Thursday, January 29, 2009

Si securistii vor avea Pasapoarte, nu-i asa? In atentia experitilor in securitate: cipul biometric poate fi spart cat ai zice MAI

Belgian Biometric Passport does not get a pass...
Your personal data are in danger!

Gildas Avoine, Kassem Kalach, and Jean-Jacques Quisquater
UCL Crypto Group, Louvain-la-Neuve, Belgium

A research team in cryptography from the Catholic University of Louvain (Louvain-la-Neuve) disclosed serious weaknesses in the Belgian biometric passport, the only type of passport distributed in Belgium since the end of 2004. The work carried out in Louvain-la-Neuve during the course of May 2007 show that Belgian passports issued between end 2004 and July 2006 do not include any security mechanism to protect the personal data embedded in the passport's microchip. Passports issued after July 2006 do benefit from security mechanisms but these ones are flawed. This means that anyone possessing a little electronic reading device, which is easy and cheap to acquire, can steal the passport content while it is still in the pocket of the victim owners and thus without their knowing. Face and signature are among the data at risk. This news is all the more surprising because Karel De Gucht, the Minister for Foreign Affairs, declared in the Parliament on 9th January 2007 that the Belgian passport benefited from the security mechanisms advocated by the International Civil Aviation Organization.
Biometric passports appeared in Belgium around the end of 2004, putting the country among the forerunners in the field. Those passports can be recognized by the logo on their front cover. They possess a microchip (located in the back cover of the document) that embeds personal data on the owner: face, signature, name, first name, passport number, sex, date and place of birth, issue place, issuing authority, issue and expiry dates. The chip can be remotely queried (the communication range is about 10 cm with a reader available to the public) while the standard issued by the International Civil Aviation Organization (ICAO) includes the use of cryptographic means to prevent unauthorized remote access to this information. In accordance with the standard, the two coded lines (Machine Readable Zone) at the bottom of the first page of the passport have to be read in order to get access to the content of the chip. The aim is to prevent the personal data from being read by anyone who does not have the passport in his hands. However, Gildas Avoine, Kassem Kalach, and Jean-Jacques Quisquater (who leads the Crypto Group at UCL) have discovered that Belgian passports of first generation (the ones issued until July 2006 and thus valid until 2011) do not possess any security mechanism to ensure the protection of personal data. They demonstrated that it is possible to read the content of a first generation passport at a distance and in a few seconds without the owner's notice. Not only do these passports not respect the recommendations from the ICAO but they contain non required information as the signature of the owner. The theft of this information opens the way to numerous malicious deeds.
This discovery is all the more surprising because Karel De Gucht, the Minister for Foreign Affairs, declared in the Parliament on 9th January 2007, after having been interpellated by MPs Joseph Arens and Jean-Claude Maene: "(...) the data embedded in the chip [of the Belgian passport] are protected by two security means: Basic Access Control and Active Authentication". Unfortunately, only since July 2006, has the Belgian passport benefitted from the Basic Access Control (BAC), mechanism that allows protecting personal data. UCL researchers have thus studied these second generation passports and discovered that the latter also suffers from a very serious weakness, allowing anyone to read it at a distance without having received authorization. The weakness has already been revealed for English, Dutch, German and Swiss passports but the Belgian one is more sensitive than the others. In accordance with the ICAO standard, you just need to read the two coded lines at the bottom of the first page of the passport to get access to the content of the microchip. In fact, the only data considered in those lines are the date of birth, of expiry, and the passport number. It is then possible to "guess" this information with an exhaustive search on all the possible combinations of birth date/expiry date/passport number. The Belgian passport is less resistant to this attack than the other passports because the passport numbers are given in increasing order at the manufacture and are linked to the reference language of the passport. Moreover, the validity is only 5 years. All those elements reduce the scope of possible combinations. After having read first generation passports in a few seconds, UCL researchers managed to read any second generation passport in an hour if the date of birth and the date of expiry are known. Further to their works, G. Avoine, K. Kalach and J.-J. Quisquater consider that Belgian biometric passports of first generation must be taken out of circulation without further delay. They also encourage the Belgian government and the European Commission to require that the ICAO modifies the standard. An easy way to fix this weakness without significantly changing the standard consists in adding random characters to the two coded lines. The researchers underline that the Belgian passport could also follow the example of the American passport and insert in its cover a radio-blocking shield (Faraday cage) that will prevent electronic reading of the passport while it is closed.
Technical Description
Introduction to Electronic Passport Electronic Passport (ePassport) was used for the first time in Malaysia in 1998, thus pre-dating the ICAO standard [1]. Belgium was one of the first countries in the world to issue ePassport compliant to this standard. Nowadays, many other countries issue ePassport for example France, Germany, Nederlands, USA. The wide and fast deployment of ePassport has mainly been possible thanks to the ICAO efforts. ePassport specifications were drawn up on the basis of a detailed study over several years carried out by the ICAO since 1998. In addition the USA-VISIT program has considerably accelerated this wide spread. "The latest legislation (16/06/05) passed by US Congress states that VWP (Visa Waiver Program) countries are required to have a biometric passport issuing system in place by 26 October 2006 in order to continue as members of the program" [2]. The fundamental motivation of implementing electronic passport is to provide more secure passports through an electronic micro-chip embedded in its book. This chip allows ensuring data integrity, i.e. nobody can modify the content of a passport without being detected; this integrity is ensured by the issuing authority digital signature. Data authenticity is also protected: fabricating a passport from scratch is not possible because a counterfeiter can not create himself the signature in question. Besides, the electronic chip allows incorporating biometrics to bind a passport to its authentic citizenship, thus adding additional identification features. Due its physical and electrical properties, the chip is a very secure storage of biographical and biometric information (name, date-of-birth, passport number, facial image,...), that can be compared to those visually disclosed on the passport's first page and with biometrics of the physical person. Finally, the chip may prevent cloning or substitution through a mechanism in which the chip has to prove the possession of a public-key-based private key generated in highly secure way by the issuing state. An electronic passport (also called biometric passport) is the same as a traditional passport combined with a small integrated circuit (chip) embedded in the book. Belgian passports incorporate this chip in the back cover. The ICAO defines the biometric identification as a verification of human identity through the measurement of distinguishing physiological or behavioural characteristics. The ICAO only considers three types of biometrics: facial recognition, fingerprint and iris scan. Only facial recognition is mandatory. According to the ICAO, the chip will store as a minimum the data contained on the first page of the passport and a digital image of the passport's holder. The chip may also contain optional information such as handwritten signatures, finger print, address, phone number, and may indicate information about other people namely the person to notify in case of emergency. (for more details see the Logical Data Structure [3] of the passport). A contact-less technology (usually called RFID, short for Radio-Frequency Identification) has been chosen due to its numerous advantages compared with contact-based identification systems. Incorporating the IC into the passport book is much easier. Contact-based readers are expensive to maintain and prone to malfunction. This technology has been proven in other fields and provides high level of convenience. In the future the electronic passport may be used for automatic identity verification, self-identification, thus making the immigration inspections faster and the traveler's journey more comfortable. However, with the absence of some cryptographic measures, this handy wireless property makes many security concerns arise in the context of electronic passport. Using a simple commercial reader, one can read all the electronic information stored in the passport. Still worse, this technology provides a way to know the presence of a passport's bearer at some place and at a specific time, thus raising the traceably problem. Consequently, the ICAO has specified [1] amongst others many requirements and recommendations to countermeasure these issues in particular a Basic Access Control and Secure Messaging mechanism. In this research we study the security of the Belgian electronic passport that has been deployed conforming to the ICAO standard since the end of October 2004. Before describing our attack, we will present a brief introduction to the RFID technology used in this new application, and then detail the security mechanisms required or recommended by the ICAO.
RFID technology
Formally, Radio-Frequency Identification (RFID) is an automatic identification technology relying on wireless communication, using special devices called tags. Any RFID system essentially consists of two main components: tags (transponders) and readers (transceivers). The computational capabilities of tags depend on the target application. Tags may be a simple memory between 32 and 128 bits (tracking products and animals) up to a chip containing a microprocessor. In the case of electronic passport, the data storage capacity of the IC is a minimum of 32 KB, as specified by the ICAO, . Inin order to store the mandatory facial image and duplication of the MRZ data. States planning to store additional information must provide memories of much large capacity (70 KB). Besides, the passport chip contains a microprocessor in order to be able to accomplish complex cryptographic computations. As recommended by the ICAO the Belgian passport, for example, implements 3DES, SHA-1, and RSA. High-cost RFID tag is sometimes called contact-less chip or smart card instead, as in the case of electronic passport. As for RFID readers they vary a lot according to the target application. Nowadays, passport readers are mainly available in governmental inspection systems on borders and airports. In the future, they may be found in airelines compagnies and hotels. The electronic chip required by the ICAO must conform to ISO/IEC 14443 A/B, already adopted in other applications (smart cards); Belgian passport uses ISO/IEC 14443 A. One interesting property of this standard is that its maximum reading range is less than 10 cm. In fact, many researchers claim to be able to read a passport from a larger distance. In our attack we used a low-cost commercial reader without trying to go that direction.
Continuarea la

No comments: