e-Passportt hreats

under pressure by a US visa-waiver policy change that mandated all for-eign passports be machine-readable. Ideally, e-passports will substantially improve border security, but at what cost to passport-holder privacy?E-passports have an embedded contact-less chip that can be read by radio from up to a few centi-meters away (although boosted readers can scan them from a few meters). The ICAO chose this technology over magnetic strips and 2D barcodes because it pro-vides reliable connection, large memory capacity, random access, and rewritable memory.However, an open question re-mains—what happens if the chip doesn’t respond at border control? Chips can malfunction, especially if they’re grilled by electromag-netic waves either by accident or an active attack. In theory, an e-passport remains valid even if the chip doesn’t respond, but the holder is likely to waste a lot of time at immigration offices. Some people have opted to break the law to protect their privacy by de-stroying their passport chips with a hammer, a microwave, or a pho-tograph flash. But let’s assume for a moment that people can peaceful-ly live with their e-passports: what sort of cryptography technology is involved here? Can e-passport holders protect their privacy with-out resorting to subterfuge?