Might be old news to some..........................

While the UK started using them in early 2006, the US is just now beginning to issue passports with chips.

The problem ? RFID:Very tough to protect your data from unauthorised access !

From the Washington Post:

The ID Chip You Don't Want in Your Passport

By Bruce Schneier
Saturday, September 16, 2006; Page A21

If you have a passport, now is the time to renew it -- even if it's not set to expire anytime soon. If you don't have a passport and think you might need one, now is the time to get it. In many countries, including the United States, passports will soon be equipped with RFID chips. And you don't want one of these chips in your passport.

RFID stands for "radio-frequency identification." Passports with RFID chips store an electronic copy of the passport information: your name, a digitized picture, etc. And in the future, the chip might store fingerprints or digital visas from various countries.


By itself, this is no problem. But RFID chips don't have to be plugged in to a reader to operate. Like the chips used for automatic toll collection on roads or automatic fare collection on subways, these chips operate via proximity. The risk to you is the possibility of surreptitious access: Your passport information might be read without your knowledge or consent by a government trying to track your movements, a criminal trying to steal your identity or someone just curious about your citizenship.

At first the State Department belittled those risks, but in response to criticism from experts it has implemented some security features. Passports will come with a shielded cover, making it much harder to read the chip when the passport is closed. And there are now access-control and encryption mechanisms, making it much harder for an unauthorized reader to collect, understand and alter the data.

Although those measures help, they don't go far enough. The shielding does no good when the passport is open. Travel abroad and you'll notice how often you have to show your passport: at hotels, banks, Internet cafes. Anyone intent on harvesting passport data could set up a reader at one of those places. And although the State Department insists that the chip can be read only by a reader that is inches away, the chips have been read from many feet away.

The other security mechanisms are also vulnerable, and several security researchers have already discovered flaws. One found that he could identify individual chips via unique characteristics of the radio transmissions. Another successfully cloned a chip. The State Department called this a "meaningless stunt," pointing out that the researcher could not read or change the data. But the researcher spent only two weeks trying; the security of your passport has to be strong enough to last 10 years.

This is perhaps the greatest risk. The security mechanisms on your passport chip have to last the lifetime of your passport. It is as ridiculous to think that passport security will remain secure for that long as it would be to think that you won't see another security update for Microsoft Windows in that time. Improvements in antenna technology will certainly increase the distance at which they can be read and might even allow unauthorized readers to penetrate the shielding.

Whatever happens, if you have a passport with an RFID chip, you're stuck. Although popping your passport in the microwave will disable the chip, the shielding will cause all kinds of sparking. And although the United States has said that a nonworking chip will not invalidate a passport, it is unclear if one with a deliberately damaged chip will be honored.

The Colorado passport office is already issuing RFID passports, and the State Department expects all U.S. passport offices to be doing so by the end of the year. Many other countries are in the process of changing over. So get a passport before it's too late. With your new passport you can wait another 10 years for an RFID passport, when the technology will be more mature, when we will have a better understanding of the security risks and when there will be other technologies we can use to cut the risks. You don't want to be a guinea pig on this one.

I got mine renewed in August, and the instruction sheet said they use a symbol to tell whether or not the passport has the chip. I looked it over, no such symbol. I guess my number is safe for now, but Passport Control still puts my face in that machine - Interpol hates me... :(

Cheers, y'all.

It's all a conspiracy, I tell ya!

surely carrying it in a foil bag would stop 'intruders'?

surely carrying it in a foil bag would stop 'intruders'?

That's fine for when it is not needed. However, try to picture how many times your open passport is required when traveling abroad and as the article states, imagine the ease - (virtual child's play -script kiddies) - with which one could upload/clone/distribute your/our/my data at each turn.

There is a reasonable solution to this issue - it is so easy that it could be nearly impossible to enact. :ouch:

Have the RFID chip indicate when it is being read. Anyone care to vote yes on this idea ? :suspect:

Right.

They showed a CEO on tv about security where his company used rfid chips to get into the office building. You just held up this thing to the lock and it would authenticate you. One of the hackers if you will walked past the CEO in the parkinglot and swiped a handheld reader as they walked past each other and the information was copied. The hacker then walked up to the door and transmitted the info he'd just copied and voila, access granted. Secure huh?

But this will only affect a few per cent of their citizens. By comparison with Europe, our American friends are not a very well travelled nation.

Vapilot... yes but if you only slip it out of the protection at passport control or checkin... there is little chance of intruders operating in those areas, and they would be easy to detect I would have thought.

I still see the benefits outweighing these disadvantages.

If the data stored in the tag is encrypted then there is nothing that can be done with it unless you have they key to decode the information. As they said, it was just a meaningless stunt.

For example, you access online banks using https which is just normal http sent in an encrypted stream. If you worry about someone taking encrypted data from an RFID tag then you will also worry about someone listening to all your https communcations on the internet and decoding that.

And what is the info going to tell them anyway if they did decrypt it, your passport details? How often do you have to give a photocopy of your passport to prove your identity (or a company takes a copy) - what makes you think that this info is not picked out of gargabe bins?

It is easy to get your personal data already. Unless you shred all your letters (asuming you get them all and none are "intercepted") and you don't use the phone and don't send emails without PGP, never let go of your credit cards and never let anyone see them, then you are already a potential victim of identity theft.

I dispair of people that are worried about converting paper based systems (easy to steal. copy, forge and change ready for illegal use) to electronic based systems (harder to use for fraud as exceptions can be detected easily).

The sooner we all get a chip embedded in our body that is encoded with our retinal signature, the sooner we can all prove who we are immediately. I prefer that solution to having someone take a bit of paper out of my letterbox, a bit of info off the internet, and then go open a loan in my name.

If you like your paper based world then stick with your steam engines. I expect we got the same worries when we started to put photos on ID papers: "Imagine if someone should steal my ID papers, they could put on a disguise and thus in pretence commit a devious act, apparently in my name...!"

To my way of thinking ~ and I must admit to not being a sophisticate when it comes to this specific technology ~ in the case of RFID chips in passports, it could be the hotel clerk himself who is capturing the data, or the airport security personnel, who could also have an alternate agenda. You don't need a bad actor in proximity, just your passport.

Regarding encryption, that's mathematics. My university degree is in mathematics; I'm in a heavily quantitative graduate program now. One of my friends in undergraduate school, along with a professor, published a peer-reviewed paper on the building of algorithms designed to unwind encryptions, which included an authorized penetration of the encryption set in place by a famous investment bank. While this is not my field, I'm confident unwinding encryption in RFID chips would not be impossible.

Essentially, writing the proof for a mathematical problem is the same as reverse-engineering it. That's what we're speaking of here.

Regarding people's fears of moving from paper-based technology to electronic, it is the matter of moving from transmission of individual physical records to mass transmission and storage of millions. This opens up the opportunity for theft of gigantic volumes of material without the problem of actually having to lift and transport it. I know this is obvious, but think it worthy of restatement.

It's highly inefficient to sift through individual cans of garbage. It's highly efficient to have to look in only one place.

About a year ago I read a news report that one of my credit card companies had been the victim of the electronic theft of over 500,000 account records. Calls to the company led to nothing but a run-around. They would neither confirm nor deny that my account records had been compromised. I cancelled the account, demanding that I receive a letter indemnifying me against account abuse due to record theft. It took an exchange of letters between my mother (a lawyer) and their corporate counsel to receive such a letter, five months after the fact.

It will be some time, if ever, before reasonable fears of theft and misuse of personal data go away.

Anyone getting that sophisticated, only need to hack the records of the passport office. They get thousands of 'identities' without having to hang round aiports etc, trying to read RFID chips. You cant stop evrything, but the ease of forging a non-chipped passport seems worth restricting.

While this is not my field, I'm confident unwinding encryption in RFID chips would not be impossible.

Essentially, writing the proof for a mathematical problem is the same as reverse-engineering it. That's what we're speaking of here."Not impossible" may be a good way of putting it. As I understand it, some readily-available encryption can definitely be broken by an outsider - if you happen to have computers bigger than the known universe and more time than the universe has existed so far.

I understood that the encryption key length is kept as big as it needs to be in order to ensure that any attempt to decrypt it would require either massive computing power and/or sufficiently long term to render the results of the encryption unuseable.

