Implementation based security analysis of the electronic passport · 2010. 4. 21. · Diploma...

Diploma Thesis

Implementation Based SecurityAnalysis of the Electronic Passport

Liu, Yifei

15.05.2007

Ruhr-Universitat BochumLehrstuhl fur Kommunikationssicherheit

Prof. Dr.-Ing. Christof Paar

Erklarung

Hiermit versichere ich, dass ich meine Diplomarbeit selbst verfasst und keine anderenals die angegebenen Quellen und Hilfsmittel benutzt sowie Zitate kenntlich gemachthabe.

I hereby certify that the work presented in this thesis is my own work and that tothe best of my knowledge it is original except where indicated by reference to otherauthors.

Ort, Datum Unterschrift

i

Acknowledgement

I would like to express my gratitude to all those who gave me the possibility to com-plete this thesis. I want to thank the chair for communication security at the RuhrUniversitat Bochum for giving me permission to commence the thesis. I have fur-thermore to thank Prof. Dr.-Ing. Christof Paar, Dipl.-Phys. Kerstin Lemke-Rust andDipl.-Ing. Timo Kasper for doing a great job in supervising my work, for their sug-gestions and encouragement. I also want to thank Dipl.-Ing. Tim Erhan Guneysu andIng. Martin Novotny for their helpful and detailed explanation of using the machine- COPACOBANA. My thanks goes also to three anonymous volunteers for offeringtheir electronic passports for this investigation.

Above all, I want to thank my parents and my wife for their love and support.

iii

Abstract

The electronic passport has been already introduced in Germany on November 1,2005. Just under 10 months later, on August 28, 2006, the new Dutch electronic pass-port also become available in the Netherlands. The goal of the adoption of the elec-tronic passport is not only to expedite processing at border crossings, but also toincrease security and to resist tampering. However, several months before the intro-duction of the Dutch electronic passport, it was already announced that the Basic Ac-cess Control protocol used to protect the flow of information between the electronicpassport and a passport reader was cracked by a Dutch firm and that happened evenin 3 hours on a standard PC.With this background, the thesis will also concentrate further on this topic. In thiswork, a theoretical and practical cryptanalysis against the Basic Access Control pro-tocol will be performed. It is based both on the German and the Dutch electronic pass-port. Thereby, a communication between the electronic passport and passport readerwill be established, in order to collect communication segments for analysis work.To search the access keys an optimum hardware approach will be implemented, thatruns on an FPGA-based machine, COPACOBANA, which is optimized for runningcryptanalytical algorithms and suitable for parallel computation problems.Parallel to the practical work, this thesis will also concentrate on the theoretical inves-tigations. The complexity of this cryptanalysis will be estimated with the informationentropy. Several concrete scenarios will be submitted, in order to simulate attacksagainst electronic passport system as real as possible.At the end of this thesis, two scenarios will be implemented and tested on COPA-COBANA. The implementations are based on both systems.

v

Contents

1 Introduction 11.1 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.2 Introduction to an RFID System . . . . . . . . . . . . . . . . . . . . . . . 2

1.2.1 RFID Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.3 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.4 Thesis Outline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2 Cryptographic Basics 72.1 Introduction to the Secure Hash Algorithm (SHA-1) . . . . . . . . . . . 8

2.1.1 Padding for Input Message . . . . . . . . . . . . . . . . . . . . . 82.1.2 Mode of Operation . . . . . . . . . . . . . . . . . . . . . . . . . . 9

2.2 Introduction to Data Encryption Standard (DES) . . . . . . . . . . . . . 122.2.1 Description of the Algorithm . . . . . . . . . . . . . . . . . . . . 122.2.2 f-Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142.2.3 The Triple DES . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.3 Introduction to the Cipher Block Chaining Mode (CBC) . . . . . . . . . 16

3 Electronic Passport 193.1 Machine Readable Zone (MRZ) . . . . . . . . . . . . . . . . . . . . . . . 19

3.1.1 Structure of MRZ . . . . . . . . . . . . . . . . . . . . . . . . . . . 193.1.2 Calculation of Check Digits . . . . . . . . . . . . . . . . . . . . . 20

3.2 Data Structure of the Electronic Passport . . . . . . . . . . . . . . . . . . 213.3 Data Authenticity and Integrity . . . . . . . . . . . . . . . . . . . . . . . 233.4 Data Confidentiality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

