Forgot your password?
typodupeerror
Encryption Security

British "Secure" Passports Cracked 305

Posted by CowboyNeal
from the trust-us dept.
hard-to-get-a-nickna writes "The Guardian has cracked the so-trumpeted secure British passports after 48 hours of work: 'Three million Britons have been issued with the new hi-tech passport, designed to frustrate terrorists and fraudsters. So why did Steve Boggan and a friendly computer expert find it so easy to break the security codes?'"
This discussion has been archived. No new comments can be posted.

British "Secure" Passports Cracked

Comments Filter:
  • by DuranDuran (252246) on Friday November 17, 2006 @07:37AM (#16881956)
    > So why did Steve Boggan and a friendly computer expert find it so easy to break the security codes?

    He helped issue them in the first place? No, just joking.

    But seriously, he didn't, did he?
  • by AmiMoJo (196126) <mojoNO@SPAMworld3.net> on Friday November 17, 2006 @07:38AM (#16881960) Homepage
    Cracking the passports was inevitable, as is the cracking of the ID cards when they come in. Computer security on such a large scale is very, very difficult to get right.

    Many large companies have invested huge sums of money into trying to prevent their systems being cracked. Take cable/satellite TV providers for example. Looking at the government`s record on IT projects, it was obviously doomed to failure from the start.
  • News at 11 (Score:3, Insightful)

    by giorgiofr (887762) on Friday November 17, 2006 @07:38AM (#16881966)
    Governments fail. Shocking!
    Remember, kids: government intervention is good.
    • Re:News at 11 (Score:2, Insightful)

      by Anonymous Coward on Friday November 17, 2006 @08:52AM (#16882410)
      Er, I know this place is infested with raving Libertarians, but surely even you lot can manage to agree that border security is one of the few small areas that a Government has legitimate domain?
  • Easy to clone (Score:5, Interesting)

    by SomethingOrOther (521702) on Friday November 17, 2006 @07:44AM (#16881986) Homepage
    Home Office spokesman.
    "If you were a criminal, you might as well just steal a passport."

    Missing the point dude.
    If my passport gets stolen, I report it. It gets cloned, I've no idea somebody is impersonating me, screwing up my life (and others).
    Please people, support NO2ID [no2id.net] and tell Blair where to shove his flawed ID cards and CCTV cameras.
    • by Colin Smith (2679) on Friday November 17, 2006 @07:56AM (#16882048)
      It means you can get away with all sorts of stuff and then claim "It wasn't me mate", someone must have cloned my passport.

      We do have some complete fuckwits in charge. Of course, we do have some complete fuckwits voting for them, so it kind of balances out. Someone care to suggest an improvement on democracy?

       
      • by Shemmie (909181) on Friday November 17, 2006 @08:00AM (#16882064)
        Democracy works. We just need to thin the population down a little. I suggest a set of tests, and then firing squads.
      • by Anonymous Brave Guy (457657) on Friday November 17, 2006 @08:05AM (#16882086)

        We don't have a democracy, in either the pure form (which is an unworkable ideal anyway) or the popular interpretation (which is much more sensible approach in practice).

        Blair has an absolute majority of MPs in Parliament, which effectively means he can force through almost anything. That doesn't mean an absolute majority of the electorate support him. Remember, Labour lost the popular vote in England at the last general election, and even with the support of MPs from our neighbour countries to prop them up, they still only received around 1/3 of the overall popular vote.

        Blair and co have gone about forcing laws through and creating legacies, but the simple fact is that they have no mandate to bring in the kinds of sweeping change they are championing, unless at the very least they also have support from the other main parties who brought in other people's votes. Clearly in many of these so-called anti-terrorism matters, they do not.

        • by Ngwenya (147097) on Friday November 17, 2006 @10:21AM (#16883278)
          Blair has an absolute majority of MPs in Parliament, which effectively means he can force through almost anything.


          Thankfully not anything, as the fiasco over the 90-day detention showed. What a stiff-necked dickhead he looked like after that. I guess it happens to all PM's eventually. They get quite convinced that anything is theirs for the demanding by virtue of their office. Maybe the Americans have got something in the two-term limit for PotUS.

          Blair and co have gone about forcing laws through and creating legacies, but the simple fact is that they have no mandate to bring in the kinds of sweeping change they are championing, unless at the very least they also have support from the other main parties who brought in other people's votes. Clearly in many of these so-called anti-terrorism matters, they do not.


          Sadly, none of this is confined to the current government. I'm old enough to remember when the Thatcher government introduced the Poll Tax for Scotland alone, using purely English Tory votes to force the stupid idea on an unwilling Scotland. It all went pear-shaped when it was introduced onto an equally unwilling England the next year, but it does go to show that introducing unpopular legislation without any shred of popular mandate is a time-hallowed tradition in the UK. In the end, liberty and such like find a way through, but a lot of damage can be done in the meantime.

          Do you think PR would make a sufficiently significant change to stop ill-conceived legislation from being forced through? One thing I would love to see is for the (reformed) House of Lords to have the power to block a bill for one Parliamentary session. If the government feels that strongly about the legislation, it can call an election and have the bill passed on the back of popular mandate. Alternatively, it can wait and introduce it after the lifetime of the current Parliament. But if the HoL vetoes a bill which has been explicitly mentioned in the government's manifesto, then they must pass it. A sort of updated Salisbury Convention.