In the case of having massive computing power that can quickly deocde this encrypted data, it is known where such computers are and what they are used for.

As for the time taken to decrypt the data, this is a useful protection if say you are protecting a conversation between 2 computers and you know it takes 20 hours of processing on a highest spec computer that is available to Joe public, then you know that your session time on that conversation should be less than 20 hours to prevent a man-in-the middle attack.

No security is foolproof, but staying on paper based systems just to prevent against the risk of quick theft of large amounts of data is not a good justification to delay introduction of new security technologies. What is needed is an architecture that allows a dynamic ablity to uplift the encryption level, rapid propogation of new keys in the event of key theft, and a public that is willing to help. I fear the latter is the most difficult part to implement :{

As I understand it, some readily-available encryption can definitely be broken by an outsider - if you happen to have computers bigger than the known universe and more time than the universe has existed so far.

What your thought overlooks is that encryption algorithms are invented by the human mind. Computers are not capable of running routines beyond the instructions the authors are capable of giving. Further, encryption is, let us say, a lock on data. It requires a key to open. It's a cliche but true, that any lock a human mind can design can be picked by a mind of equal or superior intellect.

The size of a computer is meaningless. The fastest, most powerful, accurate, self-maintaining, self-replicating and energy efficient computer known of today is DNA. It's small. And the results of its computations are complex, indeed. And yes, molecular geneticists measure data computed by DNA in Kbs.

The fact of the matter is that true security is created by looking carefully not only at the area or data being secured but also at the human beings engaged in the security, passing through the supposedly secure space or handling the supposedly secure data. This is called profiling. It is quite out of fashion. And thus we look to the data and not to the protein.

Once someone gets a hold of the decryption key then what?
All the encryption is then useless. And how many machines all over will hold this key?

As I understand it, modern computer based encryptions are based on a very very large number that is a prime number. A 128 bit number that is only divisible my itself and 1. So, yes, it would take a very large computer a prohibitively large time to run through all the primes to find the one used. That being said, 2 math grad students in Iowa figured it out about 10 years ago.

Once someone gets a hold of the decryption key then what?
All the encryption is then useless. And how many machines all over will hold this key?

There is not one type of key, there are many, and depending on what you are trying to encode, and who can view / change / transmit that information.

There also exists a mechanism to renew keys quickly (milliseconds), and to grant and revoke trusts associate with these keys, so the mechanisms are not quite as easy to break as you suggest with your question.

But again the question is going in the wrong direction. It is already easy to steal / forge / reproduce lots of personal data and security documents. By using encryption which confidently links the real individual physical person to a certain document is a massive step forwards. Sure no system if 100% watertight, but to be able to say that the person stood infront of you is such-and-such a person and to be able to say that with a high degree of confidence is a major step forward for all law abiding people.

Currently all you can say is that an identity document that is currently in the possesion of a certain individual has all the likenesses of the person who has presented it. You cannot even ensure that the identity document is not fake, nor can you actually be sure that this document was originally issued to this person nor that it has not been changed.

With an encrypted link made between something that only you possess (retinal data) and an identity document (remember this could be a card with a chip in it, not just a paper document) you can now say that the person who is infront of you has claimed to possess the same identity for a known period of time (for most people this will be since birth) and that the identification document that they present was issued to them and only them, that it has not been changed since it was issued.

There will always be hickups and fraud, but it will be easier to detect and spotted more quickly, consequentally the decisions made by security personnel will be more accurate with a higher degree of confidence. Which means less waiting, less mistaken identity, blah blah.

I cannot understand why people still think that a photo on a bit of paper is sufficiently good, and are afraid of getting better tools to confidently guarantee their identity. Perhpas becuase it is the Americans who are pushing this stuff slowly forward, it is seen as bad. I'd like to have this type of ID in my pocket all the time so that when I buy something using my credit card, I know that only the owner of my eyes can use my credit card. I will also know that when someone steals my utiliby bill and changes the address on it, they will not be able to use that bit of paper to open a loan in my name at a fake address.

I guess joe public has seen to many scary big-brother-mistaken-identity-in-the-future-innocent-man-on-run-from-authorities type of movies.:ugh: