Good Technology Used the Wrong Way

by on April 4, 2005 · 4 comments

The U.S. State Department is proposing to use RFID in passports. Bad idea.

Much has been made of the privacy and security risk, by such sites as RFIDKills.com. Yes, “RFID Kills” is waaaay over-the-top, and will certainly sully the technology overall, but it’s with a purpose.

My comments to the State Department deal just as much with the practical question. What good does RFID do in a passport?:

If chips save significant time over optical character readers, the choice of a contactless RFID chip over a contact chip is not explained. This particularly needs justification in light of the security and privacy concerns that come with RFID chips that would store personal information unencrypted.

The configuration of the RFID chip and reader at border crossings would apparently require the chip to be brought within four inches of the reader, meaning that RFID holds a four- inch advantage over a contact chip. If the Department believes that not having to move passports four inches to make contact with a reader will alleviate congestion at international borders, it should say so. If it does not believe this, it should select a non-RFID chip at most, and perhaps withdraw the proposal entirely, sticking with optical character recognition.

  • http://mcgath.blogspot.com garym

    Strictly speaking, the designs under consideration are encrypted, though with a public key. This prevents counterfeiting a new passport with transmitted data (a point the ACLU apparently has missed). But it does allow others to read the data undetected (at ranges greater than four inches, though reliability will decrease with distance), and thus potentially put people in danger.

  • Jim Harper

    Two pieces of relevant, apparently conflicting language from the State Department’s notice:

    To verify that the data written on the electronic chip has not been tampered with, the Department proposes to employ digital signatures compliant with the ICAO Public Key Infrastructure (PKI) technology. In order to ensure that the data contained in the electronic chip matches the data printed in the physical book, electronic chip technology requires that the data on the electronic chip be written only once and not changed.

    and

    Recent press stories about the use of this technology have noted that the information will not be “encrypted” and mention the concern about identity theft by unauthorized persons through either skimming (the surreptitious reading of the electronic information without the holder’s knowledge) or eavesdropping intercepting information from the electronic chip while it is being read at an official port of entry station). The United States does not intend to encrypt the data for the following reasons: the personal data stored on the passport’s electronic chip consists simply of the information traditionally and visibly displayed on the passport data page; encrypted data takes longer to read, increasing port of entry processing time; and in order to be globally interoperable, encryption would require a higher level of technology and more complicated technical coordination with other nations.

    So, the data may be written to the chip with the State Department’s private key, but it’s readable using State’s public key, making it encrypted for the State Department’s security purposes (anti-forgery) but not for individuals’ security purposes (anti-skimming). That the way you see it, garym?

  • http://mcgath.blogspot.com garym

    Strictly speaking, the designs under consideration are encrypted, though with a public key. This prevents counterfeiting a new passport with transmitted data (a point the ACLU apparently has missed). But it does allow others to read the data undetected (at ranges greater than four inches, though reliability will decrease with distance), and thus potentially put people in danger.

  • Jim Harper

    Two pieces of relevant, apparently conflicting language from the State Department’s notice:

    To verify that the data written on the electronic chip has not been tampered with, the Department proposes to employ digital signatures compliant with the ICAO Public Key Infrastructure (PKI) technology. In order to ensure that the data contained in the electronic chip matches the data printed in the physical book, electronic chip technology requires that the data on the electronic chip be written only once and not changed.

    and

    Recent press stories about the use of this technology have noted that the information will not be “encrypted” and mention the concern about identity theft by unauthorized persons through either skimming (the surreptitious reading of the electronic information without the holder’s knowledge) or eavesdropping intercepting information from the electronic chip while it is being read at an official port of entry station). The United States does not intend to encrypt the data for the following reasons: the personal data stored on the passport’s electronic chip consists simply of the information traditionally and visibly displayed on the passport data page; encrypted data takes longer to read, increasing port of entry processing time; and in order to be globally interoperable, encryption would require a higher level of technology and more complicated technical coordination with other nations.

    So, the data may be written to the chip with the State Department’s private key, but it’s readable using State’s public key, making it encrypted for the State Department’s security purposes (anti-forgery) but not for individuals’ security purposes (anti-skimming). That the way you see it, garym?

Previous post:

Next post: