E-Passport:                                    Deploying Hardware Security Modules to                                    E...
SafeNet HSM’s are currently deployed in 14 countries around the world to support differente-passport initiatives. The stre...
Business ChangeTraditionally, governments had a long-standing relationship with secure document printingcompanies (e.g., B...
From a privacy point of view, it is important to understand that the contactless chips contain nopower source of their own...
Border Control Process and DatabasesThe most obvious changes seen by passenger will be the issuance of a new passport and ...
In the digital world, cryptography is the best technology to provide data confidentiality, messageauthentication and integr...
Document Signer (DS)Document Signers are entities authorized to sign electronic documents. A typical exampleincludes Natio...
Even if personalization is done in-house by the issuer, it may be performed by a differentdepartment and different personn...
The ICAO e-passport specifications focus on the definition of the underlying mechanisms,structure, security, and integrity o...
The integrity and confidentiality of CSCA certificates should be protected both during storageat the National PKD and the in...
HSMs are required for secure private key storage and the issuance of CVCA and DV certificates.As the e-passport technology ...
Upcoming SlideShare
Loading in …5
×

E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for Electronic Passport Projects

4,105 views

Published on

In the wake of acts of terrorism occurring worldwide, it has become imperative for countries to increase the level of security at their borders. To assist in
their efforts for stronger border security, countries around the globe are implementing an e-passport program.

Published in: Technology
1 Comment
2 Likes
Statistics
Notes
No Downloads
Views
Total views
4,105
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
90
Comments
1
Likes
2
Embeds 0
No embeds

No notes for slide

E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for Electronic Passport Projects

  1. 1. E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for Electronic Passport Projects WHITE PAPER The e-passport has a smartcard chip embedded in the passport’s back cover that containsOverview a digital image of the traveler’s face, their name, date and place of birth, gender, passportIn the wake of acts of terrorism number, and dates of passport issuance and expiration. Since different passports are usedoccurring worldwide, it has daily worldwide, it is critical to have a standard system in place for the e-passport design andbecome imperative for countries reader technology. For this reason, the International Civil Aviation Organization (ICAO) createdto increase the level of security a set of worldwide e-passport technical specifications to assist in the implementation processat their borders. To assist in to ensure all e-passports work with the readers in other countries. Further, the e-passporttheir efforts for stronger border holding biometric information is recognized as the new standard for Machine Readablesecurity, countries around the Travel Documents (MRTD). The systems standardization has aided in the cooperation levelsglobe are implementing an of countries that were once hesitant about how the e-passport implementation would affecte-passport program. international travel. However, security and data protection continue to be issues surrounding the e-passport implementation. Although e-passports have a built-in anti-skimming device in the cover and smartcard chips that cannot be read further than four inches away, the need for additional data protection is essential. To ensure data authenticity and integrity, the information in the chip must be digitally signed by the respective issuing authority. When the electronic passport holder reaches a customs entry desk, the customs officer verifies the personal information and biometric identifier stored in the chip. The trust of the digital signature is bound to the security of the corresponding digital signing key. Countries around the world are turning to SafeNet’s HSM family of products as the solution for secure key generation and storage, cryptographic signing, encryption, and to encode the passport holder personal data to the smartcard chip. SafeNet’s HSMs are purpose-built hardware appliances that protect the digital signing key, and deliver comprehensive and high-speed hardware-based cryptographic functionality for a myriad of digital identity applications. SafeNet’s HSM products feature true hardware key management to maintain the integrity of encryption keys. Sensitive keys are created, stored, and used exclusively within the secure confines of the hardware security module to prevent compromise. SafeNet’s HSMs provide advanced features like direct hardware-to- hardware backup, split user role administration, multi-person authentication, and trusted path authentication, coupled with proven security and operational deployment. Today, SafeNet HSMs set the standard for CA key protection and are employed to protect some of the largest PKI installations in the world. SafeNet HSM’s are FIPS 140 and Common Criteria certified, assuring the highest level of security available in the market today. E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 1 Electronic Passport Projects White Paper
