about machine readable travel documents
play

About Machine Readable Travel Documents Privacy Enhancement Using - PowerPoint PPT Presentation

Oct 05, 2022 •232 likes •649 views

About Machine Readable Travel Documents Privacy Enhancement Using (Weakly) Non-Transferable Data Authentication Jean Monnerat, Serge Vaudenay , Martin Vuagnoux COLE POLYTECHNIQUE FDRALE DE LAUSANNE http://lasecwww.epfl.ch/ SV 2007 About

  1. About Machine Readable Travel Documents Privacy Enhancement Using (Weakly) Non-Transferable Data Authentication Jean Monnerat, Serge Vaudenay , Martin Vuagnoux ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE http://lasecwww.epfl.ch/ SV 2007 About MRTD RFID Security 2007 1 / 41

  2. ICAO-MRTD 1 Non-Transferable Proofs 2 SV 2007 About MRTD RFID Security 2007 2 / 41

  3. ICAO-MRTD 1 Non-Transferable Proofs 2 SV 2007 About MRTD RFID Security 2007 3 / 41

  4. ICAO-MRTD 1 ICAO-MRTD Overview Data Structures and PKI MRTD Cryptography Security and Privacy Issues Non-Transferable Proofs 2 SV 2007 About MRTD RFID Security 2007 4 / 41

  5. Objectives to enable inspecting authorities to securely identify visitors with the help of machine-readable digital information → biometrics → contactless IC chip → digital signature + PKI maintained by UN/ICAO (International Civil Aviation Organization) SV 2007 About MRTD RFID Security 2007 5 / 41

  6. MRTD History 1968: ICAO starts working on MRTD 1980: first standard (OCR-B Machine Readable Zone (MRZ)) 1997: ICAO-NTWG (New Tech. WG) starts working on biometrics 2001 9/11: US want to speed up the process 2004: version 1.1 of standard with ICC 2006: extended access control under development in the EU SV 2007 About MRTD RFID Security 2007 6 / 41

  7. How to Distinguish a Compliant MRTD SV 2007 About MRTD RFID Security 2007 7 / 41

  8. MRTD in a Nutshell MRTD MRZ LDS ❄ ❄ ❄ ❄ ❄ ❄ optical access radio access data authentication by digital signature + PKI aka passive authentication access control + key agreement based on MRZ info aka basic access control (BAC) chip authentication by public-key cryptgraphy aka active authentication (AA) SV 2007 About MRTD RFID Security 2007 8 / 41

  9. ICAO-MRTD 1 ICAO-MRTD Overview Data Structures and PKI MRTD Cryptography Security and Privacy Issues Non-Transferable Proofs 2 SV 2007 About MRTD RFID Security 2007 9 / 41

  10. MRZ Example document type issuing country holder name doc. number + CRC nationality date of birth + CRC gender date of expiry + CRC options + CRC SV 2007 About MRTD RFID Security 2007 10 / 41

  11. LDS Structure DG1 (mandatory): same as MRZ DG11: add. personal detail(s) DG2 (mandatory): encoded face DG12: add. document detail(s) DG3: encoded finger(s) DG13: optional detail(s) DG4: encoded eye(s) DG14: (reserved) DG5: displayed portrait DG15: KPu AA DG16: person(s) to notify DG6: (reserved) DG7: displayed signature DG17: autom. border clearance DG8: data feature(s) DG18: electronic visa DG9: structure feature(s) DG19: travel record(s) DG10: substance feature(s) SO D (mandatory) SV 2007 About MRTD RFID Security 2007 11 / 41

  12. SO D Structure list of hash for data groups DG1–DG15 formatted signature by DS (include: information about DS) (optional) C DS SV 2007 About MRTD RFID Security 2007 12 / 41

  13. Hierarchy C CSCA ✲ other countries CSCA C DS DS 1 DS 2 SO D LDS 21 LDS 22 one PKI per country one CSCA (Country Signing Certificate Authority) C CSCA : self-signed CSCA public key KPu CSCA C CSCA distributed to other countries by diplomatic means possibly many DS (Document Signer) per country C DS : certificate for a DS public key KPu DS SO D : signature of (part of) LDS in MRTD SV 2007 About MRTD RFID Security 2007 13 / 41

  14. ICAO-MRTD 1 ICAO-MRTD Overview Data Structures and PKI MRTD Cryptography Security and Privacy Issues Non-Transferable Proofs 2 SV 2007 About MRTD RFID Security 2007 14 / 41

  15. Basic Access Control goal prevent from unauthorized access by the holder (privacy) read MRZ (OCR-B) extract MRZ info run an authenticated key exchange based on MRZ info open secure messaging based on the exchanged symmetric key → proves that reader knows MRZ info SV 2007 About MRTD RFID Security 2007 15 / 41

  16. MRZ info PMFRADUPONT<<<<JEAN<<<<<<<<<<<<<<<<<<<<<<<<< 74HK8215<6CHE7304017M0705121<<<<<<<<<<<<<<03 document type issuing country holder name doc. number + CRC nationality date of birth + CRC gender date of expiry + CRC options + CRC SV 2007 About MRTD RFID Security 2007 16 / 41

  17. Secure Messaging goal authentication, integrity, confidentiality of communication message message ✻ KS ENC KS ENC ❄ ❄ ❄ Enc Dec ✻ KS MAC KS MAC ❄ ❄ ✲ MAC ✲ MAC ✲ = ✻ ❄ ❄ Adversary ☛ ✕ ✻ → secure channel based on 3DES SV 2007 About MRTD RFID Security 2007 17 / 41

  18. Passive Authentication goal authenticate LDS after getting SO D , check the included certificate C DS and the signature when loading a data group from LDS, check its hash with what is in SO D → stamp by DS on LDS SV 2007 About MRTD RFID Security 2007 18 / 41

  19. Active Authentication goal authenticate the chip proves that ICC knows some secret key KPr AA linked to a public key KPu AA by a challenge-response protocol (KPu AA in LDS authenticated by passive authentication) → prove that the chip is not a clone SV 2007 About MRTD RFID Security 2007 19 / 41

  20. Active Authentication Protocol IFD ICC RND . IFD F ← nonce || RND . IFD − − − − − − − − − − − − − − − − − → pick RND . IFD Σ Σ ← Sign KPr AA ( F ) ← − − − − − − − − − − − − − − − − − check SV 2007 About MRTD RFID Security 2007 20 / 41

  21. Sequence of Steps for Identification read MRZ (OCR-B) ❄ resolve collisions to ICC ❄ yes ✲ BAC + open sec. messaging access denied? no ❄ ✛ passive authentication ❄ MRZ matches? ❄ ✲ check AA (if supplied) check biometrics SV 2007 About MRTD RFID Security 2007 21 / 41

  22. ICAO-MRTD 1 ICAO-MRTD Overview Data Structures and PKI MRTD Cryptography Security and Privacy Issues Non-Transferable Proofs 2 SV 2007 About MRTD RFID Security 2007 22 / 41

  23. Coming From Wireless Technology (claimed to be possible at a distance of 10m) detecting the proximity of an e-passport threat : giving valuable information to passport theafs threat : privacy (in some cases) by tracking people data skimming threat : privacy unauthorized access threat : privacy SV 2007 About MRTD RFID Security 2007 23 / 41

  24. Coming From IC Chip too much trust in automated process, lazzy identification threat : identity theft malicious cookies put in MRTD threat : privacy dependence on the technology: DoS attack could kill the IC chip threat : waste of time at border controls abuse of automatic recognition threat : privacy leakage of digital evidence threat : privacy SV 2007 About MRTD RFID Security 2007 24 / 41

  25. Digital Evidence: Challenge Semantics Attack challenge semantics in AA: evidence that D existed when MRTD was queried H ( D ) = RND . IFD ( D || LDS || Σ) = evidence evidence that MRTD was accessed at time t H ( social ( t − 1 )) = RND . IFD timestamp t ( social ( t − 1 ) || LDS || Σ) = evidence SV 2007 About MRTD RFID Security 2007 25 / 41