          --Ng
      • by ResidntGeek (772730) on Friday November 17, 2006 @08:11AM (#16882116) Journal
        Someone care to suggest an improvement on democracy?
        Democracy's not the root problem. It's the scale. Nothing will work well on a scale this large. There are too many competing interests among a population of millions to satisfy anyone fully, much less everyone.

        Of course, that's not even close the complete problem. No major wars for two generations, service economies, mass-media conglomeration, and plain stupidity and/or apathy by the public all contribute to the current problems. But democracy (indeed, most politcal systems) does work on a small scale. Decentralized government is the way to fix the world, and because of military needs, it'll never happen.
      • by Khuffie (818093) on Friday November 17, 2006 @09:44AM (#16882846) Homepage
        Abolish parties. Each man runs on his own.

        Oh, and anyone who wants to run for president should be automatically disqualified.

        • by Alioth (221270) <no@spam> on Friday November 17, 2006 @09:55AM (#16882962) Journal
          You may think that a non party political system is a panacea - it isn't - it winds up being worse than a dictatorship because you just don't know who you're going to end up having in government or what their policies will be after each general election. I live somewhere where nearly all the candidates are independents, and there's no real party political system. Our election is next Thursday. I have NO IDEA what sort of government we'll have after Thursday. Not a clue. I don't even know who will be Chief Minister. We elect our members of parliament and then they decide.

          When the government does form, it's all political horse trading and who's done favours to who because there is no party system binding one side or other together. They all collectively hush up scandal, and if one minister disagrees with government policy the Chief Minister sacks them. All that then happens is the Government typically just copies what the UK government does.

          A party political system might suck, but it's the best we've come up with - a rabble of independents is much, much worse.
    • by martin (1336) <maxsec@gmai[ ]om ['l.c' in gap]> on Friday November 17, 2006 @08:10AM (#16882108) Journal


      I heard John Reid on radio on Wed justifying ID-Cards by saying it would stop identity theft..I nearly crashed the car I was so mad.

      ID-cards will get 'cloned'/copied eventually too. Technology on it's own isn't a cure-all.
      • by ajs318 (655362) <sd_resp2@NOspAm.earthshod.co.uk> on Friday November 17, 2006 @08:52AM (#16882412)
        Indeed. In order to get an identity card in the first place, you have to prove your identity with something. Whatever that something is, could just as easily be used by someone pretending to be you. Or you could just use that something to prove your identity in the first place, negating the need for the card.

        If I had known ten years ago that all this was going to happen, I would have signed up for my electricity, gas, water and telephone services all in different names -- and encouraged everyone I knew to do the same.
    • Re:Easy to clone (Score:2, Informative)

      by protactin (206817) on Friday November 17, 2006 @08:31AM (#16882258) Homepage
      Please people, support NO2ID [no2id.net] and tell Blair where to shove his flawed ID cards and CCTV cameras.

      Also, 10 Downing Street have now made it easy for you to petition against the introduction ID cards [pm.gov.uk].
    • Re:Easy to clone (Score:2, Interesting)

      by Xzerix (977030) on Friday November 17, 2006 @09:14AM (#16882580)
      Just clicked on NO2ID.

      Register now! Just give us your full name, and address including postcode!

      What else would they like? DNA sample, fingerprints?
  • How indeed ... (Score:3, Informative)

    by spellraiser (764337) on Friday November 17, 2006 @07:47AM (#16881996) Journal

    I just finished reading the article.

    In short, the weakness lies in the fact that although DES3 is used to encrypt the communication between the passport chip and the reader, the key is based upon data that's available on the passport:

    By last month, Booth, Laurie and I each had access to a new biometric chipped passport and were ready to begin testing them. Laurie's first port of call was the ICAO's [International Civil Aviation Organisation] website, where the organisation had published specifications for the new travel documents. This is where he learned that the key to opening up the secure chip was contained in the passports themselves - passport number, date of birth and expiry date.
    ...
    The Home Office has adopted a very high encryption technology called 3DES - that is, to a military-level data-encryption standard times three. So they are using strong cryptography to prevent conversations between the passport and the reader being eavesdropped, but they are then breaking one of the fundamental principles of encryption by using non-secret information actually published in the passport to create a 'secret key'. That is the equivalent of installing a solid steel front door to your house and then putting the key under the mat.

    • Re:How indeed ... (Score:5, Insightful)

      by pe1chl (90186) on Friday November 17, 2006 @07:55AM (#16882044)
      This is because the encryption is not supposed to make the content inaccessible.
      The reader at the cutoms employee's desk has to be able to read the passport data. It has to know the key.
      Instead of installing a super-secret key in all readers around the world (and having to pray that it does not somehow leak out), the designers opted to use a separate key for each passport and have it printed on the passport itself, so that it can be used by the reader.
      This is only intended to protect against the "reading in the metro" scenario. Not to protect against reading your own passsport using an RFID reader.

      Also, many scenarios written after such discoveries assume that the readability of the data implies it can be modified to commit fraud. This is not true. The data is signed using public-key encryption, and modifications are easily detected by the reader.
      • Re:How indeed ... (Score:5, Informative)

        by xoyoyo (949672) on Friday November 17, 2006 @08:12AM (#16882126)
        If you read the TFA you'll find that it doesn't make any claims about being able to modify the data. It does however go on to list the ways an attacker might retrieve the data and make use of it.

        To be fair to the system designers it does make the whole system a little more secure in that the data on the chip has to be matched with the paper information. But only a little: if I found someone who looked sufficiently like me AND I could gain access to their passport the system is just a compromised. Arguably moreso as the claimed extra security will lead to an unjustifiable rise in trust.

