{"id":439,"date":"2009-01-16T13:13:54","date_gmt":"2009-01-16T21:13:54","guid":{"rendered":"http:\/\/cubist.cs.washington.edu\/Security\/?p=439"},"modified":"2009-01-16T13:13:54","modified_gmt":"2009-01-16T21:13:54","slug":"us-passports-now-all-have-rfid-tags","status":"publish","type":"post","link":"https:\/\/secblog.cs.washington.edu\/Security\/2009\/01\/16\/us-passports-now-all-have-rfid-tags\/","title":{"rendered":"US Passports now all have RFID tags"},"content":{"rendered":"<p>The security review on the EU passports reminded me of this one:\u00a0 As of October 2006, all US passports will contain RFID chips in them, which, when read reveal all the information that is printed on the passport itself, as well as a digital photo of the passport holder.\u00a0 This brings up a privacy issue since basically we will now all be holding passports that can be read without our consent.\u00a0 When using an RFID system, in which data can be read off of the small computer chip inside the passport &#8211; only by being in <em>proximity<\/em> to a reader.\u00a0 This means that an adversary can do what is called &#8216;skimming&#8217; in which they can intercept the transmission between the reader and the passport &#8211; obtaining all the passport&#8217;s data, undetected.\u00a0 This is very similar to &#8216;packet sniffing&#8217; on the internet.\u00a0 Just as one can sit in a coffee shop and read your gmail without you knowing, eavesdroppers can now sit at the airport and read your passport without you knowing.\u00a0 <!--more--><\/p>\n<p>The US State Department knows of this vulnerability and has attempted to cover it by adding &#8216;shielding&#8217; to the passport so that the tag can only be read when the passport is open.\u00a0 According to the <span class=\"glossaryterm\">ISO<\/span> 14443 specification the RFID tags can only be read when brought within 10 cm to the reader.\u00a0 This is a narrow window, which helps the security of the system, but does not completely protect it.\u00a0 Also, they have added a so called PIN to the passport so that the data on the chip can only be read when the PIN (which is printed on the passport) is entered.<\/p>\n<p>Did this just defeat the purpose?\u00a0 They added the ability to quickly scan all the information for viewing on the computer, but then add a PIN so that a number must be entered in order to get this information&#8230;\u00a0 In my view, this is quite the same as entering one&#8217;s passport id number (maybe a few characters longer than the PIN) and looking it up in an internal database to see the passport holder&#8217;s information.\u00a0 This is much more secure in my opinion and keeps all data out of the air.\u00a0 The question is &#8211; at what point does convenience triumph security?\u00a0 This answer should be &#8216;never&#8217;, but many systems have ignored this and this is why there are many vulnerable systems out there.\u00a0 As with Kerckhoffs&#8217; principle, the only thing that should be kept secret should be the key.\u00a0 But what is the key in this situation?\u00a0 It seems as if there are many parts in this system, all of which are trying to be kept secret, which is known as &#8216;security by obsecurity&#8217; and is frowned upon by many.\u00a0 As with voting and many other things &#8211; some things are best left to being done the old fashioned way &#8211; on paper.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The security review on the EU passports reminded me of this one:\u00a0 As of October 2006, all US passports will contain RFID chips in them, which, when read reveal all the information that is printed on the passport itself, as &hellip; <a href=\"https:\/\/secblog.cs.washington.edu\/Security\/2009\/01\/16\/us-passports-now-all-have-rfid-tags\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":103,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-439","post","type-post","status-publish","format-standard","hentry","category-security-reviews"],"_links":{"self":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/439","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/users\/103"}],"replies":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/comments?post=439"}],"version-history":[{"count":5,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/439\/revisions"}],"predecessor-version":[{"id":444,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/439\/revisions\/444"}],"wp:attachment":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/media?parent=439"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/categories?post=439"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/tags?post=439"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}