  26. Digital Evidence: Transferable LDS Authentication signed personal data (name, age, gender, face, etc) can no longer hide/deny name, age, gender... when DG11 is used: more personal data (place of birth etc) personal profiles can be sold if they come with a proof SV 2007 About MRTD RFID Security 2007 26 / 41

  27. ICAO-MRTD 1 Non-Transferable Proofs 2 SV 2007 About MRTD RFID Security 2007 27 / 41

  28. ICAO-MRTD 1 Non-Transferable Proofs 2 Notions of Non-Transferability ZK Protocols for MRTD SV 2007 About MRTD RFID Security 2007 28 / 41

  29. Mafia Fraud + Fully Non-Transferable Proof (does P know?) Mafia Prover Verifier ✛ ✲ ✛ ✲ K p � knowledge proof of knowledge ↓ proof of knowledge or of knowing a secret key attached to K p → need PKI for verifiers: maybe an overkill SV 2007 About MRTD RFID Security 2007 29 / 41

  30. Zero-Knowledge: Offline Non-Transferability proof of knowledge ✛ ✲ Prover Verifier leaks nothing that can later be used ✛ ✲ Prover Cheater Simulator Cheater ✛ ✲ data of distribution D data of distribution D SV 2007 About MRTD RFID Security 2007 30 / 41

  31. Sigma Protocols Prover Verifier secret : x commitment − − − − − − − − − − − − − → challenge ← − − − − − − − − − − − − − response − − − − − − − − − − − − − → check SV 2007 About MRTD RFID Security 2007 31 / 41

  32. Example: GPS Identification Prover Verifier parameters : g , A , B , S public key : I ( I = g s ) input : I , g , A , B , S secret key : s ∈ [ 0 , S ] pick r ∈ [ 0 , A − 1 ] pick c ∈ [ 0 , B − 1 ] x x ← g r − − − → c ← − − − y check g y = xI c y ← r + cs − − − → and 0 ≤ y < A +( B − 1 )( S − 1 ) SV 2007 About MRTD RFID Security 2007 32 / 41

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

About Machine-Readable Travel Documents Privacy Enhancement Using (Weakly) Non-Transferable Data

About Machine-Readable Travel Documents Privacy Enhancement Using (Weakly) Non-Transferable Data

About Machine-Readable Travel Documents Privacy Enhancement Using (Weakly) Non-Transferable Data Authentication Jean Monnerat 1 , Serge Vaudenay 2 , and Martin Vuagnoux 2 1 UCSD, San Diego CA, USA 2 EPFL, Lausanne, Switzerland

795 views • 14 slides
From Machine-readable CDISC Standard Specifications to the e-Protocol FH-Prof. Dr. Jozef Aerts

From Machine-readable CDISC Standard Specifications to the e-Protocol FH-Prof. Dr. Jozef Aerts

From Machine-readable CDISC Standard Specifications to the e-Protocol FH-Prof. Dr. Jozef Aerts University of Applied Sciences FH Joanneum Institute of e-Health Graz, Austria The problems CDISC Standards documents come as PDF / HTML

256 views • 23 slides
Kate Lauber S604 Metadata &amp; Semantics December 11, 2009 MARC21 (MAchine Readable

Kate Lauber S604 Metadata &amp; Semantics December 11, 2009 MARC21 (MAchine Readable

Kate Lauber S604 Metadata &amp; Semantics December 11, 2009 MARC21 (MAchine Readable Cataloging) precedes todays bibliographic ontologies Fields, tags, and indicators encode elements of a resource to make a sharable record

309 views • 12 slides
Making literature searches machine readable 3 April 2020 Modern Research Methods Notes on

Making literature searches machine readable 3 April 2020 Modern Research Methods Notes on

Making literature searches machine readable 3 April 2020 Modern Research Methods Notes on entering search results Enter all papers even if you decide to exclude it citation and lin link do this as you Make sure to include the ap apa

295 views • 3 slides
From Data to Machine Readable Information Aggregated in Research Objects Markus Stocker PANGAEA

From Data to Machine Readable Information Aggregated in Research Objects Markus Stocker PANGAEA

First International Workshop on Reproducible Open Science Hannover, Germany, September 9, 2016 From Data to Machine Readable Information Aggregated in Research Objects Markus Stocker PANGAEA / MARUM University of Bremen Germany

