Biometric Passport - Attacks

Attacks

Since the introduction of biometric passports several attacks are presented and demonstrated:

• Non-traceable chip characteristics. In 2008 a Radboud/Lausitz University team demonstrated that it's possible to determine which country a passport chip is from without knowing the key required for reading it. The team fingerprinted error messages of passport chips from different countries. The resulting lookup table allows an attacker to determine where a chip is from. In 2010 Tom Chothia and Vitaliy Smirnov documented an attack that allows an individual passport to be traced, by sending specific BAC authentication requests.
• Basic Access Control (BAC). In 2005 Marc Witteman showed that the document numbers of Dutch passports were predictable, allowing an attacker to guess/crack the key required for reading the chip. In 2006 Adam Laurie wrote software that tries all known passport keys within a given range, thus implementing one of Witteman's attacks. Using online flight booking sites, flight coupons and other public information it's possible to significantly reduce the number of possible keys. Laurie demonstrated the attack by reading the passport chip of a Daily Mail's reporter in its envelope without opening it. Note that in some early biometric passports BAC wasn't used at all, allowing attacker to read the chip's content without providing a key.
• Passive Authentication (PA). In 2006 Lukas Grunwald demonstrated that it is trivial to copy passport data from a passport chip into a standard ISO/IEC 14443 smartcard using a standard contactless card interface and a simple file transfer tool. Grunwald used a passport that did not use Active Authentication (anti-cloning) and did not change the data held on the copied chip, thus keeping its cryptographic signature valid. In 2008 Jeroen van Beek demonstrated that not all passport inspection systems check the cryptographic signature of a passport chip. For his demonstration Van Beek altered chip information and signed it using his own document signing key of a non-existing country. This can only be detected by checking the country signing keys that are used to sign the document signing keys. To check country signing keys the ICAO PKD can be used. Only 5 out of 60+ countries are using this central database. Van Beek did not update the original passport chip: instead an ePassport emulator was used. Also in 2008, The Hacker's Choice implemented all attacks and published code to verify the results. The release included a video clip that demonstrated problems by using a forged Elvis Presley passport that is recognized as a valid US passport.
• Active Authentication (AA). In 2005 Marc Witteman showed that the secret Active Authentication key can be retrieved using power analysis. This may allow an attacker to clone passport chips that use the optional Active Authentication anti-cloning mechanism on chips – if the chip design is susceptible to this attack. In 2008 Jeroen van Beek demonstrated that optional security mechanisms can be disabled by removing their presence from the passport index file. This allows an attacker to remove – amongst others – anti-cloning mechanisms (Active Authentication). The attack is documented in supplement 7 of Doc 9303 (R1-p1_v2_sIV_0006) and can be solved by patching inspection system software. Note that supplement 7 features vulnerable examples in the same document that – when implemented – result in a vulnerable inspection process.
• Extended Access Control (EAC). In 2007 Luks Grunwald presented an attack that can make EAC-enabled passport chips unusable. Grunwald states that if an EAC-key – required for reading fingerprints and updating certificates – is stolen or compromised, an attacker can upload a false certificate with an issue date far in the future. The affected chips block read access until the future date is reached.