Are new passports [an] identity-theft risk?

Adam Shostack adam at homeport.org
Sun Oct 24 10:40:27 EDT 2004 

On Sun, Oct 24, 2004 at 12:58:56AM -0400, Dave Emery wrote:
| On Sat, Oct 23, 2004 at 03:23:21PM -0400, Adam Shostack wrote:
| > 
| > The technology will mature *very* rapidly if Virginia makes their
| > driver's licenses RFID-enabled, or if the US goes ahead with the
| > passports.  Why?  Because there will be a stunning amount of money to
| > be stolen by not identity thieves, but real thieves.  Imagine sitting
| > with a laptop, a good antenna, and some software outside a metro
| > station in Virginia.  Or an upscale restaurant in Adams-Morgan,
| > reading off the addresses of those who will be away from home for the
| > next 3 hours.
| 
| 	Correct me if I am wrong, but don't most of the passive, cheap
| RF or magnetic field powered RFIDs transmit maybe 128 bits of payload,
| not thousands and thousands of bits which would be enough to include
| addresses, names, useful biometric data and so forth ?

Unclear.  Presuming you're right, that 128 bit number will become
your ID, just like your SSN is now.  If you broadcast it at the
right time, you'll be Alice.

| 	And further it seems reasonable to suppose that if larger blocks
| of useful data get dumped, it would be encrypted under carefully
| controlled keys at least for passport and similar applications.  
| Granted that very sophisticated attackers might obtain some of these
| keys, but the average thief presumably would not have access to them.

You're reasonable, they're the United States Government, and they have
responsed to questions about how to protect the keys that would be used
to read it. (which, after all, would need to be in at least thousands
of readers, just in the US, never mind in the other 190 odd countries
which will want to verify passports..)

>>> ACLU's Technology and Liberty Program describes what they were
>>> told in a briefing by Frank Moss, USA Deputy Assistant Secretary
>>> of State for Passport Services and director of the State
>>> Department's Bureau of Consular Affairs:

>>>> passport issued in San Diego from January 2005 to August
>>>> 2005. But you can't use the public key to then create a signature
>>>> on a fraudulent document. And the public key is not used to
>>>> access the data on the document -- that is wide open -- it is
>>>> used only to verify the authenticity of the passport.

(From http://hasbrouck.org/blog/archives/000434.html)

| 	It does occur to me that RFID equipped passports or internal
| passports/driver licenses ("your papers please") COULD be equipped with
| some kind of press to read switch the would require active finger 
| pressure on the card to activate the RFID transmitter - this would
| leave them disabled and incapable of transmitting the ID when sitting in
| someone's wallet or purse.  Aside from very sinister covert reading
| applications I cannot think of any reason why a RFID equipped identity
| card would need to be readable without the active cooperation and
| awareness of the person carrying the card, thus such a safeing mechanism
| would not be a real burden except to those with sinister covert agendas.

And who is going to pay for this press to read addition?  Maybe,
rather than designing with RFID, they could use a smart-card chip
which requires contact?  seems easier, no?

Adam

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list