructure which is already well established.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
ICAO: Machine readable travel documents. Technical report, ICAO (2006)
ISO/IEC: Iso/iec14443, identification cards – contactless integrated circuit(s) cards – proximity cards (2000)
Juels, A., Molnar, D., Wagner, D.: Security and privacy issues in e-passports. In: IEEE SecureComm. 2005 (2005)
Laurie, A.: Rfidiot (2007)
Service, A.C.: Smartgate (2006)
Kc, G.S., Karger, P.A.: Preventing attacks on machine readable travel documents (mrtds) (2005), http://eprint.iacr.org/
Pasupathinathan, V., Pieprzyk, J., Wang, H.: Formal analysis of icao’s e-passport specification. In: Brankovic, L., Miller, M. (eds.) Australasian Information Security Conference (AISC2008). Conferences in Research and Practice in Information Technology (CRPIT), vol. 81, Australian Computer Society (2008)
Justice, H.A.: Eu standard specifications for security features and biometrics in passports and travel documents. Technical report, European Union (2006)
Kügler, D.: Security concept of the eu-passport. Security in Pervasive Computing 85 (2005)
Kügler, D.: Adavance security mechanisms for machine readable travel documents. Technical report, Federal Office for Information Security (BSI), Germany (2005)
Desmedt, Y., Goutier, C., Bengio, S.: Special uses and abuses of the fiat-shamir passport protocol. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 21–39. Springer, Heidelberg (1988)
Scherzer, H., Canetti, R., Karger, P.A., Krawczyk, H., Rabin, T., Toll, D.C.: Authenticating mandatory access controls and preserving privacy for a high-assurance smart card. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 181–200. Springer, Heidelberg (2003)
Wiemers, A.: Kommentare zu application interface for smart cards used as secure signature creation device, part 1 - basic requirements. Technical Report Version 0.14, Bonn, Germany (2003)
ANSI: Public key cryptography for the financial services industry, key aggreement and key transport using elliptic curve cryptography. Technical report, American National Standards Institute (ANSI 2001) (2001)
Canetti, R., Krawczyk, H.: Analysis of key exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pasupathinathan, V., Pieprzyk, J., Wang, H. (2008). An On-Line Secure E-Passport Protocol. In: Chen, L., Mu, Y., Susilo, W. (eds) Information Security Practice and Experience. ISPEC 2008. Lecture Notes in Computer Science, vol 4991. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79104-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-79104-1_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79103-4
Online ISBN: 978-3-540-79104-1
eBook Packages: Computer ScienceComputer Science (R0)