UK RFID Passports Cracked Already
from the feeling-safer? dept
There's been an odd rush by governments to move to RFID passports, even though there are serious concerns about how secure they really are. Over in the UK, where many RFID passports are already in use, a security researcher and a reporter were able to crack some aspects of the passport. It is, admittedly, a limited crack, but it could potentially be used to make a clone RFID chip for a counterfeit passport. While the UK government claims this crack is no big deal, you'd have to think that it shouldn't take long for other problems to show up as well. What seems pretty clear from the description is that the implementation was done without all that much thought given to the security side of the equation. We're not as down on RFIDs as some people are -- but with all the questions about security and privacy issues, you would think that officials would have been extra careful before sticking them in something such as a passport. Apparently not.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
rfid passports
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Why RFID?
[ link to this | view in chronology ]
Re: Why RFID?
So no, I don't think we should move to smart cards either.
[ link to this | view in chronology ]
Re: Re: Why RFID?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
business plan 101
Then the govt gives out another multibazillion dollar/euro contract for the vs2 chip etc etc etc
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
But with the frightening likelihood that you are serious: Yes, lets build ourselves into a frightened isolationist state, afraid to step outside of our door for fear of all the bad people out there. Lets be that crazy lady who never lets anyone into her house and lives in her own filth and waste and paranoia untill three years later her neighbors break down the door because the smell is starting to bother them. Lets stagnate inside of our own borders as the world moves on without us. Think for a moment how well isolating themselves worked for Japan, China, etc. In the unlikely event that we do something so cowardly and foolish I'm the first out of the country Bob. And stop blaming the enviromentalists for everything, it's thanks to them you don't need a gas mask to go for a walk and can actually catch fish in the wild anywhere.
[ link to this | view in chronology ]
Re:
Theres this thing called "gains from trade.."
Certainly, could be self-sufficient..
But do you want to pay $3000 for a mid-range computer, or $30 for a new cheap t-shirt, or $5 for one new pair of underwear?
Everything that is manufactured overseas is done so because its cheaper, and most things are. The few that are 'manufactured' here are really just assembled here; the input components were forged elsewhere in most cases. And the inputs for those inputs? Probably made elsewhere too.
But asking a six-pack Bob to consider meaty issues like international trade, CPI, and inflationary pressures is a lot, I know, especially for a Saturday. Go back to the TV and stop voting.
[ link to this | view in chronology ]
Re: Re:
Not to even mention the number of high-paying highly trained professionals that would have to be retasked to menial factory labor to replace the untrained automaton Chinese that were doing our dirty work for next to free beforehand.
all in all, yep, great plan "Bob".
[ link to this | view in chronology ]
Re: Re: Re:
I'm pretty sure Bob was being sarcastic.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
www.thatpoliticalblog.com
[ link to this | view in chronology ]
Re: Re:
It sounds like you're joking Rico, because that statement doesn't make any sense, but from your link you seem to be serious...
Why on earth would we (I consider myself an enviromentalist) want to be "punishing success and hurting American business"? Surely preserving our enviroment from turning into one big parking lot/dumping ground/barren wasteland is a worthy goal all by itself. I can understand a lot of argument about enviromentalism, but this one is honestly really dumb...
[ link to this | view in chronology ]
Unbeatable, please
[ link to this | view in chronology ]
Huh?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Give it a rest
Thanks for your opinion Bob...
[ link to this | view in chronology ]
Re: Anonymous Coward
- Benjamin Disraeli
[ link to this | view in chronology ]
Did you pack your bnags yourself?
Have your bags been in your posesion the whole time?
Has anyone asked you to take anything on board?
Queestion 1- Unless your a child who else is going to pack your bags?
Question 2- Becasue im sure there are lots of people leaveing their luggage full of all the clothes and personel itmes just sitting around
Question 3- Seriosuly if someone came to you and said please take this on the plane with you are you seriously going to f-ing do it?
[ link to this | view in chronology ]
Re: Guy Nov 18th
[ link to this | view in chronology ]
Electronics always fail
[ link to this | view in chronology ]
So what's the advantage of RFID systems?
Also, I'm a bit confused as to the difficulty of making a secure system. What security weaknesses would exist with the following:
(1) Factory creates RSA chips, each with a unique hard-coded id, private key, and public key. The factory keeps a list of the id's and public keys; the private keys are destroyed after the chips are manufactured and are handled in such fashion as to ensure their destruction.
(2) When a user goes to perform a transaction, his ID is read out and used to access the key database. The public key, or a cryptographic hash thereof, is retrieved and compared with that in the chip.
(3) Next the reader generates a random string, encrypts it with the public key, and sends it to the chip. The chip decrypts it with its private key and sends it back.
Assuming a decent length of key is used, how could this system be attacked?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
RFID vs SmartCards
New smartcards have clock timing functions on both the inside and outside of the secure part of the card making glitching pretty-much useless...
RFID technology is neat, and potentially useful for many things, but being RF, it lends itself to too many other useful things that the holder of the device may be unaware of.. like tracking movements, seeing what item on a given store display was picked up / put down, etc.
I'd imagine that it would not belong before people would be able to construct an "American" (or insert the nationality of your choice) detector that could identify the presence of an American in a crowd full of people, and then help to ferret them out. (not to go all "tinfoil hat" on you or anything).
There has to be a better and less-intrusive way...
[ link to this | view in chronology ]
Seems like a simple idea, at least
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]