Formal security analysis of Australian e-passport implementation

Authors:
Vijayakrishnan P;Josef Pieprzyk;Huaxiong Wang
Affiliations:
Macquarie University, New South Wales;Macquarie University, New South Wales;Macquarie University, New South Wales
Venue:
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Year:
2008

Citing 10
Cited 2

Communicating sequential processes

Communicating sequential processes
Using CSP to Detect Errors in the TMN Protocol

IEEE Transactions on Software Engineering
An Introduction to Evaluating Biometric Systems

Computer
An Introduction to Evaluating Biometric Systems

Computer
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Special Uses and Sbuses of the Fiat-Shamir Passport Protocol

CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Verifying authentication protocols with CSP

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Model for Secure Protocols and Their Compositions

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Automated analysis of cryptographic protocols using Mur/spl phi/

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Security and Privacy Issues in E-passports

SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks

Security and privacy in electronic passports

International Journal of Biometrics
An investigative analysis of the security weaknesses in the evolution of RFID enabled passport

International Journal of Internet Technology and Secured Transactions

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.