E-Passports equals E-pportunity for Hackers?
By Nishant Kaushik on Aug 01, 2007
Electronic passports are not only insecure, they can be used as tools to commit fraud and mischief. That is the contention of an RFID expert that has been investigating the new digital passports and passport readers that make up the next generation of our most definitive identifying document.
Wired news covered Lukas Grunwald's exposure of security flaws that allow someone to steal and clone the fingerprint image stored on a biometric e-passport, and then manipulate the stolen image to attack, disable and potential misuse the e-passport readers that attempt to scan it. He successfully crashed two different readers by using a buffer-overrun exploit, a vulnerability that could potentially be used to inject malicious code into the readers, leading them to approve expired or fake passports.
RFID Passports have long been looked at with skepticism by the security community (if you search you will find a ton og blog posts lambasting the RFID passport idea, and even this article on "Feds rethinking RFID Passport"). It isn't really the RF technology that is interesting here, it is the what and how of the data that the tag carries, protects and communicates. The article points out that the so-called security measure that is recommended (but not required) by the ICAO, called "Extended Access Control", does little to alleviate the problem.
Grunwald will be discussing these vulnerabilities at the annual DefCon hacker conference in Vegas in a session interestingly titled "First We Break Your Tag, Then We Break Your Systems".