(still in progress – if you can help us, do not hesitate to contact us)
We have practically demonstrated the possibility of reading of a new Slovak biometric RFID passport. The passport can be read by arbitrary ISO14443A-compliant RFID reader (for our experiment we have used cheap touchatag reader that can be bought for 30 €).
Personal data are encrypted by Machine Readable Zone which is printed on the last but one page of the passport. The MRZ is composed from the passport’s number, the birthdate and date of expiration. With the knowledge of this information MRZ can be computed. The following information can be obtained from the passport using MRZ:
- All personal information that is already printed in the passport (EF.DG1)
- Photograph of the passport holder (stored in JPEG) (EF.DG2)
The following information cannot be read using MRZ and require a special key (owned by the Slovak government):
- Fingerprint of the passport holder (EF.DG3)
- Active Authentication Public Key Info (EF.DG15)
The passport is not by-default protected by a special RFID shield, so it can be read closed from the distance of 5 cm. In case of using the stronger antenna this distance can be significantly bigger (up to 10 meters and it will increase in the future).
The passport returns a random unique ID (UID), so it is not possible to fingerprint it and determine its producer (this behaviour can be emulated by NXP JCOP 41 v2.2.1 72K RANDOM_UID smartcard).
Without “Active Authentication Public Key Info” it is not easy to clone the passport.
To verify:
- How do official Slovak biometrical passport readers respond, when they read the passport with invalid hash, digital sign, absence of AA information (do they accept an imperfect clone?)
- Is it possible to create the imperfect clone (using NXP JCOP 41 v2.2.1 72k RANDOM_UID smartcard) where EF.DG3 and EF.DG15 is removed from the passport index? Do official Slovak biometrical passport readers accept this clone?
- Is it possible to attack the chip using covert channels (e.g. using byTime-Power Analysis of RSA?)
- Analysis of MRZ entropy:
date of expiry (10 years) = 3650 values
birthday (estimation +/- 5 years) = 3650 values
passport number (2 alpha characters + 7 numbers) = 25 * 25 * (10 ^ 7) = 6250000000 values - Is it possible to determine the passport number? (what algorithm is used for assigning new passport numbers?)
You have a right to be informed about security of technologies that process your sensitive information!