E-Passport
Whats E-passport?
A bio metric passport, also known as an e-passport, e Passport or a digital passport, is a combined paper and electronic passport that contains bio metric information that can be used to authenticate the identity of travelers. It uses con-tactless smart card technology, including a microprocessor chip (computer chip) and antenna (for both power to the chip and communication) embedded in the front or back cover, or center page, of the passport.
Data protection?
1- Non-traceable chip characteristics. Random chip identifiers reply to each request with a different chip number. This prevents tracing of passport chips.
2- . BAC protects the communication channel between the chip and the reader by encrypting transmitted information. Before data can be read from a chip, the reader needs to provide a key which is derived from the Machine Readable Zone [Mrz]: the date of birth, the date of expiry and the document number. If BAC is used, an attacker cannot (easily) eavesdrop transferred information without knowing the correct key.( BAC: Basic Access control )
3- PA prevents modification of passport chip data. The chip contains a file (SOD) that stores hash values of all files stored in the chip (picture, fingerprint, etc.) and a digital signature of these hashes. The digital signature is made using a document signing key which itself is signed by a country signing key. If a file in the chip (e.g. the picture) is changed, this can be detected since the hash value is incorrect. Readers need access to all used public country keys to check whether the digital signature is generated by a trusted country.( PA: Passive Authentication)
4- AA prevents cloning of passport chips. The chip contains a private key that cannot be read or copied, but its existence can easily be proven. ( AA: Active Authentication ).
No comments:
Post a Comment