  2. 2. SafeNet HSM’s are currently deployed in 14 countries around the world to support differente-passport initiatives. The strength of the product offering, combined with an established andlarge global presence, are key factors resulting in the use of SafeNet technology, upon which thetrust and security of this scheme is based.E-passport History and BackgroundThe September 11, 2001 terrorist attack triggered fundamental changes in national security,including the launch of the electronic passport (e-passport) initiative. This was compelledlargely by the USA PATRIOT Act and the U.S. Enhanced Border Security and Visa Reform Entry Actof 2002 legislation, which it stated that the 27 countries with which the U.S. has a visa waiverarrangement should have a biometric passport issuance program in place by October 26, 2006.According to the legislation, the new e-passports must be tamper-proof, machine-readabledocuments (MRD) that incorporate contactless IC chips, as well as biometric identifiers thatcomply with standards established by ICAO – the International Civil Aviation Organization.ICAO, an United Nations organization that represents 189 nations worldwide, and is in chargeof specifying and developing standards for international travel documents, such as passports,visas, and boarding passes.In fact, a significant portion of passports currently in circulation, in more than 110 countries,constitute Machine Readable Travel Documents (MRTDs), or Machine Readable Passports (MRPs)and include complex security measures to prevent forgery or alteration. The key componentof the MRP is the laminated data page with holder’s identification details, including a digitallyprinted photograph, a digital image of the passport holder’s signature, and a two-line MachineReadable Zone at the bottom of the page containing mandatory identity information. This stripallows a passport to be read rapidly at passport control, enabling immediate cross-referencingwith immigration computers.In 1997, well before the September 11th terrorist attack, ICAO’s New Technology Working Group(NTWG) began investigating biometrics and their relevance to MRTDs. The three biometricsrecommended are face, fingerprint and iris. ICAO subsequently specified that facial recognitionshould be a mandatory biometric in the e-passport, while individual countries could implementfingerprint, and/or iris recognition if they wished. Standardization is essential so that MRPs wereinteroperable throughout the world. The e-passport specifications have been absorbed into theICAO document 9303, and will soon be endorsed by ISO as a three-part standard – ISO/IEC 7501.From Passport to E-passportThroughout history, the passport has been a document that has evolved in order to remain onestep ahead of increasingly sophisticated fraudsters. The use of biometric data in the passportis seen as essential by many governments as part of their ongoing fight against terrorism, fraud,and organized crime. Using biometrics, such as facial images, passport officials are able toconfirm the given identity of passport holders to a high degree of certainty. Their use will alsohelp guard against the issuance of duplicate documents. The decision to use a smartcard chipwithin the passport allows comparatively greater amounts of data, such as biometric images andelectronic visas, to be stored securely.The e-passport will, in fact, not use contact-based smartcards, which would be impracticalfor passport booklets. Instead it will use contactless IC technology, which operates using radiofrequencies and is comprised of a chip and an attached antenna. This sort of technology willprovide a sufficient amount of data capacity and can be embedded into the cover or inside pagesof a passport.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 2Electronic Passport Projects White Paper
  3. 3. Business ChangeTraditionally, governments had a long-standing relationship with secure document printingcompanies (e.g., Bundesdruckerei in Germany, SDU in the Netherlands, or SPS in the UK) thathave 50-100 years of experience in the manufacturing of secure paper, prints, and additionalsecurity features. However, the decision to move from a passport to an e-passport requires asignificant change to the normal passport production environment.Traditional passport producers are required to integrate their highly effective security featuresinto the passport document, along with many new processes. E-passports require secureprinters to adopt new processes for data collection and data handling – especially biometricdata. • new IT networks and infrastructure • handling of new basic materials in which the antenna and chip can be stored • adoption of new lamination processes • equipment for electronic testing and personalization • implementation of additional quality control measures to inspect the electronic aspects of the documentIn addition, the secure printer must also possess knowledge in the areas of