Crossing borders: security and privacy issues of the european e-passport

  • Authors:
  • Jaap-Henk Hoepman;Engelbert Hubbers;Bart Jacobs;Martijn Oostdijk;Ronny Wichers Schreur

  • Affiliations:
  • Institute for Computing and Information Sciences, Radboud University Nijmegen, Nijmegen, GL, The Netherlands;Institute for Computing and Information Sciences, Radboud University Nijmegen, Nijmegen, GL, The Netherlands;Institute for Computing and Information Sciences, Radboud University Nijmegen, Nijmegen, GL, The Netherlands;Institute for Computing and Information Sciences, Radboud University Nijmegen, Nijmegen, GL, The Netherlands;Institute for Computing and Information Sciences, Radboud University Nijmegen, Nijmegen, GL, The Netherlands

  • Venue:
  • IWSEC'06 Proceedings of the 1st international conference on Security
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

The first generation of European e-passports will be issued in 2006. We discuss how borders are crossed regarding the security and privacy erosion of the proposed schemes, and show which borders need to be crossed to improve the security and the privacy protection of the next generation of e-passports. In particular we discuss attacks on Basic Access Control due to the low entropy of the data from which the access keys are derived, we sketch the European proposals for Extended Access Control and the weaknesses in that scheme, and show how fundamentally different design decisions can make e-passports more secure.