Securing epassport system: A Proposed anti-cloning and anti-skimming protocol

Muhammad Qasim Saeed, Ashraf Masood, Firdous Kausar

نتاج البحث: Conference contribution

2 اقتباسات (Scopus)

ملخص

Despite the fact that RFID based ePassport (a.k.a biometric passport) has increased the efficiency of passport systems, it has created many new threats concerning personal data protection. Cryptographic tools are used to counter these threats but vulnerabilities are discovered in the implementation of these tools. For instance, Basic Access Control (BAC) is used to thwart data skimming from the ePassport to an illegitimate reader. Study reveals that the BAC keys suffer from very low practical entropy, therefore BAC cannot be considered as an effective tool against skimming attacks. Moreover, Active Authentication (AA), a measure against chip cloning, can be bypassed by amending the EF.COM file of the passport chip. In this paper, an Anti-Cloning and Anti-Skimming Protocol (ACASP) is proposed that provides a counter solution to the aforementioned vulnerabilities. It takes advantage of publicprivate key pair stored in the chip and optional data storage capacity in Machine Readable Zone (MRZ) of the passport. It increases BAC keys entropy from 30-40 bits to 56 bits and provides an entirely different approach to avoid chip cloning. ACASP can be implemented without any change in hardware of reader and tag. It also requires no change in Logical Data Structure (LDS) of the RFID chip. However, application software of reader and tag needs to be modified as required.

اللغة الأصليةEnglish
عنوان منشور المضيفSoftCOM 2009 - 17th International Conference on Software, Telecommunications and Computer Networks
الصفحات90-94
عدد الصفحات5
حالة النشرPublished - 2009
منشور خارجيًانعم
الحدثSoftCOM 2009 - 17th International Conference on Software, Telecommunications and Computer Networks - Hvar, Croatia
المدة: سبتمبر ٢٤ ٢٠٠٩سبتمبر ٢٦ ٢٠٠٩

سلسلة المنشورات

الاسمSoftCOM 2009 - 17th International Conference on Software, Telecommunications and Computer Networks

Conference

ConferenceSoftCOM 2009 - 17th International Conference on Software, Telecommunications and Computer Networks
الدولة/الإقليمCroatia
المدينةHvar
المدة٩/٢٤/٠٩٩/٢٦/٠٩

ASJC Scopus subject areas

  • ???subjectarea.asjc.1700.1712???
  • ???subjectarea.asjc.2200.2208???

قم بذكر هذا