cryptography,PKI, RFID, operating systems, and biometrics. Most secure document printers do not have thecapability to develop this expertise in-house in the short timeframes that are set, so they areactively developing new relationships with third-party vendors.Systems Integration and the Value ChainAn e-passport is created using many diverse parts and services, including: • the contactless chip and its associated software; • the module • the inlay • the cover and paper comprising the booklet • special printing techniques to help make the document secure • personalization services required to individualize the passportThe passport is just one – albeit very important – part of an overall border control system, whichalso includes, among others, passport readers and terminals, workstations, and servers. Towardsthe top of the value chain are the card (i.e., passport) and key management systems, and theassociated Trust Center Cards and complex back-end systems.The E-passport ChipAt the heart of the new e-passport is a contactless smartcard chip that holds pertinentinformation about the passport holder, including a digital image of one or more of theirbiometrics – with the facial image being mandatory, and the fingerprint and iris being optional.Contactless chips are able to store a sizeable amount of data and transfer it between thepassport and the reader without the problems associated with contact-based systems, such asfailure due to dirt, moisture, or fatigue.Systems IntegrationContactless chips comprise an electronic IC housed in a protective module and an antenna orcoupling element, which is literally a handful of turns of conductive material. ICAO has statedthat the contactless chips must comply with the ISO/IEC 14443 proximity standard, whichspecifies an operating frequency of 13.56 MHz and a read range of 10 cm.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 3Electronic Passport Projects White Paper
  4. 4. From a privacy point of view, it is important to understand that the contactless chips contain nopower source of their own. It is the reader, through an inductive process, that provides the energyneeded for the chip to operate. To do this, it generates a strong radio frequency electromagneticfield in the contactless chip’s antenna. This field deteriorates rapidly as the passport is movedaway from the reader, rendering the chip inactive after about 10 cm. This feature makes it verydifficult for anyone attempting to skim information from a person’s passport without theirknowledge.ICAO recommends that the minimum memory size for the chip should be 32 kilobytes. This wouldcarry the information printed on the passport’s data page, as well as the passport holder’s digitalphotograph needed for facial recognition. It also leaves room for a digital signature, which willverify the integrity of the data stored on the chip. Examples of where chips are being positionedinclude the front cover (an approach taken by Malaysia), a ‘holder page’ sewn into the middle ofthe book (favored by countries such as The Netherlands), or in the cover (an option chosen bycountries such as the USA and New Zealand).PersonalizationThe personalization of an e-passport is a critical stage in the production process. With theintroduction of a contactless chip, it becomes absolutely vital that the personal details on thedata page exactly match the information written onto the chip. The data elements from the visualand machine readable areas on the data page that end up stored on the chip include: • the document code – “p” for passport • the issuing state • name of the bearer • passport number • date of birth • sex • date of issue • expiry date • place of birth • issuing authority • full digital image, rather than a template, of the passport photoOther information may include coordinates of the passport holder’s left and right eyes to help aidthe biometric matching process.It is required that all of this data be digitally signed to protect it from alteration and abuse. Thismeans that a private key must be used to sign the data and a public key used to decrypt it. ICAOhas suggested that it should be sent all the public keys, which could then be accessed via aspecially designated ICAO server. In order to personalize the contactless chip, the system willinclude a reader/writer, personalization software and a secure module that will carry the securitykeys (this could be a smartcard or some other secure depository).ReadersThe introduction of e-passports demands new types of passport readers capable of reading notonly the Machine Readable Zone (MRZ) on the data page, but also the contents of the chip. Inorder to ensure that readers will be able to read the different varieties of passport allowed, it isrecommended that nations choose readers capable of reading chips conforming to both ISO/IEC14443 Type A and Type B.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 4Electronic Passport Projects White Paper
