• Corpus ID: 12709059

E-Passport : Cracking Basic Access Control Keys with COPACOBANA ⋆

@inproceedings{Liu2007EPassportC,
  title={E-Passport : Cracking Basic Access Control Keys with COPACOBANA ⋆},
  author={Yifei Liu and Timo Kasper and Kerstin Lemke-Rust and Christof Paar},
  year={2007}
}
Since the introduction of the Machine Readable Travel Document (MRTD) that is also known as e-passport for human identification at border control debates have been raised about security and privacy concerns. In this paper, we present the first hardware implementation for cracking Basic Access Control (BAC) keys of the e-passport issuing schemes in Germany and the Netherlands. Our implementation was designed for the reprogrammable key search machine COPACOBANA and achieves a key search speed of… 

Figures and Tables from this paper

Weakening ePassports through Bad Implementations
TLDR
This work presents the flaws found out in some implementations of the software hosted on ePassport chips and how the Basic Access Control (BAC) protocol is affected, and shows how it is possible to discern the different software versions used on the chip over time through some their peculiar fingerprints.
Resettable and Non-Transferable Chip Authentication for E-Passports
TLDR
It is shown that the possibility of transferability and reset attacks weaken the claimed security of the underlying Chip Authentication protocol, and an efficient protocol is proposed that is instead secure against such attacks.
Addressing Covid-19 Vaccination Status in Electronic Passports and Machine Readable Travel Documents
TLDR
This article offers a practical solution to reduce the amount of new documentation required by air and land travelers and will introduce a “wait time” benefit for passengers as the global transportation system is restarted.
Enhancing COPACOBANA for advanced applications in cryptography and cryptanalysis
TLDR
A novel architecture for a more versatile and reliable COPACOBANA capable to host advanced cryptographic applications like high-performance digital signature generation according to the elliptic curve digital signature algorithm (ECDSA) and integer factorization based on the elliptIC curve method (ECM).
A Survey of Security and Privacy Issues in ePassport Protocols
TLDR
The most relevant security and privacy issues affecting the protocols used by contactless chips integrated in ePassports are examined, and all relevant literature is presented together with some new attacks and insights that could help in improving future standards and the next generations of ePassport.
Der ePass - eine Sicherheits-und Datenschutzanalyse
TLDR
Der vorliegende Beitrag setzt sich mit den Sicherheitsund Datenschutzrisiken beider Stufen des ePasses vergleichend auseinander, die sich für die Nutzer ergeben können.

References

SHOWING 1-10 OF 26 REFERENCES
E-Passport: The Global Traceability Or How to Feel Like a UPS Package
TLDR
This paper revisits the privacy concerns caused by the Basic Access Control mechanism of MRTDs and considers German e-passports as a use case and proposes a variant of the cost-efficient hardware architecture (COPACOBANA) which has been recently realized.
Security and Privacy Issues in E-passports
  • A. Juels, D. Molnar, D. Wagner
  • Computer Science
    First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)
  • 2005
TLDR
Privacy and security issues that apply to e-passports are described and analyzed, and these issues are analyzed in the context of the International Civil Aviation Organization (ICAO) standard for e- Passports.
Crossing Borders: Security and Privacy Issues of the European e-Passport
TLDR
This work discusses attacks on Basic Access Control due to the low entropy of the data from which the access keys are derived, sketches the European proposals for Extended Access Control and the weaknesses in that scheme, and shows how fundamentally different design decisions can make e-passports more secure.
Security and Privacy Issues in Machine Readable Travel Documents (MRTDs)
TLDR
A detailed security analysis of the Technical Advisory Group of the International Civil Aviation Organization (TAG/ICAO) has issued specifications for the deployment of Machine Readable Travel Documents that are equipped with a smart card processor for the purposes of biometric identification of the holder is conducted.
About Machine-Readable Travel Documents
TLDR
This paper surveys existing protocols and their weaknesses of passports equipped with RFID chips and finds that they substantially increase security at the border controls, but also come with new security and privacy issues.
How to Break DES for B C 8 , 980
TLDR
The design and realization of the reprogrammable machine COPACOBANA (Cost-Optimized Parallel Code Breaker), which is optimized for running cryptanalytical algorithms, is described and it will be shown that the architecture outperforms conventional computers by several orders of magnitude.
Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker
TLDR
The design and realization of the COPACOBANA (Cost-Optimized Parallel Code Breaker) machine is presented, which is optimized for running cryptanalytical algorithms and can be realized for less than US$ 10,000, and it will be shown that the architecture can outperform conventional computers by several orders in magnitude.
Practical attacks on proximity identification systems
  • G. Hancke
  • Computer Science
    2006 IEEE Symposium on Security and Privacy (S&P'06)
  • 2006
TLDR
Focusing mainly on the RF communication interface, the results and implementation of eavesdropping, unauthorized scanning and relay attacks against 'proximity' (ISO 14443 A) type RFID tokens are discussed.
ePassport Privacy Attack, Presentation at Cards Asia Singapore, April 26,2006
  • 2006
How to Break DES for BC 8,980
  • In SHARCS‘06 – Special-purpose Hardware for Attacking Cryptographic Systems,
  • 2006
...
...