Are new passports [an] identity-theft risk?

Adam Shostack adam at
Sat Oct 23 15:23:21 EDT 2004

On Fri, Oct 22, 2004 at 11:01:16AM -0400, Whyte, William wrote:
| > R.A. Hettinga wrote:
| > > 
| > <>
| > 
| > >  An engineer and RFID expert with Intel claims there is 
| > little danger of
| > > unauthorized people reading the new passports. Roy Want 
| > told the newssite:
| > > "It is actually quite hard to read RFID at a distance," 
| > saying a person's
| > > keys, bag and body interfere with the radio waves.
| > 
| > Who was it that pointed out that radio waves don't
| > interfere, rather, receivers can't discriminate?
| Absolutely. I'd add that while it's *currently* hard to
| read at a distance, passports typically have a lifetime
| of 10 years and I'd be very surprised if the technology
| wasn't significantly better five years out.

5 years?  I don't think we have that long.

The technology will mature *very* rapidly if Virginia makes their
driver's licenses RFID-enabled, or if the US goes ahead with the
passports.  Why?  Because there will be a stunning amount of money to
be stolen by not identity thieves, but real thieves.  Imagine sitting
with a laptop, a good antenna, and some software outside a metro
station in Virginia.  Or an upscale restaurant in Adams-Morgan,
reading off the addresses of those who will be away from home for the
next 3 hours.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list