        Considering the following scenario: a crooked hotel clerk (in Europe you usually have to show your passport when checking in) takes your passport "to be photocopied". Using the key information on the passport they clone every passport that comes their way. This way they can build up a stock of passports matching all conceivable faces to be resold. This actually becomes more useful the longer the system is in operation as the ten years of a usual passport's lifespan can make your face change dramatically.

        The end result is a system only marginally more secure than before.
  • by geoff lane (93738) on Friday November 17, 2006 @07:51AM (#16882018)
    The dumb thing is that the personal information is SUPPOSED to be unencrypted - it's part of the spec. Thus, the 3DES (Ha Ha) encryption of the "hello" connection is irrelevant; though if the key really is based on public information it looks like someone really has lost the plot.

    In any case, isn't 3DES being phased out because the cost of cracking it has fallen dramatically recently?
    • by tonigonenstein (912347) on Friday November 17, 2006 @08:02AM (#16882076)
      sn't 3DES being phased out because the cost of cracking it has fallen dramatically recently?
      No. DES is easy to crack, but 3DES is quite secure. Its disadvantage compared to e.g. AES is its inefficiency.
    • by TheBogBrushZone (975846) on Friday November 17, 2006 @10:00AM (#16883022)
      In any case, isn't 3DES being phased out because the cost of cracking it has fallen dramatically recently?

      DES has been cracked by brute force in a short time for a limited cost but estimates are that DESede (or 3DES or whatever name you prefer) would still require milennia with current methods. The fault lies at the weakest link - the choice of encryption key.

      The problem is that with encryption of static data (i.e. in a situation where you can't use something like Diffie-Hellman to negotiate a random key) you need to store the key somewhere and you have lots of options both good and terrible, for example:
      1. Derive it from the public information in the data
      2. Store it in a database on a secure system to be retrieved when required
      3. Use the same key for all data

      Option 3 is prone to internal leaks (once your fixed key is out all of the passports are compromised) but option 1 (which was chosen) is prone not only to people leaking how the key is stored but also to crackers just playing around with the data to see what works, especially if you choose something really stupid and obvious like using an MD5 or SHA hash of the passport number (or worse just the raw unmodified number). This applies equally to the Rijndael (or AES) algorithm that is replacing DES or even public-private key encryption if your half-baked developer with his cushy government contract decides the private key should be embedded in the passport.
  • by ericlondaits (32714) on Friday November 17, 2006 @07:51AM (#16882022) Homepage
    The author of the piece (yeah, TFA) gets his panties in a bunch because the encryption key of the passport (which has the data encrypted with 3DES) is passport number, date of birth and expiration date. Then he says:
    So they are using strong cryptography to prevent conversations between the passport and the reader being eavesdropped, but they are then breaking one of the fundamental principles of encryption by using non-secret information actually published in the passport to create a 'secret key'
    What fundamental principle of encryption are they breaking? If anything, a fundamental principle of encryption is that there can't be such a thing as a "secret key" if you're either putting it in the passport or if you're deploying it to everybody that needs to scan passports (remember DVD encryption?).

    What's important is to have the data in the passport (along with the picture) digitally signed, in order to avoid tampering. The article claims that these passports are indeed signed and they didn't break the signature. Big surprise, since all they did was get a RFID reader and decrypt 3DES with the key right in front of them.
    "If you can read the chip, then you can clone it," he says. "You could use this to clone a passport that would exploit the system to illegally enter another country."
    Don't see how you can... but anyway an exploit would be a problem with the reading software, not with the passports. And it could be more easily patched after deployment.

    The article then presents some more valid points... but these have nothing to do with the basic encryption being broken. FUD mostly, surprise, surprise.
    • by Jah-Wren Ryel (80510) on Friday November 17, 2006 @08:07AM (#16882098)
      "If you can read the chip, then you can clone it," he says. "You could use this to clone a passport that would exploit the system to illegally enter another country."

      Don't see how you can
      Which part are you disputing?

      The, "if you can read it you can clone it" part?
      Or the, "you could use a cloned passport to exploit the system" part?

      I think the first is obviously true.

      I think the second only requires a small amount of imagination - clone a passport of someone who looks similar to you and you are good to go, especially since the customs agents will inevitably start relying on the computer to validate people rather than their own judgement.
      • by ericlondaits (32714) on Friday November 17, 2006 @08:16AM (#16882146) Homepage
        I think the second only requires a small amount of imagination - clone a passport of someone who looks similar to you and you are good to go, especially since the customs agents will inevitably start relying on the computer to validate people rather than their own judgement.

        You wouldn't even need to clone it for that... merely steal it. If agents inevitably start relying on the computer that's where the problem lies. The checking procedure could be designed in order to somehow "force" a visual ID.

        There's a lot you can innovate in that direction, which deals more with psychology than encryption. While making un-clonable passports would probably be a lot harder if not impossible.
        • by denebian devil (944045) on Friday November 17, 2006 @09:23AM (#16882664)
          You wouldn't even need to clone it for that... merely steal it. If agents inevitably start relying on the computer that's where the problem lies. The checking procedure could be designed in order to somehow "force" a visual ID.

          But if the passport is stolen, then it's possible for the rightful owner to report it as stolen, in which case when that similar looking person tries to use the passport to cross a border, the nice officer doesn't need to bother doing a visual check because the computer would signal the officer that the passport was stolen, starting a whole other set of more detailed investigations.
        • by finkployd (12902) on Friday November 17, 2006 @10:14AM (#16883196) Homepage
          You wouldn't even need to clone it for that... merely steal it.