  5. 5. Border Control Process and DatabasesThe most obvious changes seen by passenger will be the issuance of a new passport and thebiometric check they must undergo when passing through immigration control. Instead of simplyhanding over their passport to the immigration officer, they will now be asked to look into aspecial camera, which can capture their facial information. In some instances, the passengerwill also have to undergo a fingerprint or iris scan. Although not immediately obvious to thepassenger, the process itself will be more complex. First, the immigration officer will assesswhether or not the passport is a new chip-based document (a special logo will appear on thepassport symbolizing a contactless chip). Assuming it is, they will then present the passportto the reader to check the chip’s digital signature – this will require a connection between thecontactless card reader, its associated PC, and onward to ICAO, which is responsible for holdinga database of public keys (this assumes that a PKI is used and that a central ICAO database isaccepted by the participating country).At this point, the system will compare the MRZ information against the equivalent chip-basedinformation. Assuming all of the information correlates, the document is deemed valid. Checksbetween the passenger’s biometric and the databases of criminal watch lists can now takeplace. There will also be a one-to-one verification of the passenger’s facial biometric againstthe image held on the chip. The immigration officer will be required to aid this process, gettingthe passenger to submit their biometric in the correct manner – something which could beparticularly challenging for younger children. Once the biometric match is confirmed, thepassenger is allowed to continue on their journey.Looking ahead to the future, it is possible that the new e-passport will be used to partly removethe immigration officer from the equation – in the hope that queues can be reduced. Biometricand chip technology makes it possible to verify the identity of a passenger with a great degreeof certainty and, by using appropriate access control barriers, can allow a level of automation totake place at passport control. Of course, if the travel document and the passenger do not matchup satisfactorily, or any other failure occurs, the passenger would be re-routed to traditionalimmigration inspection channels.The Importance of InteroperabilityThe three main success factors for an e-passport program are security, functionality, andinteroperability. However, the merging of traditional and new technology generates severalcomplexities, such as: • First-ever worldwide deployment of biometrics-based authentication • Integrating contactless chips and associated antenna in paper documents that are expected to last for 10+ years • New manufacturing and management processes of passport booklets • Employment of new IT systems (e.g., at airports, issuing offices) while allowing compatibility with legacy procedures and technologiesBy combining contactless smartchip technology with strong biometrics authentication,governments all over the world can build the appropriate platform to link travel documents withtheir rightful owners, while, at the same time, protecting the individual’s privacy and integrity. Theability to store, protect, and manage identity credentials (such as biometrics, picture ID, digitalcertificates, etc.) makes microprocessor chips an unrivaled technology for secure identificationat immigration checkpoints.The Role of HSMs in E-passport SystemsThe latest security technology is at the heart of the new e-passport, whether related to papersecurity measures, optical security features, or electronic/digital technology. State-of-the-artcryptographic technology is used in the preparation, processing, and personalization of thepassport data being injected into the chip of the e-passport, as well as validating the chip’sauthenticity. It is of the utmost significance to protect the highly sensitive personal passportholder from disclosure or modification data, including biometric characteristics, across thewhole processing chain, from the data capturing process at the registration office to theelectrical data personalization into the chip.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 5Electronic Passport Projects White Paper
  6. 6. In the digital world, cryptography is the best technology to provide data confidentiality, messageauthentication and integrity, and the establishment of identity and trust. However, cryptographyrelies on the use of keys. Failure to protect and manage these cryptographic keys risks shatteringthe entire layer of security.Hardware Security Modules (HSMs) deliver the highest level of physical and logical protection tocryptographic keys, preventing unauthorized access to highly sensitive key information.Tamper-resistant, secure casing, including physical key locks, battery-backed secure keystorage, and automatic cryptographic key erasure upon tamper detection, ensure the maximumlevel of secrecy and integrity of keys and sensitive data. Certification to international evaluationschemes, such as FIPS 140-2 and Common Criteria, provide assurance of the securityeffectiveness of the HSM technology.PKI and Digital SignaturesThe authenticity and integrity of the data stored on the RF chip is ensured by a digital signature,allowing for the detection of any fake or manipulated