Flaw in RFID-enabled passports (part 2?)

Anne & Lynn Wheeler lynn at garlic.com
Thu Nov 9 14:20:31 EST 2006 

re:
http://www.garlic.com/~lynn/aadsm25.htm#46  Flaw exploited in
RFID-enabled passports

Budapest Declaration on Machine Readable Travel Documents (MRTDs)
http://www.fidis.net/home/single-news/article/budapest-declaration-on-machine-readable-travel-documents-mrtds-2/?tx_ttnews%5BbackPid%5D=4&cHash=fe8718735f

from above:

By failing to implement an appropriate security architecture, European
governments have effectively forced citizens to adopt new international
Machine Readable Travel Documents which dramatically decrease their
security and privacy and increases risk of identity theft. Simply put,
the current implementation of the European passport utilises
technologies and standards that are poorly conceived for its purpose. In
this declaration, researchers on Identity and Identity Management
(supported by a unanimous move in the September 2006 Budapest meeting of
the FIDIS “Future of Identity in the Information Society” Network of
Excellence) summarise findings from an analysis of MRTDs and recommend
corrective measures which need to be adopted by stakeholders in
governments and industry to ameliorate outstanding issues.

... snip ...

and

RFID Passport Security 'Poorly Conceived'
http://it.slashdot.org/it/06/11/09/1757202.shtml

the above also references

Feds Leapfrog RFID Privacy Study
http://www.wired.com/news/technology/1,72019-0.html

from above:

The story seems simple enough. An outside privacy and security advisory
committee to the Department of Homeland Security penned a tough report
concluding the government should not use chips that can be read remotely
in identification documents. But the report remains stuck in draft mode,
even as new identification cards with the chips are being announced.

... snip ...

The Use of RFID for Human Identification; A DRAFT REPORT from DHS
Emerging Applications and Technology Subcommittee
http://www.dhs.gov/xlibrary/assets/privacy/privacy_advcom_rpt_rfid_draft.pdf

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list