          Ah, but then the owner would realize it was missing and report it. This way nobody is the wiser.

          If agents inevitably start relying on the computer that's where the problem lies.

          If...IF?!!! Are you on crack? OF COURSE they will rely entirely on the computer. That is what computers are for. They never make mistakes, and they never lie. Mark my words, the first couple of people who's passports are cloned by terrorists, criminals, etc. will face significant penalties and it will be even HARDER for them to prove their innocence.

          "You claim it was not you, but we tracked your passport which you never reported stolen and you have in your possession. The evidence is incontrovertible."

          While making un-clonable passports would probably be a lot harder if not impossible.

          True, it is much easier to throw a bunch of money at a problem and act like you made an un-clonable passport, then treat it as such in court.

          Finkployd
      • by mikerich (120257) on Friday November 17, 2006 @08:36AM (#16882280)
        I think the second only requires a small amount of imagination - clone a passport of someone who looks similar to you and you are good to go, especially since the customs agents will inevitably start relying on the computer to validate people rather than their own judgement.

        Yep - just think how often your credit card signature is actually checked against that on the slip. Over here in the UK we've moved to chip 'n PIN, but a couple of recent trips to America really shocked me - my signature was NEVER checked against that on the card and on several occasions I paid using a terminal where the card was swiped, no PIN needed, no signature.

        Passports and ID cards are going to go the same way. The government is telling us the passports/cards are guaranteed unforgeable so the users of the card are going to assume the card is the 'gold standard' for identity. If the card says it is genuine, then let that person through, don't worry about double-checking - the system has to be right doesn't it?

        • by Venner (59051) on Friday November 17, 2006 @09:13AM (#16882566)
          You'll probably find this guy's experience both amusing and utterly appalling. How far can you really go with credit card signatures?
          http://www.zug.com/pranks/credit/ [zug.com]

        • by virtual_mps (62997) on Friday November 17, 2006 @09:28AM (#16882708)
          Yep - just think how often your credit card signature is actually checked against that on the slip. Over here in the UK we've moved to chip 'n PIN, but a couple of recent trips to America really shocked me - my signature was NEVER checked against that on the card and on several occasions I paid using a terminal where the card was swiped, no PIN needed, no signature.

          And thank god for that--I really don't need to be held up in line because some junior private eye behind the checkout counter thinks he's a handwriting expert because of what he just learned on the latest crime drama. Signatures are a useless element in any security program, because most people can't tell a real signature from a forgery. (In practice, a forger is more likely to have a signature which matches that on the card than a legitimate card holder in a hurry.)
        • by ericlondaits (32714) on Friday November 17, 2006 @10:00AM (#16883020) Homepage
          I certainly agree that making sure the checks are made is an issue. But the willingness of a store employee to check my personal data shouldn't be the same as a federal agent in a more critical situation.

          You could mandate a delay in authorizations (like Firefox does with downloads and extensions) during which the agent could check the face... you could have the agent's screen next to the window where the traveler is, so the photo would appear right next to the face... you could have the software take a picture from the traveler and present the agent with five different traveler photos plus the one from the passport and have him match both, in order to make sure he checks it. And that's just off the top of my head. I believe some good schemes could be devised that tie the automatic check to some task that would encourage or mandate the agent to perform a good visual ID.

          I'm sure it's much easier to build a secure process than to build a secure passport.
    • by Colin Smith (2679) on Friday November 17, 2006 @08:16AM (#16882150)
      You can clone the passport, as the article says the facial biometric is a joke, 20-25% false positives or negatives. Which leaves just the photo, a bit of makeup, coloured contacts, hair dye. So essentially the new passport is no better than the old one but gives people the warm fuzzy feeling that all is right with the world because the computer says so.

       
    • by archeopterix (594938) on Friday November 17, 2006 @08:25AM (#16882218) Journal
      "If you can read the chip, then you can clone it," he says.
      Don't see how you can... but anyway an exploit would be a problem with the reading software, not with the passports.
      The "read -> clone" implication might be a bit of an overstatement, but if the chip identifies itself (and the passport) to the reader by revealing _all_ of its contents, then the only barrier to cloning is the availability of programmable RFID chips. Cryptographically speaking (*), they could have done better. There exists something called zero knowledge protocols [wikipedia.org] which makes it possible to identify a party without revealing the secret information used for identification, i.e. without helping the potential cloner.


      (*)I don't know whether RFID chips are capable of implementing zero knowledge protocols (they require some computing power), but if they can handle 3DES, then the answer is probably yes.

    • by CortoMaltese (828267) on Friday November 17, 2006 @08:31AM (#16882256)
      The encryption and message authentication keys for the so called basic access control, specified by ICAO, are based on the machine readable zone of the passport. It's the funny lines at the bottom of the passport, with a lot of filler characters '<'. Passport number, date of birth, and expiration date are the only fields that have a check digit, which is why they were chosen as the base for the keys. The entropy is not very high, especially because the fields are not random.

      The machine readable zone was chosen for key seed, because it is already there, and the readers are already there. I guess the idea is that it's better than nothing. It makes eavesdropping and cloning slightly harder than without. But just slightly. It is indeed possible to do both without very much effort. Forging (i.e. creating a passport with phony information but with a correct digital signature) is another story, very hard.