3.4.1 Description of the Basic Access Control Protocol . . . . . . . . . 253.4.2 Key Generator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263.4.3 Message Encryption . . . . . . . . . . . . . . . . . . . . . . . . . 27

4 General Aim and Framework of Analysis 294.1 Complexity of Searching Access Key . . . . . . . . . . . . . . . . . . . . 29

vii

Contents

4.1.1 Case Studies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314.1.2 Reduction of the Complexity . . . . . . . . . . . . . . . . . . . . 33

4.2 Analysis Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374.3 Basic Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404.4 Hardware Design Environment . . . . . . . . . . . . . . . . . . . . . . . 41

4.4.1 The COPACOBANA . . . . . . . . . . . . . . . . . . . . . . . . . 42

5 Implementation 455.1 Establishing Communication Relationship for Passport . . . . . . . . . 455.2 Hardware Design for Searching Access Key . . . . . . . . . . . . . . . . 47

5.2.1 Global Design Description . . . . . . . . . . . . . . . . . . . . . . 475.2.2 The Encryption Engine . . . . . . . . . . . . . . . . . . . . . . . . 505.2.3 Implementations based on Particular Scenarios . . . . . . . . . 53

6 Results 596.1 Operating Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596.2 Result of Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

6.2.1 Result of Scenario 1 . . . . . . . . . . . . . . . . . . . . . . . . . . 616.2.2 Result of Scenario 2 . . . . . . . . . . . . . . . . . . . . . . . . . . 61

6.3 Theoretical Estimation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636.3.1 For German Electronic Passport . . . . . . . . . . . . . . . . . . 636.3.2 For Dutch Electronic Passport . . . . . . . . . . . . . . . . . . . . 63

7 Conclusion and Future Work 657.1 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 657.2 Future Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

A Population Age Distribution 69

B Operation Results of BAC protocol Implementation 73

C An Exemplary Collection of MRZ 81

D Bibliography 83

viii

List of Figures

1.1 German Electronic Passport . . . . . . . . . . . . . . . . . . . . . . . . . 21.2 An RFID System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2.1 The Secure Hash Algorithm-1 . . . . . . . . . . . . . . . . . . . . . . . . 112.2 DES - Algorithm (left) and Key Schedule (right) . . . . . . . . . . . . . 132.3 The f-Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142.4 The triple DES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152.5 The Cipher Block Chaining Mode . . . . . . . . . . . . . . . . . . . . . . 16

3.1 An example of MRZ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203.2 Calculation of Check Digits . . . . . . . . . . . . . . . . . . . . . . . . . 203.3 Logical Data Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213.4 File tree according to ISO/IEC 7816-4 . . . . . . . . . . . . . . . . . . . 223.5 The structure of LDS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233.6 The BAC Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253.7 Access-Key Generator . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263.8 Session-Key Generator . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273.9 Message Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

4.1 The population age distribution in Germany in the year 2005 . . . . . . 344.2 Known dates of expiry reduce the search space . . . . . . . . . . . . . . 364.3 Architecture of the complete system . . . . . . . . . . . . . . . . . . . . 414.4 The machine - COPACOBANA . . . . . . . . . . . . . . . . . . . . . . . 434.5 COBACOBANA architecture . . . . . . . . . . . . . . . . . . . . . . . . 43

5.1 Overview of the structure of the implementation . . . . . . . . . . . . . 465.2 Layout of a single FPGA . . . . . . . . . . . . . . . . . . . . . . . . . . . 485.3 BAC analyst state machine . . . . . . . . . . . . . . . . . . . . . . . . . . 495.4 Stucture of the encryption engine . . . . . . . . . . . . . . . . . . . . . . 505.5 Stucture of SHA-1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515.6 Structure of triple DES . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

ix

List of Figures

6.1 Console output from COPACOBANA . . . . . . . . . . . . . . . . . . . 60

7.1 SHA-1 with pipeline principle . . . . . . . . . . . . . . . . . . . . . . . . 66

x

List of Tables

3.1 Key Length for Digital Signature Algorithms . . . . . . . . . . . . . . . 24

4.1 Device features of SPARTAN-3 XC3S1000 . . . . . . . . . . . . . . . . . 42

xi

List of Tables

xii

Chapter 1

Introduction

The adoption of the electronic passport for human identification at border crossings isa worldwide operation, which can be primarily seen as a reaction to the changed se-curity situation in the world since the attacks on September 11, 2001. Its goal is striv-ing for enhanced surveillance concerning the movement of persons between differentcountries. The new travel document increases the physical bond between the traveldocument and its owner. In many countries, tests, projects and studies are carriedout for examining the feasibility, reliability and security of the new travel document,while some other states have already implemented the new system for the electronicpassport at border crossings.

