RFID passport article in the UK's "Guardian" newspaper...

Marcos el Ruptor Ruptor at cryptolib.com
Mon Nov 20 00:41:37 EST 2006

> Nothing deeply new here, but interesting anyway...
> http://www.guardian.co.uk/idcards/story/0,,1950226,00.html
> Perry

Yes, a very interesting article. I hope people upstairs will begin to listen
sooner rather than later...

I must repeat myself, but there is a solution already: VEST
(http://en.wikipedia.org/wiki/VEST), a cipher/MAC/hash that is
specifically designed by Sean O'Neil to be as fast [and small] as possible
in hardware while being as slow as possible in software. It is physically
impossible to optimize even the smallest of VEST ciphers to be less than
1000 times slower in software than it is in ASIC. Not even with Intel
pipelining. What it means is that ASIC based RFID and smartcard microchips
become physically impossible to clone without the use of specifically
manufactured ASIC microchips that would cost at least $1mln. Any
reprogrammable chip (FPGA, eFPGA, ProASIC3 etc.) must carry the programming
logic and would have to be at least 5x5 mm in size and would never pass as a
clone. Even a low-end 1MHz RFID chip would require at least 1GHz software
smartcard to emulate it. With the maximum 66MHz that exists today, we can
sleep peacefully for much longer than those chips would last.

Thus, possessing all the information and all the keys does not give the
attacker an ability to make a clone, not without a million dollars. And with
a million dollars I'm sure they could buy hundreds of real passports in many
countries, so why bother cloning one?

Well, feel free to abuse me, but prevention of cloning is in fact possible
by the use of such specifically designed ciphers and I've discussed it
already with many leading cryptologists who all totally agree with it when
they see the facts. I wish my colleagues (you guys) would help me open other
people's eyes on it...


PS: I also totally agree that the protocol sucks. The chip should never
respond unless it receives the correct key that only border control
authorities should be able to calculate from their own secrets and
machine-readable passport data, also hopefully using a cipher like VEST to
prevent cloning... Challenge-response - either side doesn't respond in
time? - The other one times out, good bye!

PPS: Not to be giving any legal advise to anyone, but AFAIK, VEST is
actually not protected by any patents as the company claims. It's free for
all to use. For example, the patent application that is shown on the ECRYPT
web site (http://www.ecrypt.eu.org/stream/vestp2.html) describes XMACC that
was published in 1995: http://www-cse.ucsd.edu/~mihir/papers/xormacs.pdf 

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list