      The EU is going to mandate the use of so called advanced security mechanisms, a.k.a. extended access control, for biometric passports that contain sensitive data, such as fingerprint or iris images. Such passports will have a Diffie-Hellman key exchange for encryption and message authentication, and a PKI based terminal authentication for granting access to sensitive data. The EAC spec [www.bsi.de] is available from German BSI by request.

      Oh, and before someone shouts that all RFID tags should burn in hell, I'll just say that the passport chips are contactless, or RFID, smart cards, and have next to nothing to do with RFID tags. The chips can, among other neat things, perform RSA operations using 2K-bit keys in reasonable time. Cracking the actual chip is very difficult.

      • by Xugumad (39311) on Friday November 17, 2006 @09:12AM (#16882562)
        > The entropy is not very high, especially because the fields are not random.

        The entropy is a joke. Expiration date - what's the lifespan of a UK passport (don't have mine to hand, or I'd check)? That's your window for expiration date. Most people will replace passports before they expire, so you can even shorten that window. Not to mention, it's a date, which severely limits the number of valid values. Date of birth? A little harder; if you can see the person, you can get an idea of likely birth years though, and birthdays are not exactly evenly distributed throughout the year. Only passport number is going to hard to figure out, and if they're numbered sequentually (probably are) it's not that hard.

        Sure, it's not going to be possible to get it on the first attempt, but it's also not what you'd call secure.
        • by CortoMaltese (828267) on Friday November 17, 2006 @09:27AM (#16882704)
          The BSI EAC spec I referred to in grandparent actually contains some analysis of the basic access control, and an approximation of the maximum key strength for passports valid for 10 years. It's 56 bits for documents with random numeric passport number, and 73 bits for documents with random alphanumeric passport numbers. But the passport numbers are, as you said, usually sequential.

          Even so, the spec goes on to mention that cracking the key still requires more effort than obtaining the less-sensitive information from other sources.

    • by eraserewind (446891) on Friday November 17, 2006 @09:43AM (#16882834)
      Why would you want to tamper an already perfectly good passport? It's cloning of perfectly good passports that they need to prevent.
    • by thebdj (768618) on Friday November 17, 2006 @09:54AM (#16882944) Journal
      What fundamental principle of encryption are they breaking? If anything, a fundamental principle of encryption is that there can't be such a thing as a "secret key" if you're either putting it in the passport or if you're deploying it to everybody that needs to scan passports (remember DVD encryption?).
      Okay, that you for showing you have no understanding of cryptography. The problem with DVD encryption is that is what a weak cipher. It is built on a 40-bit key (mistake one) and a stream cipher (potential mistake two). This weak encryption method was the real problem with CSS, not some fundamental flaw of cryptography. There are plenty of ways to have a true secret key. A secret key in cryptography is any symmetric key that is meant to be kept, well secret. These keys can be established using DH or by using an RSA keypair. Neither of these have been broken, and would be very secure for establishing keys for the RFID system.

      What's important is to have the data in the passport (along with the picture) digitally signed, in order to avoid tampering. The article claims that these passports are indeed signed and they didn't break the signature. Big surprise, since all they did was get a RFID reader and decrypt 3DES with the key right in front of them.
      Exactly! The 3DES key, well the two or three DES keys, was right in front of them because it was created from non-secret information stored in the passport. This means the data is publicly available and required no key information to read.

      I do not get your claim that this is total FUD. Your "secure" passport can be broken. I believe a good dose of Fear that is doesn't work, Uncertainty that it does work (cause it obviously doesn't), and overall doubt of the system is in order here. There are plenty of ways they could have successfully secured this system. It is a design flaw brought about by the failing to follow the "rules of cryptography" and that is something to be worried about.
      • by ericlondaits (32714) on Friday November 17, 2006 @10:15AM (#16883200) Homepage
        Okay, that you for showing you have no understanding of cryptography. The problem with DVD encryption is that is what a weak cipher. It is built on a 40-bit key (mistake one) and a stream cipher (potential mistake two). This weak encryption method was the real problem with CSS, not some fundamental flaw of cryptography.
        My understanding of cryptography is probably weak... yet I though that CSS was not broken because they cracked the weak cipher, but rather because whoever made the XING software DVD Player forgot to encrypt the decryption key or something like that. And anyway... since you're handing me the ciphertext (CSS encrypted DVD), the decryption key (in the player), and expecting me to use them to generate the plaintext (the digital video) I don't see how the scheme could be actually secure.

        Encryption is usually about everybody not having the password... so if every agent in an airport has it, or if every DVD player has it inside, there's no way it can be really secure. You basically want "everybody" to decrypt the data... not a surprise if they're able to.
  • by Red Moose (31712) on Friday November 17, 2006 @07:54AM (#16882036)
    Why was it easy to crack the passports? Because they never had anything to do with security, dumbass. Like all other contracts, the purpose was to make money by taking it from the population that gave it up in taxes.

    The world, QED.

  • by testadicazzo (567430) on Friday November 17, 2006 @07:55AM (#16882042) Homepage
    from the article:
    irst it is necessary to explain why the new passports were introduced, and how they work.After the 9/11 attack on the World Trade Centre, in which fake passports were used, the US decided it wanted foreign citizens who presented themselves

    Is this true? I had the impression that the 911 terrorists had valid ID, but I haven't read the 911 commssion report...

    Can somone point me to some information confirming or disproving this assertion?

