“ The data stored on the chip is protected from alteration by the latest digital signature technology. As the Department of State implements this new technology, it will include passport features that will protect the security and privacy of passport bearers. We will share more information about these measures once testing is completed. The Department of State will not issue passports incorporating integrated circuits until privacy-related concerns have been addressed.
The Department of State is currently coordinating testing of components for possible use in the new passport. Once testing has ended and a final passport configuration that meets the security and privacy needs of our citizens has been completed, electronic passports will be phased in at all 16 passport issuance locations in the domestic United States.”
ICAO guidelines include an optional mechanism for authenticating and encrypting passport-to-reader communications.
No mechanism to revoke access once a reader knows the k key. K key allows passport to talk to legitimate reader before releasing RFID tag information. K key used to encrypt all data transmitted between the passport and the reader.
RFID readers installed in doorway could be read from anyone passing through the doorway.
Could be set up as a part of security checkpoints at airports, sporting events or concerts. Could be placed in shops or entrances of the buildings.
Problematic since the RFID chip contains sensitive information like passport holder’s name, date of birth, passport number.
RFID protocols executed by e-passport may also leak information. It uses a special UID value which is fixed and different for each e-passport, it acts as a static identifier for tracking the movement of e-passports.
Active Authentication required an optical scan of a passport to provide the claimed anti-cloning benefit. This is why The ICAO spec mandates readers supporting Active Authentication be able to optically scan e-passports. This optical scan capability is also sufficient for Basic Access Control.
All the data required to derive keys for Basic Access Control is present on the data page of the e-passport, no coordination among nations is required.
The secrecy requirements for biometric data imply that unauthorized reading of e-passport data is a security risk as well as a privacy risk
At a minimum, a Faraday Cage and Basic Access Control should be used in ICAE deployments to prevent unauthorized remote reading of e-passports.
Because the U.S. deployment uses Active Authentication, readers are required to include the capability to optically scan e-passports. This capability is sufficient for Basic Access Control and would therefore require no change or coordination with other nations to implement it.
Today’s e-passports deployments are just the first wave of next-generation identification devices