Are new passports [an] identity-theft risk?

Sun Oct 24 09:11:41 EDT 2004

Dave Emery wrote:
> On Sat, Oct 23, 2004 at 03:23:21PM -0400, Adam Shostack wrote:

> 	Correct me if I am wrong, but don't most of the passive, cheap
> RF or magnetic field powered RFIDs transmit maybe 128 bits of payload,
> not thousands and thousands of bits which would be enough to include
> addresses, names, useful biometric data and so forth ?

I have another question:  aren't RFIDs of this
nature all passive, and need to be excited in
some fashion?  It would seem that detecting the
powering signal may well be a way to defend
against unexpected reads.

> 	Whilst unique serial numbers read at a distance could be used in
> a variety of rather sinister ways, they aren't equivalent to dumping the
> names, addresses, weight, height, birth date, social security number and
> biometric signatures of someone in the clear.   And obviously are
> much less useful to an unsophisticated thief without access to the
> database mapping the serial number to useful information.

OK, so your view would be that SSNs are just
indexes into databases and therefore are not
a threat to anyone.  Very silly of the US congress
to have put restrictions on their use, then...
Mind you, in Australia, they are even less
humours.  I hear, you go to jail if you are
caught using TSNs for anything but the tax
records for your employees.

> 	And further it seems reasonable to suppose that if larger blocks
> of useful data get dumped, it would be encrypted under carefully
> controlled keys at least for passport and similar applications.  
> Granted that very sophisticated attackers might obtain some of these
> keys, but the average thief presumably would not have access to them.

Do you have anything to back up that "reasonable
surmise" ?  I'd say the DeCSS program, and any
analysis of the application, and any amount of
experience with similar apps like smart card money
would say the reverse is true.  Distributing data
that is private to a large quantity of readers
with pre-issued hardware and data is a hard problem,
especially if you can't use public key crypto (but
don't imagine public key crypto solves all the
problems).

Oodles of experience dictate that the information
on the RFIDs will be available to a huge number
of bureaucrats, for free, and anyone who wants
to purchase it, for a market price.  Going on
prior figures seen, I'd say the price would be
order of $10 - $100 (the price of doing business,
as the data cost would be marginal==0), and the
end result is that it would all be bundled up in
the standard package of identity for some given
victim.

> 	It does occur to me that RFID equipped passports or internal
> passports/driver licenses ("your papers please") COULD be equipped with
> some kind of press to read switch the would require active finger 
> pressure on the card to activate the RFID transmitter - this would
> leave them disabled and incapable of transmitting the ID when sitting in
> someone's wallet or purse.  Aside from very sinister covert reading
> applications I cannot think of any reason why a RFID equipped identity
> card would need to be readable without the active cooperation and
> awareness of the person carrying the card, thus such a safeing mechanism
> would not be a real burden except to those with sinister covert agendas.

Actually, I think the people you are dealing with
there are ingenious in a hive like fashion.  They
will come up with a good reason to have them
available for read without the user's knowledge.

> 	And needless to say, copper screen or foil lined wallets would
> become very popular...

The questions would then be, what frequency do these
things operate on, what power is required to power
them up, and what power is required to ... power them
down.  Any radio guys around?

iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com