No Encryption for E-Passports By Ryan Singel Story location: http://www.wired.com/news/privacy/0,1848,66686,00.html
02:00 AM Feb. 24, 2005 PT Despite widespread criticism from security experts that a proposed high-tech upgrade to Americans' passports actually introduces new security risks, the government is declining to encrypt data on new high-tech e-passports, according to proposed new rules published last week. In response to this outside criticism and some public questioning by one of its own contractors, the State Department delayed its rollout of the chip-equipped passports and hired additional companies to provide prototypes. Other countries are also wrangling with the issue, as the United States is requiring all 27 countries whose citizens do not need visas to visit America to begin issuing e-passports by October. So far only Belgium has started production, and it is likely the deadline, which was originally October 2004, will be pushed back another year. The new passports will include a radio frequency identification tag, a chip that will store all the information on the data page of the passport, including name, date and place of birth, and a digitized version of the photo passport, according to the proposal in the Federal Register. RFID chips are widely used in automatic toll-payment systems such as FasTrak, or identification chips implanted in the necks of pets. The chips are activated by a reader using certain radio frequency waves, which the chips use as an energy source to send back the encoded information. Border agents, equipped with readers, would be able to pull up passport information on a screen and visually compare the digitized photo against the passport bearer. Agents will also be able to use facial identification software to compare the person to the digitized photo, which is not feasible with current passports. The State Department, which has responsibility for passports and visas, hopes the measure will improve security and help curb passport forgery. The government will use chips that can only be written to once, and a further safeguard is provided in the form of a digital signature, which allows readers to verify that the information on the chip is the information originally written to it. But the rules, which are open for comment until April 4, rule out encrypting the bearer's name, birth date and digital photo, saying such a move would impede worldwide adoption of e-passports and that encrypted data would slow down entry and exit at customs. The lack of encryption baffles privacy advocates and security researchers, who say the new passports are vulnerable to "skimming," an attack that uses an unauthorized reader to gather information from the RFID chip without the passport owner's knowledge. The State Department concedes that skimming is a legitimate threat, but says the chips will have a read range of inches, that eavesdropping at border stations would be very conspicuous and that the passports will have a shielding mechanism -- perhaps a foil case or a weave in the cover that will cloak the chip when the passport is closed. That does little to satisfy critics such as Lee Tien, an attorney at the Electronic Frontier Foundation. "The State Department has not responded in any meaningful way to any of the privacy community," Tien said. "They are offering the equivalent of duct tape and baling wire as far (as) protecting peoples' information from being read. "It is my understanding it's possible to read this information from 10 to 30 feet away with the right equipment," Tien said. "When you think about the issues Americans have, especially when they travel abroad -- do you really want your passport to be broadcasting your name and nationality? This isn't good for privacy or the physical security of Americans abroad." Bruce Schneier, a security expert and author who founded Counterpane Internet Security, questions how much shielding helps, since travelers often have to show identification to exchange currency or check into a hotel. "Shielding is a good idea, but the problem is if you travel in Europe you are asked to show your passport a lot," Schneier said. "So all that shielding means is that someone who wants to sniff my passport just has to pick his location." Schneier, who just renewed his passport to make sure he will not have an unencrypted passport for another 10 years, says he has yet to hear a good argument as to why the government is requiring remotely readable chips instead of a contact chip -- which could hold the same information but would not be skimmable. "A contact chip would be so much safer," Schneier said. "The only reason I can think of is the government wants surreptitious access. I'm running out of other explanations. I'd love to hear one." Not everyone in the RFID industry thinks the proposed rules compromise security more than they help. "The goal is to create a stronger identification vehicle and that is what is being achieved in the e-passport initiative," said Erik Michielsen, director of RFID and ubiquitous networks at ABI Research. Michielsen, who calls himself a supporter of RFID technology, acknowledges there are legitimate security concerns, but thinks that the government should look at how other countries handle these concerns and learn from them, even as it proceeds with the current plan. "With any emerging technology, security issues arise and must be addressed," Michielsen said. "It's not whether security issues are solved today. It's assuring that as this moves toward a rollout that they are routinely addressed and resources are dedicated to ensuring consumers' privacy." The State Department, which is accepting written responses to the proposal until April 4 via e-mail sent to [EMAIL PROTECTED], did not return a call requesting comment. You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
