The Biometric Passport Standard - Mrtd-cs08prt

8/6/2019 The Biometric Passport Standard - Mrtd-cs08prt

1/88

The Biometric Passport StandardWhats all this Mess About?

Serge Vaudenay

COLE POLYTECHNIQUEFDRALE DE LAUSANNE

http://lasecwww.epfl.ch/

SV 2008 e-passport EPFL 1 / 88
http://lasecwww.epfl.ch/


2/88

1 Political Context

2 Primer on Cryptography

3 ICAO-MRTD

4 Security and Privacy

5 Extended Access Control in EU

6 Non-Transferable Authentication



3/88


4/88

1 Political Context


3 ICAO-MRTD






5/88

Arrete Federal2008, June 13



6/88

Referendum (October 2)Rfrendum contre le prlvement obligatoire

de donnes biomtriques et d'empreintes digitalespour tous les nouveaux passeports et cartes d'identit

Voulez-vous que vos empreintes digitales soient centralises ?

Voulez-vous que votre carte d'identit ou votre passeport contienneune puce permettant la localisation ?

NON? Alors agissez pendantqu'il est encore temps!

NON la collecte force de donnes biomtriques pour tous les nouveaux passeports et cartes d'identit! NON la sauvegarde de vos donnes personnelles biomtriques dans une base de donnes centrale.

NON l'accs de gouvernements trangers et d'entreprises prives vos donnes biomtriques! NON l'instauration de puces de radio-identification (RFID) dans tous les nouveaux passeports suisses

et cartes d'identit!

NON la centralisation bureaucratique et au dmantlement des bureaux de contrles des habitants! NON l'extension du contrle de l'Etat sur les citoyens!

Chaque citoyen suisse doit pouvoir dcider s'il veut d'un passeport suisse et d'une carte d'identit, avecou sans donnes biomtriques et puce RFID.

Les citoyennes et citoyens suisses soussigns ayant le droit de vote demandent, en vertu de lart. 141 de la constitution fdrale du 18avril 1999 et conformment la loi fdrale du 17 dcembre 1976 sur les droits politiques (art. 59s.), que l'arrt fdral du 13 juin2008 portant approbation et mise en oeuvre de lchange de notes entre la Suisse et la Communaut europenne concernant lareprise du Rglement (CE) 2252/2004 relatif aux passeports biomtriques et aux documents de voyage (Dveloppement de lAcquis deSchengen) soit soumis au vote du peuple.

Seuls les lectrices et lecteurs rsidant dans la commune indique en tte de la liste peuvent y apposer leur signature. Les citoyenneset les citoyens qui appuient la demande doivent la signer de leur main. Celui qui se rend coupable de corruption active ou passiverelativement une rcolte de signatures ou celui qui falsifie le rsultat dune rcolte de signatures effectue lappui dun rfrendumest punissable selon larticle 281 respectivement larticle 282 du code pnal.

Canton: No postal: Commune politique:

Nom( la main et enmajuscules)

Prnom( la main et enmajuscules)

Date denaissance(jour/mois/anne)

Adresse exacte(rue et numro)

Signaturemanuscrite

Contrle(laisser enblanc)

1

2

3


7/88

TSR Show2008, October 9

in many newspapers since last week

on TV broadcast tonight



8/88

1 Political Context


3 ICAO-MRTD



6

Non-Transferable Authentication



9/88

Cryptographic Primitives

conventional crypto public-key crypto

symmetric encryption public-key cryptosystem

message authentication code digital signaturehash function key agreement protocol



10/88

Symmetric Encryption

Generator

6KeyKey6 CONFIDENTIALAUTHENTICATEDINTEGER

-Message Enc - - Dec -Message

Adversary



11/88

Message Authentication Code

Generator

6KeyKey6 CONFIDENTIALAUTHENTICATEDINTEGER

-Message MAC - - Check-

ok?

-Message

Adversary



12/88

Hash Function

La cigale ayant

chante tout lete

se trouva fort

depourvue quand

la bise fut venue

pas un seul petitmorceau de mouche

ou de vermisseau

elle alla trouver

famine chez la

fourmie sa voisine ...

- Hash - 928652983652



13/88

Integrity by Hash Function

-Message

Hash

?

-INTEGER

Digest

-

Hash

?

Message

?

Compare-

ok?

Adversary



14/88

Key Agreement Protocol

ProtoBobProtoAlice

6KeyKey

- AUTHENTICATEDINTEGER

6

-Message Enc/MAC - - Dec/Check-

ok?

-Message

Adversary



15/88

Public-Key Cryptosystem (Key Transfer)

Generator

6Secret KeyPublic Key6 AUTHENTICATEDINTEGER

-Message(Key)

Enc - - Dec -Message

(Key)

Adversary



16/88

Digital Signature (Public-Key Certificate)

Generator

6Secret Key Public Key6AUTHENTICATEDINTEGER

-Message(Certificate)

Sign - - Verify-

ok?

-Message(Certificate)

Adversary



17/88

1 Political Context


3 ICAO-MRTD






18/88


19/88

Obj ti


20/88

Objectives

more secure identification of visitors at border control

biometrics

contactless IC chip digital signature + PKI

maintained by UN/ICAO (International Civil Aviation Organization)


MRTD Hi t


21/88

MRTD History

1968: ICAO starts working on MRTD

1980: first standard (OCR-B Machine Readable Zone (MRZ))

1997: ICAO-NTWG (New Tech. WG) starts working on biometrics

2001 9/11: US want to speed up the process

2002 resolution: ICAO adopts facial recognition

(+ optional fingerprint and iris recognition)

2003 resolution: ICAO adopts MRTD with contactless IC media

(instead of e.g. 2D barcode)

2004: version 1.1 of standard with ICC

2005: deployment of epassports in several countries

2006: extended access control under development in the EU

2007: deployment of extended access control (+ more biometrics)


Why Face Recognition?


22/88

Why Face Recognition?

disclose no information that people does not routinely disclose

facial image is already socially and culturally accepted

already collected and verified in passports

people already aware of capture and use for ID verification

purpose

non-intrusive: no need for physical contactrequires no new enrolment procedure

feasability of fast deployment

many states already have database of people images

can be captured from an endorsed photograph only

children need not be present for capture

human verification is feasible and easy


Why Contactless IC Chip?


23/88

Why Contactless IC Chip?

useability: no need for swiping or sensing, requires no contact

(= magnetic strip, optical memory, contact IC chip)data storage: can store over 15 kilobytes

(= 2D barcodes)

performance: random access feasible as information will grow

Recommendation:on-board operating system (ISO/IEC 78164)

ISO 14443 type A or B compliance

very high (>64K) capacity (minimum: 32K, recommended: 512K)

minimum set of commands

data stored in LDS format with encryption, hashing, and signature

high speed retrieval (50K in


24/88

How to Distinguish a Compliant MRTD


MRTD in a Nutshell


25/88

MRTD in a Nutshell

MRTD

MRZ LDS

? ?????optical access radio access

data authentication by digital signature + PKI

aka passive authentication

access control + key agreement based on MRZ info

aka basic access control (BAC)

chip authentication by public-key cryptgraphy

aka active authentication (AA)SV 2008 e-passport EPFL 25 / 88

MRZ Example


26/88

MRZ Example

PMFRADUPONT


27/88

LDS Example

- PMFRADUPONT


28/88

Underlying Cryptography

RSA signatures (ISO/IEC 9796, PKCS#1), DSA, ECDSA

X.509

SHA1 and sistersDES, triple-DES, CBC encryption mode

one of the ISO/IEC 9797-1 MAC (next slide)


ISO/IEC 9797-1


29/88

ISO/IEC 9797 1(MAC algorithm 3 based on DES with padding method 2)

(concatenate message with bit 1 and enough 0 to reach a length multiple of the block size)

DESK1 DESK1 DESK1

?

?

?

-?

?

- -

DESK1

?

?

?

x1

x2

x3

xn

DES1K2

?

DESK1

?



30/88

LDS Structure


31/88

LDS Structure

KENC, KMAC, KPrAA

COM: present data groupsDG1: same as MRZ

DG2: encoded face

DG3: encoded finger(s)

DG4: encoded eye(s)

DG5: displayed portrait

DG6: (reserved)

DG7: displayed signature

DG8: data feature(s)

DG9: structure feature(s)

DG10: substance feature(s)

DG11: add. personal detail(s)DG12: add. document detail(s)

DG13: optional detail(s)

DG14: (reserved)

DG15: KPuAA

DG16: person(s) to notify

DG17: autom. border clearance

DG18: electronic visa

DG19: travel record(s)

SOD


SOD Structure


32/88

SOD St uctu e

list of hash for data groups DG1DG15

formatted signature by DS (include: information about DS)

(optional) CDS


Passive Authentication


33/88

goal authenticate LDS

after getting SOD, check the included certificate CDS and the

signature

when loading a data group from LDS, check its hash with what is

in SOD

stamp by DS on LDS



34/88


35/88

ICAO Server


36/88

collection of CCSCAs (not available online)

online public-key directory of CDSs (primary directory)

online CRL of CDSs (secondary directory)



37/88

1 Political Context


38/88

1 Political Context


3 ICAO-MRTD

ICAO-MRTD Overview


Basic Access Control

Active AuthenticationRFID Access

...in Practice





Access Control Options


39/88

none: anyone can query the ICC, communication in clear

basic: uses secure channel with authenticated key establishment

from MRZ

extended: up to bilateral agreements (no ICAO standard)

EU common criteria: now being implemented



40/88


41/88

MRZ info


42/88

PMFRADUPONT


43/88


44/88

Session Key Derivation (Basic Access Control)


45/88

compute KENC and KMAC from MRZ inforun a protocol to compute Kseed

set D= Kseed00000001

compute H= SHA1(D)

first 16 bytes of H are set to the 2-key triple-DES KSENC

set D= Kseed00000002

compute H= SHA1(D)

first 16 bytes of H are set to the 2-key triple-DES KSMAC

adjust the parity bits of the all DES keys


Secure Messaging


46/88

goal authentication, integrity, confidentiality of communication

message

?Enc

?