1.1 Background

Back in 1968, the ICAO (International Civil Aviation Organization), a subsidiary orga-nization of the United Nations (UN) which concerns itself with all questions of inter-national civilian aviation, began to work on the international guidelines for MRTDs(Machine-Readable Travel Documents), with the intention of accelerating the pass-port check procedure at the airport. Since 1997 the ICAO as well as the aircraft in-dustry and the ISO (International Organization for Standardization), work togetheron specifications for machine-readable passports with biometric data, in order to con-struct a world-wide standardized system for the examination of the identity by bio-metric characteristics.After the attack in September 2001, the United States, at the leading edge of the waron terrorism, had taken the path towards a new border crossing system based on bio-metric identification technology, which were specified by the ICAO [5]. Because of

1

Chapter 1 Introduction

the pressure of the USA, the EU (European Union) made a political decision aboutthe Biometric Machine Readable Travel Document. On December 13, 2004 the Euro-pean Commission decided to issue new electronic biometric passports with appro-priate security functions in all member states. All EU member states have to store aportrait photo of the passport holder in the passport for face recognition by June 10,2006. The fingerprint of passport holder is supplemented as an additional securityfunction by December 10, 2007. According to the guidelines of the EU, Germany hasissued electronic passports since November 1, 2005.

Figure 1.1: German Electronic Passport

1.2 Introduction to an RFID System

The ICAO was on the search for a data storage technology ensuring the integrityof the biometric data and protecting against falsification and destruction of the bio-metric characteristics. Besides that, the technology should also offer reliability, userfriendliness and sufficient storage capacity as well as a long life period. After exam-ining all alternatives, i.e. 2D-barcode, magnetic stripe, contact-based smart card andoptical memory, the ICAO decided for the usage of the RFID technology.RFID stands for Radio Frequency IDentification. Roughly speaking, this term is aboutdevices and technology that use radio signals to exchange identification data wire-lessly. An RFID system is built of two components, a small chip, often called a “tag”,

2

1.2 Introduction to an RFID System

and a reader. Typically, the tag stores a unique identifier and additional data are at-tached to objects or issued to people. When a tag or a group of tags is placed in theradio frequency field of a reader, the data contained in the tags memory can be ac-cessed by the reader. An RFID system is illustrated in Figure 1.2.

Figure 1.2: An RFID System

RFID systems are usually classified by three parameters: operating frequency, rangeand coupling. The ICAO has defined the RFID system with small ranges of up to10cm called remote coupling. Its operating frequency is 13.56 MHz ± 7 KHz [8].The member states of the ICAO have to integrate an RFID chip into the electronicpassport, which is compatible with either ISO 14443A or ISO 14443B standard. Theoperating system embedded in the chip is compatible with the smartcard standardISO 7816-4.

1.2.1 RFID Standards

The ISO standard 14443 describes function and parameters of RFID chip used in theelectronic passport. The ISO 14443 consists of four parts.Part 1 of the standard describes the physical characteristics of the chips. The mea-surements are 85.72mm and 54.03mm which are compatible with the ISO 7810. Fur-