data. Successful verification of the digitalsignature warrants that the signed data has been produced by an authorized entity and has notbeen modified since its creation.To sign and verify electronic passports, a globally interoperable public key Infrastructure (PKI) isneeded. For each participating country, a two-layer PKI scheme is implemented, consisting of aCountry Signing CA (Certification Authority) at the top and a Document Signer below.In the context of e-passport systems, HSMs are used in the following areas:Country Signing Certification Authority (CSCA)The Country Signing CA (CSCA) represents the top-level certification authority of every country.There is no higher international CA. This ensures that each country has full control over its ownkeys. For verification of foreign passports, every country needs to have and store a list of all otherCSCA public keys of the other participating countries, which are exchanged by bilateral meansand diplomatic channels.The key pair generated by the CSCA is exclusively used for certifying (i.e., issuing the certificate)the Document Signer. The validity of the CSCA’s private key has been limited to a period of 3-5years. In accordance with the validity time of the issued e-passport (typically 10 years), thecorresponding public key needs to be valid for 13 to 15 years.Inside the CSCA, an HSM is used to securely • generate the CSCA Key Pair • store the CSCA Private Key • and sign (certify) the Document Signer Public KeyAll this is done within a logically and physically secure environment. Being the top-level andmost sensitive key, a compromise of the CSCA’s private key would shatter the entire chain oftrust. It would question/invalidate the trustworthiness of every single e-passport issued bythat CA scheme, as a rogue Document Signer could be set up to issue e-passports based on thecompromised CSCA private key.The HSM required for this environment must provide the highest levels of assurance and security.High performance is not an issue or requirement, as only very few cryptographic operations needto be performed. Sophisticated tamper circuitry ensures that the internally stored keys areactively erased upon physical attack. Strong administrative controls based on two-factor, multi-person, and multi-level authentication ensures that no single individual can operate or use theHSM for cryptographic processing.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 6Electronic Passport Projects White Paper
  7. 7. Document Signer (DS)Document Signers are entities authorized to sign electronic documents. A typical exampleincludes National Printing Offices that also produce the physical security document, such asa passport, citizen ID card, or driver’s license. Each DS holds at least one self-generated keypair. The private key’s exclusive use is for signing the digital documents (passport holder dataincluding biometrics and issuing information). The corresponding public key needs to be certifiedby the national CSCA, the result of which is a (X509v3-compliant) digital certificate.For verification of passports at border entry points, the border control system connects to ICAO,which maintains a Public Key Directory (PKD) of all DS public keys (i.e. certificates). In addition,the DS certificate may be included as part of the Document Security Object in the chip in orderto allow for off-line signature verification. Certificates that are invalidated due to expiration orcompromise of their associated private keys are published regularly by the ICAO PKD or must beexchanged bilaterally between participating countries.ICAO decided to restrict the usage period of the Private Signing Key to three months, in orderto limit the amount of affected e-passports in case of a compromise of the private key. Incompliance with that, the validity period of the corresponding public key must be 10 years(validity time of issue passport) plus three months.Due to the long validity period of 10-15 years, the CSCA and DS keys have to use strongcryptographic algorithms with sufficiently long key size. For the ICAO-compliant e-passport, RSA,DSA, and ECDSA are accepted signature algorithms. The recommended key lengths (as of today)are: Algorithm Country Signing CA (Bit) Document Signer (Bit) RSA / DSA 3072 2048 ECDSA 256 224Inside the DS, an HSM is used to securely • generate the DS key pair • store the DS private key • sign the digital documentsA compromise of the DS private key would be limited in scope to fake e-passports issued by thatparticular compromised DS, in case there are more than one, and within its fixed three-monthvalidity time.The HSM required for the DS environment must combine the highest levels of assurance andsecurity with exceptional performance, as a large number of digital documents need to be signed,and the time taken to produce and issue a new passport (across the entire issuance chain) mustbe minimized.For every DS system, multiple HSMs (two at minimum) should be used and operated in HighAvailability (HA) mode to ensure the highest degrees of resiliency/redundancy. In order to allowfor multi-server, parallel DS processing, and to ensure the quickest levels of response in theunlikely case