Abstract
E-passports are the new means of identification documents in border control points, where special reader devices named inspection terminals are installed to authenticate travelers. The authentication of e-passports to inspection terminals is based on biometric data stored in the formers, while the authentication of inspection terminals to e-passports is based on digital certificates. To check the expiration date of certificates, e-passports maintain an internal variable named effective date, which provides only an estimation of the current time. This introduces a serious threat on e-passports’ privacy. Specifically, e-passports may accept expired certificates, considering them as non-expired, due to the time difference between the effective dates of e-passports and the current time. Thus, in case an adversary obtains an expired certificate, he/she may impersonate a fake inspection terminal and compromise sensitive personal information (e.g., biometric data) from e-passports. This paper proposes a scheme that enables e-passports to update their effective dates based on the effective dates of other, more recently updated e-passports, in a secure and effective manner. In this way, more e-passports have a better estimation of the current time, reducing the time window in which an attacker can use an expired certificate. The proposed scheme minimizes the deployment complexity, since it does not require extensive modifications to the existing infrastructure, while at the same time maintains compatibility with the legacy system.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany: Advanced Security Mechanisms for Machine Readable Travel Documents – Extended Access Control (EAC), version 1.0, TR-03110 (2006)
Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany: Advanced Security Mechanisms for Machine Readable Travel Documents - EAC, PACE and RI, version 2.0 TR-03110 (2008)
Commission Decision C (2006) 2909, EU – E-passport Specification (June 28, 2006)
Nithyanand, R.: A Survey on the Evolution of Cryptographic Protocols in e-passports. University of California – Irvine (2009)
Sinhahttp, A.: A survey of system security in contactless electronic e-passports. International Journal of Critical Infrastructure Protection 4(3-4), 154–164 (2011), www.sciencedirect.com/science/article/pii/S187454821100045X-af000005
Nithyanand, R., Tsudik, G., Uzun, E.: Readers Behaving Badly Reader Revocation in PKI-Based RFID Systems. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 19–36. Springer, Heidelberg (2010)
Ullmann, M., Vögeler, M.: Contactless Security Token Enhanced Security by Using New Hardware Features in Cryptographic-Based Security Mechanisms” from “Towards Hardware-Intrinsic Security Information” Security and Cryptography, ch. 4.4, pt. 5, pp. 259–279 (2010)
Pasupathinathan, V., Pieprzyk, J., Wang, H.: An on-line secure E-passport protocol. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 14–28. Springer, Heidelberg (2008)
Abid, M., Afifi, H.: Secure e-passport protocol using elliptic curve diffie-hellman key agreement protocol. In: 4th International Conference on Information Assurance and Security (2008)
Li, C.H., Zhang, X.F., Jin, H., Xiang, W.: E-passport EAC scheme based on Identity-Based Cryptography. Information Processing Letters 111, 26–30 (2010)
Najera, P., Moyano, F., Lopez, J.: Security Mechanisms and Access Control Infrastructure for e-passports and General Purpose e-Documents. Journal of Universal Computer Science 15(5), 970–991 (2009)
Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures for delegating signing operation. In: Proceedings of the 3rd ACM Conference on Computer and Communications Security. ACM (1996)
Shao, Z.: Proxy signature schemes based on factoring. Information Processing Letters 85, 137–143 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Petrou, C., Ntantogian, C., Xenakis, C. (2013). A Better Time Approximation Scheme for e-Passports. In: Furnell, S., Lambrinoudakis, C., Lopez, J. (eds) Trust, Privacy, and Security in Digital Business. TrustBus 2013. Lecture Notes in Computer Science, vol 8058. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40343-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-40343-9_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40342-2
Online ISBN: 978-3-642-40343-9
eBook Packages: Computer ScienceComputer Science (R0)