Security and Privacy Issues in E-passports
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
IEEE Security and Privacy
ePassport: Securing International Contacts with Contactless Chips
Financial Cryptography and Data Security
Improved Security Notions and Protocols for Non-transferable Identification
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
E-passport: the global traceability or how to feel like a UPS package
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Weakening epassports through bad implementations
RFIDSec'12 Proceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues
An investigative analysis of the security weaknesses in the evolution of RFID enabled passport
International Journal of Internet Technology and Secured Transactions
Hi-index | 0.00 |
The recent introduction of electronic passports (e-Passports) motivates the need of a thorough investigation on potential security and privacy issues. In this paper, we focus on the e-Passport implementation adopted in Italy. Leveraging previous attacks to e-Passports adopted in other countries, we analyze (in)security of Italian e-Passports and we investigate additional critical issues. Our work makes several contributions. 1. We show that in some concrete scenarios, Italian e-Passports are prone to eavesdropping attacks, where one can unnoticeably obtain private data stored in the e-Passport using RF communication, while the passport is stored in a bag/pocket. Moreover, we show how to trace e-Passports by successfully linking two or more communication transcripts related to the same e-Passport. 2. We propose a set of open-source tools that build successful attacks to the security of Italian e-Passports. Among them, we provide a simulator that produces attacks without requiring physical passports and RFID equipment. 3. We show that the random number generator included in the RFID chips produces bits that are noticeably far from the uniform distribution, thus potentially exposing Italian e-Passports to several other attacks.