of HSM failure/down-time, an HSM configuration topology consisting of easilyadministrable, monitorable and accessible external network-attached HSM devices may wellconstitute the best choice.Passport Chip PersonalizationThe electronic data consisting of passport holder information with biometric data, as wellas issuing information, needs to be written to the passport chip in the so-called “chippersonalization process.”This constitutes a complex, often overlooked, process and requires the intense usage of HSMsfor a variety of cryptographic operations.It should be noted that the personalization process can be done in-house or can be outsourcedto a personalization bureau that specializes in providing these services to issuers in diversemarkets (e.g., finance, government, telcos, retailers etc.). The personalization bureau possessesall the necessary sophisticated printing and personalization equipment, and is able to quicklyadjust it to new card requirements.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 7Electronic Passport Projects White Paper
  8. 8. Even if personalization is done in-house by the issuer, it may be performed by a differentdepartment and different personnel. It goes without saying that dealing with personal andbiometric data of citizens mandates the implementation of the most stringent security policiesand best security practices in adherence with privacy law legislations. Security principles, suchas multiple custodianship of key material and the limitation of information access on a “need-to-know” basis, is of the utmost significance.The Card Issuing and Key Management System driving the DS generates and prepares theindividual data that will go onto the chip of the respective passport holder. The output of thisprocess is a data file encrypted under a transport key, which is shared with the HSM used atthe personalization system. Furthermore, this data, consisting of a complex series of bothcryptographic and clear text elements, needs to be assembled and formatted in such a way thatit can be understood by the smartcard chip and its associated application.The task of the Card Personalization Software is to load and personalize the smartcards, and itmust be capable of communicating with the read/write heads of the personalization system. Thissystem must be capable of storing and retrieving a myriad of smartcard software objects duringthe personalization process, such as: • Keys, (e.g., a KEK or a Master Personalization Key (KMC)) for the target card, shared between the card manufacturer and personalizer • Card Operating System-specific scripts and control (e.g., for Multos or GlobalPlatform cards) • Common platform objects such as Card and Personalization Application ProfilesThe role of the HSM is to securely store the keys and perform the necessary cryptographicoperations during this personalization process, so that no sensitive card data is ever exposed inthe clear until it ends up inside the smartcard chip. Specifically, the HSM is used for the followingpurposes: • Securely store symmetric keys, such as a KEK (Key Exchange Key shared between Card Issuing / Management System and Personalizer) and KMC (Master Personalization Key/Card Unlock Key shared between Card Supplier and Personalizer) • Decrypt the personalization data (file) under KEK • Derive unique session keys for the selected card from KMC for secure messaging, (i.e., encrypt/MAC the data destined for the card)A symmetric algorithm, typically 3DES, is used for the encryption, decryption, and messageauthentication (MAC) of the personalized data and the secure exchange protocol with thesmartcard chip.The HSM required for the Card Personalization System must provide the highest levels ofassurance, high-performance symmetric (e.g., 3DES) crypto-processing, secure key entryfacilities. In addition, HSMs must offer a highly flexible and customizable programming interfaceto allow easy and seamless integration into diverse personalization hardware and card platformenvironments.Passport Inspection System / Border Control SystemLike airport and other border control posts, countries inspect passports presented by visitors.The smartcard-based biometric passport allows a new level of assurance and technicalcapabilities to determine the authenticity of an e-passport and its connection to the passportholder, hence identifying the visitor. With the e-passport, both counterfeited and falsifiedpassports can be detected much more easily, and reliance on the often subjective examinationof border control officers is reduced. A direct benefit is a much more efficient and automatedpassenger flow through the border post, resulting in a positive traveller experience, allowingimmigration/border control to focus on dealing with illegal immigration attempts.In order to inspect and verify e-passports, receiving States must be equipped with adequateinspection systems capable of interfacing with the e-passport chip, reading and verifing itsinformation, and authenticating the passport. Digitally-signed data inside the chip implies thatverification of an e-passport must rely on elements of a PKI.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 8Electronic Passport Projects White Paper