  • by Big Nothing (229456) <big.nothing@bigger.com> on Friday November 17, 2006 @08:01AM (#16882068)
    FTA: "Remember, information - such as a new picture - cannot be added to a cloned chip."

    I believe the missing word is "yet".

  • As usual, it leaks (Score:3, Insightful)

    by TrueKonrads (580974) on Friday November 17, 2006 @08:04AM (#16882084)
    As usual, the RFID passport leaks information and is easy to clone.
    I don't want to sound trollish, but the major force behind biometric passports worldwide is Homeland Security in USA: "You want visa free entrance to US? Make biometric passports!". Honestly, this is plain bullying.
    Besides, if the border guard thinks the passport is "secure", then he'll spend less time thinking about that person and just rely on the big "OK" that pops on his screen when he swipes the thing instead of evaluating the person with his brain and guts.
    TFA mentions brute-force protection. For a thing, like credit card, that can be replaced within 3-5 days, it's ok, but for a passport, that some joker "brute-forced" and now it is locked, it is really tragic, especially if You are away from home and this is Your only ID.
    I think that the ID should be un-trivial to counterfeit. It should deter "common" people from tampering with it for some small, petty crimes. For well funded operations, obtaining a real passport isn't a problem - bribe the migration official and he issues You one on whatever name.
    My slightly watered point is - ID should be used for "some" identification. Trust is a human thing and not machine solvable.
    Heck, Your motherboard may be bugged right now by some weird conspiracy and no matter what security measures You take, such as bug sweeps or cable checks, You're screwed already since CIA and NSA and Mossad altered the CPU. It's a human thing.
    • by will_die (586523) on Friday November 17, 2006 @08:41AM (#16882332) Homepage
      I don't want to sound trollish, but the major force behind biometric passports worldwide is Homeland Security in USA: "You want visa free entrance to US? Make biometric passports!".
      Not really the plans for the electronic passport started in the 1990 by the UN's ICAO, the first set of written/approved plans came in early 2002, it was agreed to by the member of ICAO in 2004. In the agreement they said they would implement and require its use. The US got the members to move up the time table, and implement it, not really being strong armed about it.
      Now before the RFI system you did have the machine readable bar code. This was implmented in the early 80s, then around 1986 28 countries standarded on the ICAO format and opened up thier borders to fellow members with no visa. In 2004 the US did start requiring(along with a few other countries) that they would only accept the passport of fellow members of the visa waiver program that had the bar code in them, so thoses people with passports around 25 years old would need to get new passports.

      The US is not completly free of the bulllying, in thier passports they are making the encryption harder then the one used by the ICAO and used in these UK passports and because of that some contries are having to purchase different equipment then originally planned.
    • by kahei (466208) on Friday November 17, 2006 @10:19AM (#16883248) Homepage
      Besides, if the border guard thinks the passport is "secure", then he'll spend less time thinking about that person and just rely on the big "OK" that pops on his screen when he swipes the thing instead of evaluating the person with his brain and guts.


      Good. I've been evaluated by the 'brain and guts' of a few immigration officials in my life and I haven't acquired much faith in the process. Better a flawed electronic system than a guy who just won't let you in because he doesn't like the way you look.

  • by Tainek (912325) on Friday November 17, 2006 @08:12AM (#16882132)
    And Again, We the british Public ask, what exactly have we gained from being forced to pay over our hard earned cash for these cards?
  • by OeLeWaPpErKe (412765) on Friday November 17, 2006 @08:19AM (#16882160) Homepage
    That would enable very cheap readers to authenticate passports and holders, and no option to fake it.

    Even if people were to succeed in faking it, a criminal (let's not go down the terrorist route for once) wouldn't be able to erase his old identity from the books without deep inside help, which would probably be noticed by too many people.
  • by dpbsmith (263124) on Friday November 17, 2006 @08:20AM (#16882174) Homepage
    Oh, how I hate this kind of spin: "This doesn't matter," says a Home Office spokesman. "By the time you have accessed the information on the chip, you have already seen it on the passport."

    It matters a great deal because what they said couldn't be done can be done.

    It transpired a couple of years ago that some models of the expensive Kryptonite bicycle lock could be opened with a BIC pen. The Kryptonite company could have spun this by saying "This doesn't matter, because the security expert who demonstrated this didn't really steal the bicycle, and bicycle owners actually keep their valuables in their safe deposit boxes."

    What the Kryptonite company really did was acknowledge that this was a serious problem and recalled all the locks.

    Would that the UK government addressed the security problem instead of the PR problem.
    • by LordKronos (470910) on Friday November 17, 2006 @09:16AM (#16882598) Homepage
      It matters a great deal because what they said couldn't be done can be done.

      Well, until a cloned passport successfully makes it through one of their scanners, we don't know that it can be done. One possibility (though it's probably giving them too much credit to have thought of this) is that the passports actually contain 2 sets of data: one that is readable using all of the known key (as discussed in the article), and a second set that is only readable via a secret key. The purpose of the known key it to provide passport forgers with a red herring. They think "aha...I'm much smarter than them. They thought they had this secure, but they've screwed up, and now I've got the data". Then they clone it, try to get through customs with it, and...the forgery is detected. So now...how did it fail? Did they screw up during the cloning? Who knows?

      Its easy to crack a system when you can brute force it in private. It's a lot more difficult when you've got one attempt with someone standing there watching.

