Interesting People mailing list archives
more on STATE DEPT. TO RETHINK PRIVACY SUPPORT IN RFID PASSPORTS
From: David Farber <dave () farber net>
Date: Tue, 26 Apr 2005 16:35:33 -0400
------ Forwarded Message From: "Trei, Peter" <ptrei () rsasecurity com> Date: Tue, 26 Apr 2005 15:25:38 -0400 To: <dave () farber net> Subject: RE: [IP] STATE DEPT. TO RETHINK PRIVACY SUPPORT IN RFID PASSPORTS For IP, if you wish... I'm afraid I can only give a one-and-a-half cheers for this proposal. From a technical and security point of view, it's half-baked. While this certainly prevents silently skimming the data off of a passport, it may still endanger American citizens abroad. It's not clear from the description if the chip remains utterly silent in the absence of it's specific key. If this is not the case - if it responds to an energizing field by announcing its presence - then it's still the electronic equivalent to wearing a US flag on your back. As such, it imposes needless dangers on Americans. Since the claimed intended use is now to optically scan the passport's barcode for the chip's key, and then use that to unlock the chip, why is a wireless component needed at all? Why not embed a smartcard chip in the cover, with the contacts exposed on the inside? That *would* be secure against remote scanning, and allow much more capable chips to be used. Peter Trei ------ End of Forwarded Message ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on STATE DEPT. TO RETHINK PRIVACY SUPPORT IN RFID PASSPORTS David Farber (Apr 26)