University of Birmingham > Talks@bham > Computer Security Seminars > Passports as encryption smartcards: why traveling abroad with your passport might be illegal

Passports as encryption smartcards: why traveling abroad with your passport might be illegal

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Dr Garfield Benjamin.

NB change of day

It is well known that a holder of a passport can use the Active Authentication protocol to sign messages. This usage is known as Remote Document Authentication (RDA). That is, one can effectively use an e-passport as a PKI smartcard to authenticate its holder to an external party.

In this talk I will explain how a passport can also cater for encryption by (ab)use of the Chip Authentication protocol. With Remote Document Encryption (RDE) any external party can extract a public key from an e-passport bound to the user identity, allowing data encryption that can only be decrypted by the holder using its e-passport. We can also introduce the notion of an RDE Extraction PIN bound to the passport, effectively providing the same security as a regular PIN .

To use RDE the user needs an RFID card reader connected to its computer or an NFC enabled mobile device. The latter might no longer only limited to Android based devices as Apple recently announced opening its NFC interface. Possible RDE applications include secure email, compartmentalization of personal data within portals, secure data storage on NFC devices and cloud encryption. RDE can also be used as an authentication mechanism: the user’s ability to decrypt, authenticates him. As the Extraction PIN is bound to the document one can achieve two factor authentication, i.e. RDE can be considered an enhancement of RDA .

The results apply to hundreds of millions of existing passports and identity cards worldwide, including the Dutch ones. RDE ironically suggests that carrying a passport when traveling abroad might violate export or import laws on strong cryptography.

Details on: https://arxiv.org/abs/1704.05647

This talk is part of the Computer Security Seminars series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

Talks@bham, University of Birmingham. Contact Us | Help and Documentation | Privacy and Publicity.
talks@bham is based on talks.cam from the University of Cambridge.