3


thermore, Part 1 contains regulations for the testing of bending load, torsional loadand the exposure to UV- and electromagnetic waves [16].In Part 2 of the specification the radio frequency interface is defined. Power supplyof the RFID chip is done via an alternating magnetic field emitted by the reader witha frequency of 13.56 MHz. In the communication interface two different standardsexist: type A and type B. RFID cards must support at least one of the two standards.An ISO 14443 conforming reader however has to support both types. This requiresperiodic switching between the two modes during idle state [17].Part 3 covers the initialization and anti-collision mechanisms. If an RFID chip entersthe field of a reader and a communication should be established, two points have tobe considered. First there might be more than one chip in the field and secondly theremight already be an established connection with another chip [18].Part 4 of the ISO 14443 specification covers the transmission protocol [19]. The pro-tocol is very similar to the ISO 7816-3 standard, which facilitates the construction ofdual interface cards. It describes the transmission of APDU (APplication Data Units)which can contain any data such as commands and responses. Data transmissioncan be described by the OSI layer model [1]. Every layer carries out its tasks au-tonomously and is transparent to the upper layer. Layer 1 (physical layer) describesthe transmission layer and the byte coding of data. The transport layer (layer 2) con-trols the transmission of data with correct addressing of data blocks (CID), sequentialtransmission of longer blocks, time behaviour as well as the handling of transmissionerrors. Layer 7 contains the application data as a command to the chip card or theresponse. Layer 7 is independent from the current operating mode, which can becontactbased or contactless. Layers 3 to 6 are only used in complex networks and areomitted in this standard. An illustration of this layer model is in Figure 5.1 in Section5.1.After a chip has been activated it waits for the first command from the reader. Com-munication is strictly based on the master/slave principle. The reader sends a com-mand to the card, which then executes it and sends a response.

1.3 Motivation

The goal of the adoption of the electronic passport in Germany is to create a newversion of the German passport that not only expedites processing at border cross-ings, but also increases security and resists tampering. Therefore, in order to ensureintegrity, authenticity and confidentiality of the data stored in electronic passport

4

1.4 Thesis Outline

some cryptographic preventive measures have been adopted. For example, digitalsignature is used for preventing falsification of the passport data and a cryptographicprotocol named Basic Access Control is implemented for the protection against unau-thorized readout of chip contents.However, despite these security measures several citizen right organizations havereferred to the poorly conceived technology, high costs and increasing monitoringtendencies. A study of the BSI∗ [2] shows still some residual risks and that unwantedside effects remain a problem of the new technology. Some published works point outthe eavesdropping possibility and the weakness of the protocol Basic Access Control(see Chapter 4).In this thesis, the security of the German electronic passport will be primarily inves-tigated to find out how fast it is possible to extract the access key for communicationbetween passport and reader by exploiting the weakness in the Basic Access Controlprotocol. As reference instance, the Dutch electronic passport system will be simul-taneously analyzed. Through the comparison and analysis of the both systems, theconclusion of the thesis will be more robust and reliable. For the work, the commu-nication with the electronic passport is established by a commercial available RFIDreader, so that the required communication segments for the security analysis can becollected. A high performance cryptanalysis system is implemented in hardware inorder to obtain the access keys.

1.4 Thesis Outline

In Chapter 2 two cryptographic algorithms, SHA-1 and triple DES will be introducedand the cryptographic notation in this thesis will be also described.Chapter 3 provides an introduction to the electronic passport and the cryptographicmechanisms used in it, not only the algorithm for protecting confidentiality but alsothe algorithm for realizing integrity and authenticity.Chapter 4 is an overview of the complete system that has been set up by our self andused in this study. The complexity of the key searching will also be presented and thehardware used for the analysis will be also introduced in this chapter.Then, in Chapter 5 the implementation of the Basic Access Control protocol and thecryptanalysis system will be described in detail. The Chapter 6 represents the results

∗Bundesamt fur Sicherheit in der Informationstechnik

5


of the implementations. Finally, in Chapter 7 the conclusion of this study will be sum-marized and a view on future work will be given.

6

Chapter 2

Cryptographic Basics

In this chapter, the focus is on two cryptographic algorithms which were adopted toprotect the data security of the electronic passport. For this reason it is necessary tointroduce two notions in cryptography, i.e. a block cipher and a hash function.A block cipher is a symmetric key cipher which operates on groups of bits with afixed length, termed blocks. There are basically two paired algorithms for a blockcipher, one for encryption, and another for decryption, which is in fact the inverse ofthe encryption. Both algorithms have two inputs and one output. The encryption canbe denoted by

C := EncK(M)

and the decryption by

M := DecK(C)

where K is a key used for encryption as well as decryption, M and C both are a setof strings over some alphabet, but M is a plaintext message and C is a ciphertextmessage.The purpose of a hash function is to produce a hash value, also called “fingerprint”,of an original file, message, or other block of the data. Both, the original messageand its hash value, will be sent to receiver. The receiver authenticates the messageby recomputing the hash value. A hash value is generated by a Hash function of theform

h := Hash(M)

7

Chapter 2 Cryptographic Basics

where M is also a plaintext and h is the fixed-length hash value, which is normallymuch shorter than the plaintext.

2.1 Introduction to the Secure Hash Algorithm(SHA-1)

The SHA (Secure Hash Algorithm) was developed by the NIST (National Institute ofStandards and Technology) and published as FIPS (Federal Information ProcessingStandards) 180 in 1993. The SHA-1 is a technical revision of SHA and it was publishedas FIPS 180-1 in 1995 [26]. When a message of any length of less than 264 bits is givenas input, the SHA-1 produces a 160-bit hash value (also called message digest). Anychange to a message in transit will result in a different message digest with very highprobability. Now we look into the detail of the SHA-1.

2.1.1 Padding for Input Message

The purpose of message padding is to make the total length of a padded message amultiple of 512. The SHA-1 sequentially processes blocks of 512 bits when computingthe hash value of a message or data file that is provided as input. As a summary, a“1” followed by m “0”s followed by a 64-bit integer are appended to the end of themessage to produce a padded message of length 512 · n. The 64-bit integer is thelength of the original message. The padded message is then processed by the SHA-1as n · 512-bit blocks.

Example: Suppose ‘l’ represents the length of the original message and the originalmessage is the bit string

01100001 01100010 01100011 01100100 01100101

This message has length I = 40 (28 in hexs). Then the 41st bit will be appended with‘1’, as shown below

01100001 01100010 01100011 01100100 01100101 1

8

2.1 Introduction to the Secure Hash Algorithm (SHA-1)

Therefore, 407 ‘0’s should be appended and this gives (in hexs):

61626364 65800000 00000000 0000000000000000 00000000 00000000 0000000000000000 00000000 00000000 0000000000000000 00000000 00000000 00000028

The last two-word represent the length of the original message l = 28 (in hexs). Thisfinal padded message consisting of one block contains 16 words = 16 · 8 · 4 = 512 bitsfor n = 1 in this case.

2.1.2 Mode of Operation

Initialization

Five 32-bit registers (A, B, C, D and E) are contained in the core module of SHA-1.Before processing any blocks, these registers are initialised to the following values (inhexadecimal):

H0 = 67 45 23 01H1 = ef cd ab 89H2 = 98 ba bc feH3 = 10 32 54 76H4 = c3 d2 e1 f0

Functions and Constants

There are three primitive functions used in SHA-1. Each function ft, 0 ≤ t ≤ 79, hasthree 32-bit words B, C and D as input and one 32-bit word as output. The set ofSHA-1 primitive functions ft (B, C, D) is defined as follows:

ft(B, C, D) = (B · C) + (B ·D) (0 ≤ t ≤ 19)ft(B, C, D) = B ⊕ C ⊕D (20 ≤ t ≤ 39) and 60 ≤ t ≤ 79)ft(B, C, D) = (B · C) + (B ·D) + (C ·D) (40 ≤ t ≤ 59)

9


Where B · C = bitwise logical ‘and’ of B and CB = bitwise logical ‘complement’ of B+ = addition modulo 232

A sequence of constant words K(0), K(1), ..., K(79) is used in the SHA-1. In hex-adecimal notation these are given by

K(t) = 5a827999 (0 ≤ t ≤ 19)K(t) = 6ed9eba1 (20 ≤ t ≤39)K(t) = 8f1bbcdc (40 ≤ t ≤ 59)K(t) = ca62c1d6 (60 ≤ t ≤ 79)

Computing the Message Digest

To generate the message digest, the final padded message is used in such a way thatthe message block is transformed from 16 32-bit words (M0 to M15) to 80 32-bit words(W0 to W79). The processing of Mi involves 80 steps using the following algorithm.

Algorithm 1 Secure Hash Algorithm revised (SHA-1)Input: 16-word blocks M0, M1, ...,M15

Output: 160-bit hash value1: Let A = H0, B = H1, C = H2, D = H3, E = H4

2: for t = 0 to 79 do3: if t ≤ 15 then4: Wt = Mt

5: else6: Wt = S1(Wt−16 ⊕Wt−14 ⊕Wt−8 ⊕Wt−3)7: end if8: TEMP = S5(A) + Ft(B, C, D) + E + Wt + Kt;9: E = D;

10: D = C;11: C = S30(B);12: B = A;13: A = TEMP ;14: end for

10

2.1 Introduction to the Secure Hash Algorithm (SHA-1)

Where: A, B, C,D, E: Five words of the buffert: Round number, 0 ≤ t ≤ 79Si: Circular left shift by i bitsWt: A 32-bit word derived from the current 512-bit input blockKt: An additive constant+: Addition modulo 232

After all N 512-bit blocks have been processed, the output from the N th stage isthe 160-bit message digest, represented by the five words H0, H1, H2, H3 and H4.The SHA-1 operation looking at the logic in each of 80 rounds of one 512-bit block isshown in Figure 2.1.