      Again, I doubt this is the case, but it's a possibility.
  • two things (Score:3, Insightful)

    by tonigonenstein (912347) on Friday November 17, 2006 @08:21AM (#16882176)
    1. I don't understand why they use RFID. If you are not supposed to read it from further than two centimeters then why not use a contact chip (smartcard) ? It would be as practical to read and you would be sure that no one could read it without your knowledge. 2. The argument in the article that goes "if you can read it you can clone it" it completely bogus and make them sound like idiots. Have they never heard of challenge-request authentication ? The basic idea is that the reader authenticates the chip to ensure it is not a forged one. To do this you have a shared secret in both the chip and the reader. The reader then sends a random challenge to the chip, which encrypts it with the secret and send the result back. The reader does the same operation and compares the result. If it matches it considers that the chip knows the secret and is thus original.

    The key idea then is that the chip never sends the secret directly, so a cloner could never guess it, even if it could issue an unlimited number of challenges to the original chip. And without the secret, it cannot produce a clone that would authenticate.

    So in short to clone the chip you need more than the chip, you need to compromise the manufacturer of the system to get the secret.
    • by backwardMechanic (959818) on Friday November 17, 2006 @08:37AM (#16882294) Homepage
      But as I understand the article, the UK passport does not include any sort of challenge-response authentication - that's part of the problem.
    • Re:two things (Score:3, Insightful)

      by CortoMaltese (828267) on Friday November 17, 2006 @08:50AM (#16882394)
      1. They do use a smart card chip, it's just contactless, or RFID if you will. It's not a dumb RFID tag. The most time consuming operation at the border control is reading the face image from the chip. The protocols available in contact chips have almost an order of magnitude slower communication speeds than in the protocols for contactless chips. It matters.

      2. In the case of basic access control, as specified by ICAO, being able to read the chip means that you are able to clone the chip. It's a weakness in the protocol. Basically the big secret is printed on the passport (passport number, date of birth, expiration date), so it's not difficult to obtain. And even if you don't have physical access to the passport, the key entropy is low, which helps eavesdropping considerably. You don't have to compromise the manufacturer or anything. The big challenge is coming up with a passport book that passes as a real one.

  • by RedOregon (161027) <redoregon@@@satx...rr...com> on Friday November 17, 2006 @08:33AM (#16882264) Homepage Journal
    So how long will it be before someone calls for their arrest and they get thrown in jail?
  • by eraserewind (446891) on Friday November 17, 2006 @08:39AM (#16882312)
    Hadn't seen articles posted from someone's Slashdot journal to the front page before. Is this a new trend or just a random occurrence?
  • by bWareiWare.co.uk (660144) on Friday November 17, 2006 @08:41AM (#16882336) Homepage
    How much happier would /. be it they based the security of the nation on a system that assumed you could make it imposible to copy digital data?

    For once the experts got it right and realised the chips would always be copyable - and concentraited on making them unmodifiable!

    The encription was only to stop people skiming your passpord whilst it is in your pocket (think Tin Foil Hat), and this has certanly not been broken. By using a unique key for each passport and not doing a centerilised lookup for each read makes this a very very secure system.

    Why they used a contactless system in the first place, and what they will do when the signing is cracked are totaly diffrent matters.
  • by ajs318 (655362) <sd_resp2@NOspAm.earthshod.co.uk> on Friday November 17, 2006 @08:42AM (#16882342)
    Have we learned nothing?

    The article states that if you can see the human-readable part of the passport, or even just take a good guess at the details, you can extract the rest of the data from the RFID chip -- and clone it. Encryption is used to ensure that nobody can eavesdrop on a transaction once initiated, but that doesn't help the fact that every transaction is presumed legitimate -- and the very nature of RFID means that you aren't always able to know that a transaction is taking place. If there isn't a human being checking passports, just a machine -- and one day, that is exactly how it will be -- one of those cloned RFID chips will be enough to get you past it.

    Attempting to automate people out of the loop is asking for trouble, because we can always know what tests a machine is performing and falsify the results. Criminals are not stupid -- and smart people can often be bought. If the anticipated returns are high enough, you can be sure that someone will put up the stake. Security through obscurity is worse than no security, because it leads people to believe that their details are safe when they are not.

    By the way, if you want to see how easy it is to commit identity theft, start here [google.co.uk].
  • by Anonymous Coward on Friday November 17, 2006 @09:03AM (#16882490)
    How is this cracked?

    The passport functioned as designed. The only thing the key is designed to prevent is remote surreptitious downloading of the data from the chip. If you hand someone the passport, what sort of privacy do you expect?

    Call me when they can successfully ALTER the chip data and create a valid digital signature. Merely copying the data won't help.
  • by segedunum (883035) on Friday November 17, 2006 @09:10AM (#16882550)
    See. I told you no one beats the British Government for incompetence for very long:

    http://it.slashdot.org/comments.pl?sid=206936&cid= 16872562 [slashdot.org]
  • Clueless (Score:3, Insightful)

    by delt0r (999393) on Friday November 17, 2006 @09:18AM (#16882612)
    This reporter is clueless. I stoped reading when he/she said that 3DES is "military encryption times 3". DES was a civ cyper by desgin and was "broken" a long time ago due to weak keys and such a small key space. 3DES was quick fix and is still used and is still OK in some situations. But it is not military standard (I think AES is however).

    As others above have stated, this is not "cracked" either and they are unable to change the data on the chip. Futhermore they need to read the inside page of the passport to "sniff" for the chip data. I would be happier however, with a contact card rather than contanctless....
  • by jonwil (467024) on Friday November 17, 2006 @09:24AM (#16882676)
    Basicly, the machines owned by the various governments would encrypt the data with a key belonging to that government (e.g. the UK has a machine) and then the machines at the airports (if the airports are fancy enough to be able to read the machine readable part of the passport) use a matching public key.
    As only the government would have the private part of the key, only the government can encrypt data that the processing machines can read (and for those who say the keys will be stolen, look at things like the RSA signing key for XBOX 1 binaries, that hasnt been stolen, brute forced or otherwise obtained yet.
  • So What? (Score:3, Insightful)

    by Luscious868 (679143) on Friday November 17, 2006 @09:25AM (#16882684)
    The question isn't whether it's crackable. You're never going to be able to make a 100% secure passport or any other type of identification for that matter. If you get a smart enough group of people together with the proper resources they will be able to crack it. The question is whether or not the technology in question is a cost effective improvement over it's predecessor.
  • A brief analysis (Score:2, Informative)

    by mjc82 (818189) on Friday November 17, 2006 @09:25AM (#16882686)
    The RFID chip makes it much more difficult to alter a stolen passport e.g. by replacing the picture, BUT if you have the resources to clone ALL of the security features and print your own passport, you can conceivably clone the passport without even having to see it. However, on top of the marginally increased cost of manufacturing cloned passports due to the inclusion of an RFID chip (and the possible scenario of having to perform the brute force attack) it is now necessary that the bearer of the fake passport resembles the image of the person stored with the data on the RFID chip. A question that remains unanswered is whether it is possible to create an entirely fake passport including an RFID chip with the "correct" fictional info and picture. If it was previously possible to do this, as I must assume it was, and the inclusion of the RFID chip does not make it "impossible" within current technical limitations, then nothing has been gained.

    My non expert analysis of the situation is that the entire system of passport control (whether they be conventional, machine readable, RFID, etc.) depends on the ability of the people chekcing the passports. It is up to them to confirm whether the person presenting the passport is actually the person depicted in the picture as well as confirm the authenticity of the document itself. All these security features, or rather ANY security features that might be added will only serve to make it more difficult and expensive to acquire a fake passport that "works". These new security measures may not guarantee 100% the validity of the passport but it is a move in the right direction and better than nothing changing at all. Given the relatively strict time constraints placed by the US government I have to say that in my mind this particular technology is adequate for the time being. I must admit I have not seen or heard an alternative which might feasibly have been implemented within the same time frame on such a large scale. Do I believe that it is possible for a system to be devised that automatically confirms identity with 100% certainty? Possibly. Do I want that sort of security, no! The better these automatic systems become the easier they can be abused by people who are more concerned by their own pockets rather than my safety & privacy.

    As a side note, the article refers to a study where supermarket checkout cashiers were shown to fair badly at the task of matching faces to photos, however I would like to believe that those working in passport control have not only been specifically trained for this task but are also naturally better at it.

    The jist of the article is that they don't believe the security added by the RFID chip is worth what was paid for it not that it is inherently making the situation any worse.

  • by hotdiggitydawg (881316) on Friday November 17, 2006 @09:41AM (#16882798)
    From TFA:

    The Home Office thinks not. It correctly points out that the information sucked out of the chip is only the same as that which appears on the page, readable with the human eye. And to obtain the key in the first place, you would need to have access to the passport to read (with the naked eye) its number, expiry date and the date of birth of its holder.

    "This doesn't matter," says a Home Office spokesman. "By the time you have accessed the information on the chip, you have already seen it on the passport. What use would my biometric image be to you? And even if you had the information, you would still have to counterfeit the new passport - and it has lots of new security features. If you were a criminal, you might as well just steal a passport."

    OK... so "the information sucked out of the chip is only the same as that which appears on the page", and "By the time you have accessed the information on the chip, you have already seen it on the passport.".
    • The only information you can get out of the chip is already printed in the passport
    • In legitimate circumstances, contact is still required to obtain the key to read the RFID chip
    • In illegitimate circumstances, anyone can get the key with a bit of detective work and/or social engineering
    • Most passports are already machine-readable (optically) anyway, regardless of whether they are chipped or not

    Anyone care to enlighten me what the fucking point is of even having a chip in the first place?
  • FUD (Score:3, Insightful)

    by slb (72208) * on Friday November 17, 2006 @09:47AM (#16882874) Homepage
    It has not been cracked !

    As usual the journalist is confusing everything. What these bozos have done is just read the content of the RFID chip exactly in the same way a custom officer would have done: using the key which is *printed* on the passport !

    Basically this chip do what it has been designed for: improve the difficulty to create fake passports.

    Now of course you have always some neo-luddites like those who are spreading FUD in order to sway opinions who will never read the details of the article and just remember the passports have been "cracked"

    Pityfull ....
  • by ccarr.com (262540) <(moc.rracc.todhsals) (ta) (rrac_sirhc)> on Friday November 17, 2006 @10:25AM (#16883316) Homepage
    Why would a criminal need to crack the encryption on a passport's RFID chip? An encrypted DVD can be copied bit-by-encrypted-bit to another DVD and get played on any DVD player without the copying process needing to decrypt anything. If the encrypted information on the RFID contains nothing that isn't printed on the passport, what's the point?
  • by Prototerm (762512) on Friday November 17, 2006 @11:38AM (#16884494)
    Then it would be perfectly secure, because nobody would bother to read the chip, just pontificate endlessly on what they *believed* was on it.

How much net work could a network work, if a network could net work?

Working...