No Encryption for E-Passports

Thu Feb 24 05:07:19 PST 2005

<http://www.wired.com/news/print/0,1294,66686,00.html>

Wired News

No Encryption for E-Passports 
By Ryan Singel?

Story location: http://www.wired.com/news/privacy/0,1848,66686,00.html

02:00 AM Feb. 24, 2005 PT

Despite widespread criticism from security experts that a proposed
high-tech upgrade to Americans' passports actually introduces new security
risks, the government is declining to encrypt data on new high-tech
e-passports, according to proposed new rules published last week.

 In response to this outside criticism and some public questioning by one
of its own contractors, the State Department delayed its rollout of the
chip-equipped passports and hired additional companies to provide
prototypes.

 Other countries are also wrangling with the issue, as the United States is
requiring all 27 countries whose citizens do not need visas to visit
America to begin issuing e-passports by October.

 So far only Belgium has started production, and it is likely the deadline,
which was originally October 2004, will be pushed back another year.

 The new passports will include a radio frequency identification tag, a
chip that will store all the information on the data page of the passport,
including name, date and place of birth, and a digitized version of the
photo passport, according to the proposal in the Federal Register.

 RFID chips are widely used in automatic toll-payment systems such as
FasTrak, or identification chips implanted in the necks of pets.

 The chips are activated by a reader using certain radio frequency waves,
which the chips use as an energy source to send back the encoded
information.

 Border agents, equipped with readers, would be able to pull up passport
information on a screen and visually compare the digitized photo against
the passport bearer.

 Agents will also be able to use facial identification software to compare
the person to the digitized photo, which is not feasible with current
passports.

 The State Department, which has responsibility for passports and visas,
hopes the measure will improve security and help curb passport forgery.

 The government will use chips that can only be written to once, and a
further safeguard is provided in the form of a digital signature, which
allows readers to verify that the information on the chip is the
information originally written to it.

 But the rules, which are open for comment until April 4, rule out
encrypting the bearer's name, birth date and digital photo, saying such a
move would impede worldwide adoption of e-passports and that encrypted data
would slow down entry and exit at customs.

 The lack of encryption baffles privacy advocates and security researchers,
who say the new passports are vulnerable to "skimming," an attack that uses
an unauthorized reader to gather information from the RFID chip without the
passport owner's knowledge.

 The State Department concedes that skimming is a legitimate threat, but
says the chips will have a read range of inches, that eavesdropping at
border stations would be very conspicuous and that the passports will have
a shielding mechanism -- perhaps a foil case or a weave in the cover that
will cloak the chip when the passport is closed.

 That does little to satisfy critics such as Lee Tien, an attorney at the
Electronic Frontier Foundation.

 "The State Department has not responded in any meaningful way to any of
the privacy community," Tien said. "They are offering the equivalent of
duct tape and baling wire as far (as) protecting peoples' information from
being read.

 "It is my understanding it's possible to read this information from 10 to
30 feet away with the right equipment," Tien said. "When you think about
the issues Americans have, especially when they travel abroad -- do you
really want your passport to be broadcasting your name and nationality?
This isn't good for privacy or the physical security of Americans abroad."

 Bruce Schneier, a security expert and author who founded Counterpane
Internet Security, questions how much shielding helps, since travelers
often have to show identification to exchange currency or check into a
hotel.

 "Shielding is a good idea, but the problem is if you travel in Europe you
are asked to show your passport a lot," Schneier said. "So all that
shielding means is that someone who wants to sniff my passport just has to
pick his location."

 Schneier, who just renewed his passport to make sure he will not have an
unencrypted passport for another 10 years, says he has yet to hear a good
argument as to why the government is requiring remotely readable chips
instead of a contact chip -- which could hold the same information but
would not be skimmable.

 "A contact chip would be so much safer," Schneier said. "The only reason I
can think of is the government wants surreptitious access. I'm running out
of other explanations. I'd love to hear one."

 Not everyone in the RFID industry thinks the proposed rules compromise
security more than they help.

 "The goal is to create a stronger identification vehicle and that is what
is being achieved in the e-passport initiative," said Erik Michielsen,
director of RFID and ubiquitous networks at ABI Research.

 Michielsen, who calls himself a supporter of RFID technology, acknowledges
there are legitimate security concerns, but thinks that the government
should look at how other countries handle these concerns and learn from
them, even as it proceeds with the current plan.

 "With any emerging technology, security issues arise and must be
addressed," Michielsen said. "It's not whether security issues are solved
today. It's assuring that as this moves toward a rollout that they are
routinely addressed and resources are dedicated to ensuring consumers'
privacy."

 The State Department, which is accepting written responses to the proposal
until April 4 via e-mail sent to PassportRules at state.gov, did not return a
call requesting comment.

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'