ICAO MRTD and eMRTD Standards and Specifications · ICAO MRTD and eMRTD Standards and...
33
ICAO MRTD and eMRTD Standards and Specifications Tom Kinneging Senior expert standardization, Morpho, Netherlands Convenor ISO/IEC JTC1 SC17 WG3
Transcript of ICAO MRTD and eMRTD Standards and Specifications · ICAO MRTD and eMRTD Standards and...
ICAO MRTD and eMRTD Standards and Specifications
Tom Kinneging Senior expert standardization, Morpho, Netherlands
Convenor ISO/IEC JTC1 SC17 WG3
ICAO‐ISO collaborationISO/IEC ICAO
JTC1
SC37 SC17
WG8 WG4 WG3
TF5TF4TF3TF2TF1
Council
ATC
TAG-MRTD
NTWG ICBWG
ISO/IEC 7501ICAO Doc 9303
• Part 1 - Machine Readable Passports, Sixth edition - 2006• Part 2 - Machine Readable Visas, Third edition - 2005• Part 3 - Machine Readable Official Travel Documents,
Third edition - 2008
Doc 9303
• Introduction• References and definitions• Security of design, manufacture and issuance
o Security standardso Machine assisted document security verificationo Prevention of fraud associated with the issuance process
• Technical specifications of MRPso Physical charasteristicso Layouts and zoneso Data structureso Representations of States, Nationalities, Dateso Three letter codeso Transliterationso Guidelines for portraits
Doc 9303 Part 1Machine Readable Passports
Doc 9303 Part 1• Data Page
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elements on back of data pageo Zone VII - Machine Readable Zone (2x 44 characters)
Doc 9303 Part 1• Data Page
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elements on back of data pageo Zone VII - Machine Readable Zone
Doc 9303 Part 1• Data Page
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elements on back of data pageo Zone VII - Machine Readable Zone
Doc 9303 Part 1• Data Page
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elements on back of data pageo Zone VII - Machine Readable Zone
Doc 9303 Part 1• Data Page
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elements on back of data pageo Zone VII - Machine Readable Zone
Doc 9303 Part 1• Data Page
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elements on back of data pageo Zone VII - Machine Readable Zone
• Introduction• Technical specifications for Machine Readable Visas• Technical specifications common to all MRVs
o Physical charasteristicso Security aspectso Layouts and zoneso Representations of States, Nationalities, Dateso Machine reading requirementso Three letter codeso Transliterations
• Technical specifications for format-A MRVs• Technical specifications for format-B MRVs
Doc 9303 Part 2Machine Readable Visas
Doc 9303 Part 2• MRV-A
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VII - Machine Readable Zone (2x 44 characters)
Doc 9303 Part 2• MRV-B
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VII - Machine Readable Zone (2x 36 characters)
74 +/- 1 mm
105 +/- 1 mm
• Introduction• References and definitions• Security of design, manufacture and issuance
o Security of the MRtd and its personalizationo Machine assisted document security verificationo Prevention of fraud associated with the issuance process
• Technical specifications common to both Size 1 and Size 2o Physical charasteristicso General layouts and zoneso Representations of States, Nationalities, Dateso Three letter codeso Transliterationso Guidelines for portraits
• Technical specifications unique to Size 1o Dimensionso Data structures
• Technical specifications unique to Size 2o Dimensionso Data structures
Doc 9303 Part 3Machine Readable Official Travel Documents
Doc 9303 Part 3• Size 1
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elementso Zone VII - Machine Readable Zone (3x 30 characters)
Doc 9303 Part 3• Size 2
o Zone I - Headero Zone II - Personal data elementso Zone III - Document data elementso Zone IV - Signatureo Zone V - Identification featureo Zone VI - Optional data elementso Zone VII - Machine Readable Zone (2x 36 characters)
74 +/- 1 mm
105 +/- 1 mm
Doc 9303 Part 1/3, Volume 2• Physical document
o Data Pageo Personal and Document data elementso MRZo Physical security features
• Electronic documento RFID chipo Personal and Document data elementso MRZo Electronic security features
Electronically enabled MRTDs
Doc 9303 Part 1/3, Volume 2• RFID chip
o High capacityo Independent of location in documento Capable of performing cryptographic operationso Existing standards (ISO/IEC)
• Biometrics - Faceo Least cultural obstructionso Everybody has ito Capture at a distanceo Interoperable (image)o Also usable without biometric verification
Doc 9303 Part 1/3, Volume 2• Logical data Structure (LDS)
o Data Group 01 - Machine Readable Zoneo Data Group 02 - Encoded faceo Data Group 03 - Encoded fingerso Data Group 04 - Encoded Iriseso Data Group 05 - Displayed portraito Data Group 06 - Reserved for future useo Data Group 07 - Displayed signature or usual marko Data Group 08 - Data featureso Data Group 09 - Structure featureso Data Group 10 - Substance featureso Data Group 11 - Additional personal detailso Data Group 12 - Additional document featureso Data Group 13 - Optional detailso Data Group 14 - Security options for secondary biometricso Data Group 15 - Active Authentication public key infoo Data Group 16 - Persons to notify
Doc 9303 Part 1/3, Volume 2• Electronic security
o Basic Access Controlo Passive Authenticationo Active Authenticationo Public Key Infrastructure
• You can’t read a closed booko Hand over willinglyo Open passport book
• Skimmingo Unauthorized contacting and reading
• Eavesdroppingo On existing communications
Basic Access ControlPrivacy protection
???
