Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

UK biometric passports succumb to hack

Security bypassed by researcher.

Article comments

A security expert has cracked one of the U.K.'s new biometric passports, embarrassing the British government which has touted as a way of cutting down cross-border crime and illegal immigration.

The attack, which uses a common RFID reader and customised code, siphoned data off an RFID chip from a passport in a sealed envelope, said Adam Laurie, a security consultant who has worked with RFID and Bluetooth technology. The attack would be invisible to victims, he said.

"That's the really scary thing," said Laurie, whose work was detailed in the Sunday edition of the Daily Mail newspaper. "There's no evidence of tampering. They're not going to report something has happened because they don't know."

The British government, which began issuing RFID passports about a year ago, eventually wants to incorporate fingerprints and other biometric data on the chips, although privacy activists are concerned over how data will be stored and handled.

Currently, the chip contains the printed details on the passports, the person's photograph and security technology to detect if those files have been altered.

The attack was executed while the passport was still in its original envelope used to send it from the passport service, since RFID chips can be read from a few inches away, Laurie said. He used a passport ordered by a woman affiliated with No2ID, a group that opposes the U.K.'s biometric passport and ID card programs.

The data on the passport's chip is locked until an RFID reader provides the encryption key, Laurie said. The encryption key is calculated using a combination of the person's personal data, such as date of birth, and is contained in the "machine-readable zone" (MRZ) - the string of characters and digits on the bottom of the passport's first page.

At an immigration desk, the optical character reader scans the MRZ and gets the key. The RFID chip is unlocked, and the information on the chip is matched with that on the passport.

However, Laurie was able to do this process himself. He analysed ICAO 9303, the standard from the International Civil Aviation Organization that been adopted worldwide for machine-readable passports, to see how the MRZ was organised.

Laurie also knew some of the woman's personal details - used to calculate her passport's key - and found out more through Internet research.

He then wrote what's known as a "brute force" program, which repeatedly tries different combinations of data to discover the key. After about 40,000 attempts by the program, he cracked the key.

To scan the chip, he used a common RFID reader from ACG ID, now part of Assa Abloy Identification Technology of Germany.

The attack could then let Laurie begin the process of making an exact copy of the woman's passport.

The biometric passport had been sold to the world as something that increased the security of the passport, "but so far I don't see anything about it that increases my security," Laurie said.

The greatest weakness with the passports is using relatively easy-to-find data to compose the encrypted key, Laurie said. It would be better to include more random elements that would render brute-force style programs nearly useless, he said.

Laurie's work spawned from concern over how users can know what's on their passport's chip.

"At the moment, if you want to see what's in your own passport, you have to go to passport office," Laurie said. "With my code, you can do it at home."

Laurie has published a library of open-source tools written in the Python programming language that will run on RFID readers made by ACG and by Frosch Electronics OEG, based in Austria.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *