Tool to backup, modify and clone ePassport released

Ian Batten ukcrypto at chiark.greenend.org.uk
Tue, 30 Sep 2008 19:21:34 +0100 

On 30 Sep 2008, at 18:07, Charles Lindsey wrote:

> On Tue, 30 Sep 2008 17:05:19 +0100, Igor Mozolevsky <igor@hybrid-lab.co.uk 
> > wrote:
>
>> Of course you are assuming that the keys are rotated after a period  
>> of
>> time, otherwise you'd be essentially invalidating all passports  
>> signed
>> by that country. I highly doubt that even the UK passports have
>> different keys for different issuing authorities and the keys are
>> changed, say, even on monthly basis...
>
> I think it safe to assume that UK passports have omitted several  
> features which a competent cryptographer would have included as a  
> matter of course :-(.

I don't.  It'd be stunned if the design hadn't made a trip to the West  
Country.  The subversion of the entire UK passport system would be  
rather uncool.  The passports have had the benefit of some of the best  
physical security people in the game in the design of the paper and  
the watermarks, so why wouldn't they be equally motivated to sort out  
the electronic properties?

At the moment we have a vague piece of email which lays claims to  
certain weaknesses.  But none of which (so far as I can tell) have  
been tested by someone modifying a passport and seeing if it's  
accepted by the computers at a border.

I wouldn't be at all surprised if it were possible to place onto a  
passport a set of information signed with a self-signed cert.  Indeed,  
short of the passport itself embodying containing some root keys and  
the hardware to test data against them --- which would require  
substantial power, which isn't available --- it's hard to see how you  
would stop this.  It's some memory.  I can load bits into it.  Why  
wouldn't I be able to?

The question is if that data will be seen as valid by a reader at the  
border of (a) the issuing country (b) a country on friendly terms with  
the issuing country and (c) an arbitrary country, and what benefit it  
gives me.

In the case of (a) the answer is clearly `no', because the data isn't  
read anyway: the passport's serial number is extracted and the  
photograph is retrieved from the UKPA database.   There might be an  
attack which allows a visually plausible passport to fetch the details  
of another, valid, UK passport: that's going to fail if the passport  
officer makes even the slightest attempt to compare the photograph on  
the face of the passport with the retrieved photograph.

In the case of (b) it depends on if the country has access to the UKPA  
passport data.  If not, there may be a reliance on the integrity of  
the electronic data, so that if you've forged both the photograph on  
the face of the passport and the matching electronic version and  
managed to replicate any signature that's needed, you could get up to  
no good.  However, the physical integrity of the passports are good  
and  getting better: the photograph and the data is now an integral,  
printed part of the data page, so you would need to either forge a  
complete back sheet or perform a massive splicing task.

If (c), the border won't have access to UKPA data and may not have  
practical access to any signing technology.  But it doesn't matter,  
because they probably won't use either the electronic version (no  
compatible equipment, don't trust it, don't care) or necessarily the  
face of the passport (apart from a vague check, they won't at the  
border of country X know enough about UK passports to tell truth from  
forgery --- Ross's Level 1 inspection).   But they will almost  
certainly insist on a visa, issued by the UK embassy of country X,  
where the diplomats _will_ have experience with genuine UK passports  
(Ross's level 2) and can take up arbitrary other information sources  
prior to issuing the visa.  So the problem then devolves to faking the  
visa, and it's likely that if Country X has any sense, they'll have  
some means (albeit perhaps quite protracted) to trace a visa stamped  
into a passport back to the issuing documentation.

I think it's significant that the passport electronic stuff is driven  
by ICAO, not anyone serious.  I think it's there so you can use a  
passport as the identification at a self checkin machine, and so  
airlines can extract pre-fly information more easily.  End of.  I  
don't think it's a primary, or even a secondary, source of real ``can  
I cross borders'' authentication.

ian