Small Bits of Chaos: Passports, Financial Crypto
Ryan Singel has a good post on chipped passports:
Bailey is right that the new passport will be harder to forge with the inclusion of RFID chips, especially since the chip would be digitally signed to prevent changes to the data in the chip. That’s a solid security measure.
But, the chips create a new hazard, since older passports, which have a ten year expiration, will remain valid until they expire.
An unencrypted RFID enabled passport can be skimmed by a hidden reader most easily when the bearer is showing it at a money-changer, giving it to a hotel for safe keeping in the safe or checking into a hostel.
The data — inluding the digital photo — can then be used to create a phony version of the *old* passport, using the name, passport number, and possibly even the picture of a real passport holder.
Firstly, you don’t need an RFID chip to get the benefits of a digital signature. You can use a physical print out (say, several 2-d bar codes, or the signing technology used for physical mail), or a contact chip, like smart-cards have.
Secondly, if the chip isn’t doing a signature, then I can copy the entire block, data and signature, and insert it in a new RFID chip. Since there will be a chip that’s read, I may be able to get away with a lower quality passport fake.
Adam Shostack, another of the original organizers, thinks that the reason for the failure of financial cryptography is simple. “People are conservative in how they pay for things,”
is only one of things that Peter Wayner has to say in this Technology Review article.