Are new passports [an] identity-theft risk?

Sun Oct 24 00:58:56 EDT 2004

On Sat, Oct 23, 2004 at 03:23:21PM -0400, Adam Shostack wrote:
> 
> The technology will mature *very* rapidly if Virginia makes their
> driver's licenses RFID-enabled, or if the US goes ahead with the
> passports.  Why?  Because there will be a stunning amount of money to
> be stolen by not identity thieves, but real thieves.  Imagine sitting
> with a laptop, a good antenna, and some software outside a metro
> station in Virginia.  Or an upscale restaurant in Adams-Morgan,
> reading off the addresses of those who will be away from home for the
> next 3 hours.

	Correct me if I am wrong, but don't most of the passive, cheap
RF or magnetic field powered RFIDs transmit maybe 128 bits of payload,
not thousands and thousands of bits which would be enough to include
addresses, names, useful biometric data and so forth ?

	For many if not most applications (inventory control and
tracking) a 128 bit unique serial number is enough - are the passport
and drivers license (soon apparently to be the same thing here in the
USA at least in respect to an internal passport required for travel on
public transportation) applications of RFID actually intended to allow
reading tens of kilobytes of data or just a unique serial that can be
used as a key in an on line database system ?

	The signaling reliability problem of successfully transmitting
say 10 or 100 kb of data error free (enough for reasonable info about
someone and some biometric measurements) is quite different from
repeating  128 bits over and over and over until the reader succeeds in
making the FEC and checksums work for a couple of reads out of thousands
of repetitions of the 128 bits.   Detecting a weak repeated short
pattern in noise is much easier than reading thousands of bits with few
or no errors (few enough to be corrected by a reasonable rate FEC).

	Whilst unique serial numbers read at a distance could be used in
a variety of rather sinister ways, they aren't equivalent to dumping the
names, addresses, weight, height, birth date, social security number and
biometric signatures of someone in the clear.   And obviously are
much less useful to an unsophisticated thief without access to the
database mapping the serial number to useful information.

	And further it seems reasonable to suppose that if larger blocks
of useful data get dumped, it would be encrypted under carefully
controlled keys at least for passport and similar applications.  
Granted that very sophisticated attackers might obtain some of these
keys, but the average thief presumably would not have access to them.

	It does occur to me that RFID equipped passports or internal
passports/driver licenses ("your papers please") COULD be equipped with
some kind of press to read switch the would require active finger 
pressure on the card to activate the RFID transmitter - this would
leave them disabled and incapable of transmitting the ID when sitting in
someone's wallet or purse.  Aside from very sinister covert reading
applications I cannot think of any reason why a RFID equipped identity
card would need to be readable without the active cooperation and
awareness of the person carrying the card, thus such a safeing mechanism
would not be a real burden except to those with sinister covert agendas.

	And needless to say, copper screen or foil lined wallets would
become very popular...


-- 
   Dave Emery N1PRE,  die at dieconsulting.com  DIE Consulting, Weston, Mass 02493


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com