Security and Privacy Issues in E-passports
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Formal security analysis of Australian e-passport implementation
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
A Framework for Assessing RFID System Security and Privacy Risks
IEEE Pervasive Computing
ePassport: Securing International Contacts with Contactless Chips
Financial Cryptography and Data Security
Improved Security Notions and Protocols for Non-transferable Identification
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Electronic passports - from secure specifications to secure implementations
Information Security Tech. Report
Known---Plaintext---Only Attack on RSA---CRT with Montgomery Multiplication
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
An RFID Attacker Behavior Taxonomy
IEEE Pervasive Computing
E-Passport: cracking basic access control keys
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
An on-line secure e-passport protocol
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Increasing privacy threats in the cyberspace: the case of Italian e-passports
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Secure and scalable RFID authentication protocol
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
A survey of system security in contactless electronic passports
Journal of Computer Security
Practical eavesdropping and skimming attacks on high-frequency RFID tokens
Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
A traceability attack against e-passports
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Crossing borders: security and privacy issues of the european e-passport
IWSEC'06 Proceedings of the 1st international conference on Security
RFID security and privacy: a research survey
IEEE Journal on Selected Areas in Communications
E-passports as a means towards the first world-wide public key infrastructure
EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice
| Hi-index | 0.00 |
Since the introduction of radio frequency identification RFID enabled passports, the system has been plagued with various vulnerability issues that prove to compromise the e-passport security. To date, three generations of e-passports have been introduced by the International Civil Aviation Organization ICAO and the European Union EU. The first two generations of e-passports are being issued worldwide. This paper presents the evolution of these passports over the years to develop taxonomy of the weaknesses and to serve as a reference point detailing security vulnerabilities linked to the RFID e-passport features in the three generations. The findings can also assist in profiling possible attack vectors on the existing RFID enabled passports and in developing comprehensive RFID e-passport risk mitigation strategies. To illustrate the importance of a comprehensive risk strategy when using RFID e-passport, the attack process modelling method is used to highlight the possible attacks and weaknesses which could result from not using one or more security features.