• Machine Readable Zoneo Document Numbero Date of Birtho Date of Expiry
• Anti Skimmingo Access to the chip
• Anti Eavesdroppingo Encrypted communications
Basic Access ControlPrivacy protection
• Digital Signatureo Cryptographic operationo Calculated over LDS Data Groups contentso Stored on the MRTDs chipo Verifiable at inspection
• Private / Public key pairo Private Key for signingo Public Key for verification
Passive AuthenticationIntegrity and Authenticity
• Digital Signatureo Private Key in chip’s secure memoryo Public Key in LDS Data Group 15
Active AuthenticationAnti copying
12345
@!#^&
Passive Authentication√
√
• Digital Signatureo Private Key for signingo Public Key for verification
• Private Key safe keepingo Confidentialityo HSM
• Public Key distributiono Trusto Authenticityo Integrityo Public Key Certificate
Public Key Infrastructurefor Passive Authentication
• Document Signer• DS certificate
o Trusto Many documentso Short lifetimeo Automated distribution
• Document Signer• Country Signing Certification Authority
o Not so many Document Signerso Longer lifetimeo CSCA certificateo Manual (bilateral) distributiono Trust
DS
DS
CSCA
CSCA
CSCA
CSCA cert.
DS cert.
Public Key InfrastructureCertificates
• CSCA Master Listo State-to-State serviceo Automated distribution
State WState X
State Y
State ZX
Y
Z
Sign_W
W
State A
Z
Sign_Z
W
A
Public Key InfrastructureCertificates
• Master List Signer• Master List Signer certificate
o Signed by CSCAo Automated distribution
DS
DS
CSCA
CSCA
CSCAMLS
CSCA
MLS cert.
CSCA cert.
DS cert.
ML
Public Key InfrastructureCertificates
• Private Key compromisedo Trust in certificates damagedo Trust in ePasports damaged?
• Inform relying parties• Certificate Revocation List (CRL)
o Signedo Revoked certificateso … or Nullo Automated distribution
Public Key InfrastructureRevocation
• Document Signer certificateso ePassport chipo PKD
• Country Signing CA certificateso Bilateralo CSCA Master List
• CSCA Master Listso PKD
• Certificate Revocation List (CRL)o Bilateralo PKD
Public Key InfrastructureDistribution
• The PKD is a Central Repositoryo Upload and download facilitieso Document Signer Certificateso CSCA Master Listso Certificate Revocation Listso Doc 9303 compliancy reference and validation service
• The PKD is noto A Certification Authorityo An inspection systemo Replacing border control systems and policieso Preventing illegal entry
Public Key InfrastructureICAO Public Key Directory (PKD)
• Part 1 - Machine Readable Passports, Sixth edition - 2006o Volume 1 - Passports with Machine Readable data stored in OCR formato Volume 2 - Electronically enabled Passports with Biometric Identification Capability
• Part 2 - Machine Readable Visas, Third edition - 2005• Part 3 - Machine Readable Official Travel Documents,
Third edition - 2008o Volume 1 - MRtds with Machine Readable data stored in OCR formato Volume 2 - Electronically enabled MRtds with Biometric Identification Capability
The Doc 9303 standard
http://www.icao.int/security/mrtd/pages/default.aspx
THANK YOU