381 views • 11 slides
Dictionaries Christian Chiarcos Applied Computational Linguistics Lab

Dictionaries Christian Chiarcos Applied Computational Linguistics Lab

Digital Humanities Workshop, Sep 9 11, 2014, Batumi, Georgia Linking Machine-Readable Dictionaries Christian Chiarcos Applied Computational Linguistics Lab chiarcos@informatik.uni-frankfurt.de 1 Linking Machine-Readable Dictionaries

719 views • 71 slides
Assembly Language Assembly Language: Human Readable Machine Language Computers like ones and

Assembly Language Assembly Language: Human Readable Machine Language Computers like ones and

Assembly Language Assembly Language: Human Readable Machine Language Computers like ones and zeroes 0001110010000110 Humans like symbols R0,R17 ; increment index reg. ADD An assembler is a program that translates symbols for

149 views • 12 slides
Human-Readable Machine-Verifiable Proofs for Teaching Constructive Logic Andreas Abel, Bor-Yuh

Human-Readable Machine-Verifiable Proofs for Teaching Constructive Logic Andreas Abel, Bor-Yuh

Human-Readable Machine-Verifiable Proofs for Teaching Constructive Logic Andreas Abel, Bor-Yuh Evan Chang, and Frank Pfenning Workshop on Proof Transformations, Proof Presentations and Complexity of Proofs International Joint Conference on

578 views • 23 slides
Name Date Place Extraction in unstructured text Automatically scan machine-readable text to

Name Date Place Extraction in unstructured text Automatically scan machine-readable text to

Name Date Place Extraction in unstructured text Automatically scan machine-readable text to locate name, date, and place information The Problem It's difficult to: Find pertinent information in long documents Make accurate queries

454 views • 14 slides
My Travels in Spring and Summer 2019 Yuta Michimura Department of Physics, University of Tokyo

My Travels in Spring and Summer 2019 Yuta Michimura Department of Physics, University of Tokyo

Ando Lab Seminar August 8, 2019 My Travels in Spring and Summer 2019 Yuta Michimura Department of Physics, University of Tokyo My Travels March 18-26: QFilter Workshop @ Paris May 20-21: Kamioka June 18: ICRR Seminar @ Kashiwa

402 views • 36 slides
D Answer 600 m/s C 0.003 m/s D [This object is a pull tab] Slide 4 / 40 2 A blimp travels

D Answer 600 m/s C 0.003 m/s D [This object is a pull tab] Slide 4 / 40 2 A blimp travels

Slide 1 / 40 Slide 2 / 40 8th Grade Forces and Motion Study Guide www.njctl.org Slide 3 / 40 1 A snail travels 10 m in 3000 seconds. What is the snail's average speed? 60000 m/s A 0.02 m/s B 600 m/s C 0.003 m/s D Slide 3 (Answer) /

474 views • 26 slides
Slide 4 / 40 2 A blimp travels at 3 m/s for 1000 s. What distance does the blimp cover in that

Slide 4 / 40 2 A blimp travels at 3 m/s for 1000 s. What distance does the blimp cover in that

Slide 1 / 40 Slide 2 / 40 8th Grade Forces and Motion Study Guide www.njctl.org Slide 3 / 40 1 A snail travels 10 m in 3000 seconds. What is the snail's average speed? 60000 m/s A 0.02 m/s B 600 m/s C 0.003 m/s D Slide 4 / 40 2 A

367 views • 14 slides
Travels in Process Reality K. J. strm Department of Automatic Control, Lund University K. J.

Travels in Process Reality K. J. strm Department of Automatic Control, Lund University K. J.

Travels in Process Reality K. J. strm Department of Automatic Control, Lund University K. J. strm Travels in Process Reality Outline Introduction 1 Computer Control 2 Adaptive Control 3 PID Control and Autotuning 4 Reflections

620 views • 34 slides
Center for Responsible Travel Transforming the Way the World Travels www.responsibletravel.org

Center for Responsible Travel Transforming the Way the World Travels www.responsibletravel.org

Center for Responsible Travel Transforming the Way the World Travels www.responsibletravel.org Panel 5: Resource efficiency, environmental protection, and climate change Presentation Overview Arthur DeJong, head of Sustainability, Whistler

309 views • 3 slides
Truthfulness of Promised Messiah (AS) Preaching And whoever travels to English countries to

Truthfulness of Promised Messiah (AS) Preaching And whoever travels to English countries to

Truthfulness of Promised Messiah (AS) Preaching And whoever travels to English countries to preach purely for the sake of God will be amongst righteous and if he dies he will be amongst martyrs. Noor Ul Haq Page 252 1- Preacher 2- Contact 3-

507 views • 15 slides
http://cs246.stanford.edu High dim. High dim. Graph Graph Infinite Infinite Machine Machine Apps

http://cs246.stanford.edu High dim. High dim. Graph Graph Infinite Infinite Machine Machine Apps

3 announcements: Thanks for filling out the HW1 poll HW2 is due today 5pm (scans must be readable) HW3 will be posted today CS246: Mining Massive Datasets Jure Leskovec, Stanford University http://cs246.stanford.edu High dim. High dim.

1.07k views • 61 slides
Security on demand for (DS)MIP6 I-D:

Security on demand for (DS)MIP6 I-D:

Security on demand for (DS)MIP6 I-D: dra9-bajko-mext-sod Gabor Bajko, Basavaraj PaCl, Teemu Savolainen Background Securing the traffic or user

683 views • 5 slides
The symmetry-adapted configurational ensemble approach to the computer simulation of

The symmetry-adapted configurational ensemble approach to the computer simulation of

The symmetry-adapted configurational ensemble approach to the computer simulation of site-disordered solids Ricardo Grau-Crespo University of Reading, UK r.grau-crespo@reading.ac.uk Said Hamad University Pablo de Olavide Seville, Spain

747 views • 31 slides
Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty

Specication and Enforcement of Static Specication and Enforcement of Static Separation-of-Duty Policies in Usage Control Jianfeng Lu, Ruixuan Li, Zhengding Lu, Ji Jinwei Hu, and Xiaopu Ma i H d Xi M Huazhong University of Science and

625 views • 25 slides
Role-based access control Role-based access control 1 RBAC: Motivations Complexity of

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of security administration p y y For large number of subjects and objects, the number of authorizations can become extremely large For dynamic

536 views • 51 slides
Possibilistic Information Flow Control for Workflow Management Systems Thomas Bauereiss Dieter

Possibilistic Information Flow Control for Workflow Management Systems Thomas Bauereiss Dieter

Possibilistic Information Flow Control for Workflow Management Systems Thomas Bauereiss Dieter Hutter DFKI Bremen Workflow management systems Coordinating manual and (semi-)automatic activities involving multiple users Security

364 views • 17 slides
Compliance and Ethics Week Segregation of Duties Lisa LeBlanc, Associate Director, Internal

Compliance and Ethics Week Segregation of Duties Lisa LeBlanc, Associate Director, Internal

Compliance and Ethics Week Segregation of Duties Lisa LeBlanc, Associate Director, Internal Controls Over Financial Reporting Kerry Gilchrist, Senior Associate Auditor November 4, 2015 Compliance &amp; Ethics Week November 2-6, 2015 Got

335 views • 12 slides
The Grass is Always Greener: Reflections on the Success of MPI and What May Come After William

The Grass is Always Greener: Reflections on the Success of MPI and What May Come After William

The Grass is Always Greener: Reflections on the Success of MPI and What May Come After William Gropp wgropp.cs.illinois.edu Some Context Before MPI, there was chaos many systems, but mostly different names for similar functions.

501 views • 14 slides
1 Core RBAC (2) Core RBAC (3) UA USERS ROLES SESSIONS assigned_users : ( r :

1 Core RBAC (2) Core RBAC (3) UA USERS ROLES SESSIONS assigned_users : ( r :

Announcements CS590U Class mailing list Access Control: Theory and David Ferraiolo visit on Sep 16/17 Practice sign-up sheet to meet him after the class Proposal due Sep 30 (20% of grade) Lecture 5 (September 9 th ) Student

437 views • 6 slides

More recommend