  9. 9. The ICAO e-passport specifications focus on the definition of the underlying mechanisms,structure, security, and integrity of the data embedded in the chip. While some elements ofan inspection system are addressed, details of the architecture, implementation, and relatedprocedures of the inspection system are unspecified and left up to subsequent specification bythe individual countries.General high-level ICAO requirements suggest that the architecture of an inspection system of animplementing country must include the following minimum elements: • National Public Key Directory (PKD) • Bilateral communications with other participating, e-passport-issuing countries • Internet-based access to the planned ICAO operated Public Key Directory • Inspection server managing the data and work flows • Inspection Stations deployed and operated at the border control pointsThe inspection station contains an optical reader for the MRZ, a contactless chip reader tointerface with the e-passport chip, a user interface to allow the inspector to display and examineinformation, and appropriate software implementing the protocols to interact with the chip,including all the cryptographic functionality to establish the validity of the embedded data andauthenticate the passport.The National PKD serves as national repository for certificates and certificate revocation lists(CRLs) from issuing countries. CSCA certificates and CRLs are received from participatingcountries via bilaterally agreed upon diplomatic channels. The National PKD shall regularlydownload certificates from the ICAO PKD, which acts as primary source for DS certificates andsecondary source for CRLs. ICAO’s recommendation is to download the entire contents every dayusing LDAP over an SSL-secured communications channel.The Inspection Server ensures that any updates to the national PKD are distributed to theinspection stations and maintains a database with information on each station. The iInspectionServer interacts with the national PKD securely via LDAP and SSL , and can be seen as a hubof the inspection system, ensuring that the inspection stations receive up-to-date and correctinformation regarding certificates, CRLs, and other data necessary for effective border controlprocessing. Ideally, it should be a resilient server with secure LAN or VPN-protected WAN accessto the stations.What About HSMs?As the basic security architecture of the e-passport is based on PKI, certificate, CRL, and digitalsignature checking, it is obvious that verification and authentication at inspection systemsrelies on the use of public, not private keys. Hence, the necessary asymmetric cryptography canbe executed in software, respectively firmware, without the need for HSMs (whose key purposeis to protect private and secret keys). The inspection systems, for instance, implement all thecryptographic processing to validate the chip data and authenticate the e-passport.However, while this may be true for DS certificates, as they are being signed by the CSCA—atrusted higher authority—the situation regarding the CSCA certificates themselves is different.CSCA certificates are self-signed and therefore not certified by a higher authority.It is crucial that the CSCA certificates are properly protected and their integrity ensured. Inaddition, their confidentiality should also be maintained. On this subject, the ICAO spec says:“It is a State’s responsibility to store the Country Signing CA Certificates (CSCA), asbeing trust points, in a secure way in their border inspection systems.”“When distributing self-signed Country Signing CA Certificates by diplomaticmeans, extreme care must be taken to prevent insertion of a rogue Country SigningCA Certificate. Furthermore, it is RECOMMENDED that States store the receivedCountry Singing CA Certificates in secure hardware devices (Card Acceptor Device –CAD) accessible by the reader devices in a secure manner.”E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 9Electronic Passport Projects White Paper
  10. 10. The integrity and confidentiality of CSCA certificates should be protected both during storageat the National PKD and the inspection server, as well as during the transmission between eachother and the dissemination to the inspections stations.A way to securely exchange CSCA certificates, key, CRL and other sensitive data between ICAOPKD, National PKD, Inspection Server, and Inspection Station is to use an SSL channel with bothclient and server authentication.It is evident that both the National PKD and inspection server constitute extremely importantelements of an inspection system and, as such, their security is critical. The integrity of dataat both the PKD and inspection system must be assured and verifiable by systems that use it.Access to these server systems must be protected and the accessing sites must be assured thatthey are talking to a genuine server.Although not explicitly mandated, HSMs play a significant role in substantially improving thesecurity in an inspection system environment. For instance, HSMs are used for the followingpurposes: • Secure storage of CSCA certificates in National PKD and inspection