E-passport EAC scheme based on Identity-Based Cryptography

  • Authors:

  • C. H. Li;X. F. Zhang;H. Jin;W. Xiang

  • Affiliations:

  • School of Computer Science and Technology, Huazhong University of Science and Technology, 1037 LuoYu Road, 430074 Wuhan, China;School of Computer Science and Technology, Huazhong University of Science and Technology, 1037 LuoYu Road, 430074 Wuhan, China;School of Computer Science and Technology, Huazhong University of Science and Technology, 1037 LuoYu Road, 430074 Wuhan, China;School of Computer Science and Technology, Huazhong University of Science and Technology, 1037 LuoYu Road, 430074 Wuhan, China

  • Venue:
  • Information Processing Letters
  • Year:
  • 2010

Quantified Score

Hi-index 0.89

Visualization

Abstract

Extended Access Control (EAC) is a security mechanism specified to allow only authorized Inspection System (IS) to read sensitive biometric data such as fingerprints from e-passports. Although European Union EAC scheme offers more flexibility than Singapore scheme, there is clearly room for improvement. By adopting Identity-Based Cryptography (IBC) technology, a simple and secure EAC implementation scheme (IBC-EAC) is proposed. The authorization mechanism based on IBC is more trustable because the access right to sensitive data is granted directly to the IS through Authorized Smartcard. A new authentication protocol based on IBC is performed between the e-passport chip and the Authorized Smartcard. The protocol also provides an important contribution towards terminal revocation. By using IBC-EAC scheme, the complexity of deploying and managing PKI can be reduced. And the computational cost for e-passport to verify the certificate chain in EU-EAC scheme can be saved.