论文信息 - Security and Privacy Issues in Machine Readable Travel Documents (MRTDs)

Security and Privacy Issues in Machine Readable Travel Documents (MRTDs)

After the tragic terror attacks of 9/11, the U.S. Congress resolved to bring about a major overhaul of the immigration process at border posts by passing the Enhanced Border Security and Visa Entry Reform Act of 2002. Section 303(c) of that act requires that countries that participate in the US Visa Waiver Program (VWP) have a program to issue machine readable passports that are tamper resistant and incorporate biometric and document authentication identifiers. In the interest of international reciprocity, the U.S. will issue similar machine readable passports to U.S. citizens. The Technical Advisory Group of the International Civil Aviation Organization (TAG/ICAO) has issued specifications for the deployment of Machine Readable Travel Documents (MRTD) that are equipped with a smart card processor for the purposes of biometric identification of the holder. Some countries, such as the United States, intend to issue machine readable passports that serve only as passports. Other countries, such as the United Kingdom, intend to issue more sophisticated multi-application passports that can also serve as national identity cards. We have conducted a detailed security analysis of these specifications, and we present the results in this paper. We also illustrate possible, hypothetical scenarios that could cause a compromise in the security and privacy of holders of such travel documents.

Paul A. Karger | Gaurav S. Kc

[1] Hugo Krawczyk,et al. Security issues in a CDPD wireless network , 1995, IEEE Wirel. Commun..

[2] Dan Harkins,et al. The Internet Key Exchange (IKE) , 1998, RFC.

[3] Axel Schairer,et al. Verification of a Formal Security Model for Multiapplicative Smart Cards , 2000, ESORICS.

[4] P A Karger,et al. SECURITY AND PRIVACY THREATS TO ITS , 1995 .

[5] Paul A. Karger,et al. A New Mandatory Security Policy Combining Secrecy and Integrity , 2000 .

[6] Satoshi Hoshino,et al. Impact of artificial "gummy" fingers on fingerprint systems , 2002, IS&T/SPIE Electronic Imaging.

[7] Tsutomu Matsumoto. Gummy and conductive silicone rubber fingers: Importance of vulnerability analysis , 2002 .

[8] Trent Jaeger,et al. Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[9] William A. Arbaugh,et al. Real 802.11 Security: Wi-Fi Protected Access and 802.11i , 2003 .

[10] Hugo Krawczyk,et al. SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE-Protocols , 2003, CRYPTO.

[11] Hugo Krawczyk,et al. Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card , 2003, ESORICS.

[12] Hugo Krawczyk,et al. Security Analysis of IKE's Signature-Based Key-Exchange Protocol , 2002, CRYPTO.