system (HSM-stored or encrypted host store) • Generation and verification of integrity checks for CSCA certificates and sensitive data • Encryption of other sensitive data (stored in databases) • Storage of SSL server private keys in National PKD and inspection systemThe HSM required for inspection systems should provide high assurance and security, highsymmetric and asymmetric crypto performance, disposal of large HSM-internal key storagecapacity or an external encrypted host store system, and support of a high-availabilityconfiguration.Other/Future e-passport HSM deployment environmentsThe e-passport is an on-going project. We are witness to the first generation of e-passports witha facial image as biometric information. Passive authentication (i.e., the signature verificationof the chip data (Document Security Object) by the inspection system), is mandatory for the firstgeneration. Access Control (either Basic or Extended) or Active Authentication which implementsa challenge-response protocol between chip and inspection system to protect against chipsubstitution, are optional and typically not implemented at this point.In 2007, we saw the rollout of the second generation e-passport, which contains a fingerprintas additional biometric information. As a person’s fingerprint represents highly sensitiveinformation, its access must be available to only authorized inspection systems. Furthermore, itscontent needs to be kept confidential (i.e., being encrypted on the chip). Extended Access Control(EAC) facilitates the mutual authentication of chip and inspection system. For that, a separatePKI architecture for the issuance of inspection system certificates needed to be implemented.Analogous to the CSCA and Document Signer PKI scheme, a Country Verifiying CA (CVCA) is set upto issue certificates for Document Verifiers (DV), sub-CAs that are authorized to issue certificatesfor national inspection systems.E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 10Electronic Passport Projects White Paper
  11. 11. HSMs are required for secure private key storage and the issuance of CVCA and DV certificates.As the e-passport technology evolves and authentication protocols between system entitiesbecome more dynamic and sophisticated, more highly sensitive information (such as biometricdata) needs to be generated, processed, and managed, expanding the role HSMs will play. TheHSM will protect the underlying, highly sensitive key material, affording the highest degree ofassurance for trustworthy e-passports. Passport Issuance Passport Validation Document Security Objects Top Level 3 Border Control National PKI (CVCA) Document Verification PA SS PO RT Certificate Authority DVCA) 1 4 Document Signer PA SS PO RT 1 HSM for CVCA private key storage and DV certificate issuance 2 2 HSM for DS private key storage Inspection Station (IS) and EAC DSO signing 5 3 HSM for secure EAC chip personalization (secure messaging) 4 HSM for DVCA private key storage and IS certificate issuance 5 HSM for IS private key storage and Terminal AuthenticationSafeNet Offering for E-passport SystemsSafeNet’s HSMs are purpose-built hardware appliances that protect the digital signing key, anddeliver comprehensive and high-speed, hardware-based cryptographic functionality for a myriadof digital identity applications. SafeNet’s HSM products feature true hardware key managementto maintain the integrity of encryption keys. Sensitive keys are created, stored, and usedexclusively within the secure confines of the hardware security module to prevent compromise.SafeNet’s HSMs provide advanced features such as direct hardware-to-hardware backup, splituser role administration, multi-person authentication, and trusted path authentication coupledwith proven security and operational deploymentToday, SafeNet HSMs set the standard for CA key protection and are employed to protect someof the largest PKI installations in the world. SafeNet HSM’s are FIPS 140-2 and Common Criteriacertified, assuring the highest level of security available in the market today.SafeNet HSM’s are currently deployed in 14 countries around the world to support differente-passport initiatives. The strength of the product offering, combined with an established andlarge global presence, are key factors resulting in the use of SafeNet technology, upon which thetrust and security of this scheme is based.About SafeNetFounded in 1983, SafeNet is a global leader in information security. SafeNet protects itscustomers’ most valuable assets, including identities, transactions, communications, data,and software licensing, throughout the data lifecycle. More than 25,000 customers acrossboth commercial enterprises and government agencies, and in over 100 countries, trust theirinformation security needs to SafeNet.Contact Us: For all office locations and contact information, please visit www.safenet-inc.comFollow Us: www.safenet-inc.com/connected©2011 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet.All other product names are trademarks of their respective owners. WP (A4)-02.10.11E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity and Integrity for 11Electronic Passport Projects White Paper

×