By Mary Catherine O'Connor
Aug. 9, 2006—At last week's
Black Hat computer security conference in Las Vegas, Lukas Grunwald, a consultant with computer security firm
DN-Systems, demonstrated that using an open source software package called RFDump and an RFID interrogator (reader), he could duplicate the data from his RFID-enabled German passport onto an RFID access card. With the United States soon to join the handful of nations already issuing passports with embedded RFID tags (the U.S. State Department plans to begin issuing e-passports on Monday), the demo struck a nerve. At last count, a search on
Google showed a few hundred news stories about the event.
One of these stories, published in
Wired News, said that to read the tag in his passport, Grunwald used the same interrogator that border agents use to read e-passports and e-passport software made by
Secunet Security Networks. He then used RFDump to make the clone.
|
|
Randy Vanderhoof
|
However, Grunwald merely cloned the data on the IC inside his passport. He did not counterfeit the passport, nor did he manipulate the data. Although Grunwald claimed to have demonstrated a fundamental security flaw in RFID-enabled passports (known as e-passports), a number of RFID technology experts say this is not true.
Smart Card Alliance is a not-for-profit association representing more than 185 companies in the banking, financial services, computer and retail markets, including
Gemalto, which supplies the RFID inlays that will be used in the US e-passports. The alliance held a news teleconference Tuesday to discuss the demo and address related questions.
In order to ensure interoperability and a base level of security, the nearly 30 countries issuing or planning to issue e-passports have agreed to follow specifications developed by the
International Civil Aviation Organization (ICAO) to establish required and optional types of data that can be encoded to the inlay inside each passport. The ICAO specifications support different levels of protection to reduce the chances of electronic data on one's passport being pulled, or skimmed, surreptitiously, or eavesdropped while the data is being read at a border entry point. A mesh metallic lining on the passport booklets prevents the inlay from being read until the booklet is opened. To protect the info from being pulled by an unauthorized party, the reader's operator must enter a password, written on the passport, to unlock and read the tag, through a process called Basic Access Control. This tool can also be used to encrypt the data on the tag. To access the encrypted tag data, a reader would also need access to the appropriate data keys. Grunwald reportedly pulled all the information he needed to clone his passport tag by reading through the specifications on the ICAO web site.
THE WORLD'S RFID AUTHORITY
PREMIUM = Requires Subscription. Learn More