?KSENC

- MAC

?

?KSMAC

6

Adversary

- MAC- =6

? KSMAC

Dec

6

6

message

? KSENC



47/88


48/88

Active Authentication Protocol


49/88

IFD ICC

pick RND.IFD

RND.IFD

F nonceRND.IFDcheck

SignKPrAA(F)


With vs Without Active Authentication


50/88

No Active Authentication

ICC can be cloned

simple computations to

perform

Active Authentication

protection against clones

requires public-key

cryptography in ICC


1 Political Context


51/88


3 ICAO-MRTD

ICAO-MRTD Overview




...in Practice






52/88


53/88

1 Political Context


54/88


3 ICAO-MRTD

ICAO-MRTD Overview




...in Practice





Implementation Discrepencies


55/88

shield singulation BAC AA

Switzerland none random 08xxxxxx used not implemented

United Kingdom none random 08xxxxxx used not implemented

France none random 08xxxxxx ? ?

Australia none random xxxxxxxx used ?New Zealand none constant used ?

USA yes ? ? ?

Italy ? constant ? ?

Belgium none ? used implemented

Czech Republic none random 08xxxxxx used implemented


Algorithms


56/88

certificate SOD AA

Switzerland ecdsa with sha1 824b ecdsa 512b n/a

United Kingdom sha256withRSA 4096b RSA 2048b n/a

Czech Republic rsaPSS (sha1) 3072b RSA 2048b RSA 1024b

Belgium sha1withRSA 4096b RSA 2048b ?

Germany ecdsa with sha1 560b ecdsa 464b n/a

Italy sha1withRSA 4096b RSA 2048b ?

New-Zealand sha256withRSA 4096b RSA 2048b ?

USA sha256withRSA 4096b RSA 2048b ?



57/88


58/88


59/88


60/88

Issues in Basic Access Control


61/88

MRZ info entropy:

ideally, log2((10+26)93651003655) 70in practice, log2(2010

6365103655) 47at this time, log2(10

4365103655) 36

online bruteforce attack

guess MRZ info and try it with MRTD until it works

one experiment reported: it took 4h(would make sense in a long haul flight)

offline bruteforce

infer MRZ info from some (x,MACKMAC(x)) pair

decrypt BAC protocol to get KSENCdecrypt passive authentication to get LDS


Unauthorized Wireless Access


62/88

Radius:easy at a distance less than 5cm

experiment reported at a distance of 1.5m

claimed to be possible at a distance up to 10m

Threat:

(if MRZ info is known): tracing people

(if MRZ info is unknown): identifying people by bruteforce

in any case: collecting valuable people profiles


Passive Skimming


63/88

Radius:

experiment reported at a distance of 4m

claimed to be possible at a distance up to 10m

Threat:

offline bruteforce: identifying people, collecting profiles



64/88

Detecting Passports


65/88

can check if there is an MRTD in the neighborhood

(if leakage) can detect if there is an MRTD issued by a given

country



66/88

Denial of Service


67/88

e-bombing: destroy chips

hammer: destroy your own chip



68/88


69/88


70/88

Collecting Digital Evidences


71/88

challenge semantics in AA:

RND.IFD = H(social(t1))

evidence = timestampt(social(t1)LDS)

evidence that MRTD did sign a challenge given by IFD at time t

LDS is an evidence by its own (got from passive authentication)



72/88

1 Political Context


73/88

1 Political Context


3 ICAO-MRTD





1 Political Context


74/88


3 ICAO-MRTD



EAC Protocols

Security Issues



Basic Idea


75/88

use more biometrics after a stronger access controlreader authentication

better protocol (chip authentication) based on Diffie-Hellman

access to private data requires chip AND terminal authenticationchip authentication could be used alone

(e.g. to replace AA or to have a better key agreement)

BUT: terminal authentication requires a heavy PKI for readers


Chip Authentication

chip has a static Diffie-Hellman key (authenticated by SOD)

semi-static ECDH with domain parameters DICC


76/88

semi static ECDH with domain parameters DICC

replace the secure messaging keys

resists skimming

key with large entropy

IFD ICC

input: m secret key: SKICC(g DICC) pub key: PKICC = g

SKICC,DICC

pick x at randomPKICC,DICC

X= gxX

K= KDF(PKxICC) K= KDF(X

SKICC)

output: K output: K



77/88


78/88


79/88

Terminal Authentication: Revocation


80/88

MRTD are not online!

MRTD have no reliable clock

MRTD must trust readers to revoke themselves


Information Leakage


81/88

SOD leaks the digest of protected DGs before passing EAC

could be used to recover missing parts from exhaustively search

could be used to get a proof if DG is known



82/88


83/88


84/88


85/88


86/88


87/88


88/88

Documents

The Biometric Passport Standard - Mrtd-cs08prt