Figure 2.1: The Secure Hash Algorithm-1

11


2.2 Introduction to Data Encryption Standard (DES)

Without doubt the first and the most significant modern symmetric encryption al-gorithm is that contained in the Data Encryption Standard (DES). In November 1976,the DES was adopted also by NIST as the government-standard encryption algorithm[25]. Since then, it has become a domestic and international encryption standard, andhas been used in thousands of applications.

2.2.1 Description of the Algorithm

The overall scheme for DES encryption is illustrated in Figure 2.2. As with any en-cryption scheme of block cipher, there are two inputs to the encryption function: theplaintext to be encrypted and the key. In this case, the input to the algorithm are a64-bit block of plaintext M ∈ {0, 1}64 and a 64-bit block of key K ∈ {0, 1}64, the outputfrom the algorithm is a 64-bit block of ciphertext C ∈ {0, 1}64 after 16 rounds of identi-cal operations. The operation of the DES can be described in the following algorithm.

Algorithm 2 Data Encryption Standard (DES)Input: plaintext M ∈ {0, 1}64 and key K ∈ {0, 1}64Output: ciphertext C ∈ {0, 1}64

1: Key schedule. . Compute 16 round keys Ki ∈ {0, 1}48 (i = 1, 2, ..., 16) from K2: IP (M) = (L0, R0). . Transpose using the initial permutation IP3: for i = 1 to 16 do4: Li = Ri−1

5: Ri = Li−1 ⊕ f(Ri−1, Ki). . f() is called ”f-Function”, see Section 2.2.26: end for7: (L16,R16) = (R16,L16). . an additional swap8: IP−1(R16, L16) = C. . Transpose using the inverse of the initial permutation IP

Both encryption and decryption use this algorithm except for processing the keyschedule in the reverse order; More concretely, the round keys used by encryptionare K1, K2, ... , K16, then those used by decryption should be K16, K15, ..., K1. Thisway of arranging round keys is showed in Figure 2.2 as “key schedule”.The key schedule has the task that it takes the key K ∈ {0, 1}64 as input and then

12


Figure 2.2: DES - Algorithm (left) and Key Schedule (right)

provides the subkey Ki ∈ {0, 1}48 as output. Initially, the Key K is passed though apermutation function called “permuted choice 1”. Then, the output of the permutedchoice 1 is divided into two 28 bits halves and loaded into two working registers.For each of the rounds a subkey Ki is subsequently produced by the combinationof a circular shift and another permutation called “permuted choice 2”. The halvesin registers are shifted left for encryption and right for decryption either one or twopositions, depending on the round.

13


2.2.2 f-Function

The core unit of DES is the f-Function (also known as the Feistel function) that takesthe right block (register R, 32-bits) of the output of the previous round and the roundkey as input. The f-Function consists mainly of expansion, permutation and substitu-tion. The substitution is accomplished via look-up table in S-boxes and the Expansionexpands the 32 bits inputblock to 48 bits block. The function of the permutation is torearrange the 32 outputs from the eight Sboxes. Here is the structure of the f-Functionin Figure 2.3.

Figure 2.3: The f-Function

2.2.3 The Triple DES

Direct after the proposing of the DES as the encryption standard some debates werestarted on its security. A single main criticism is that the DES has a relatively short key

14


length. This is regarded as the only most serious weakness of the DES. One solutionto overcome the short-key limitation is to run the DES algorithm several times usingdifferent key for each time. One such proposal is called triple DES scheme.The triple DES is a widely accepted approach which uses multiple encryptions withDES and multiple keys. It can be implemented either with three keys (K1, K2, K3) orwith two keys (K1, K2, K1) and the key length of Ki is 64 bits. The triple DES withtwo keys is popular and its encryption can be denoted by:

C := EncK1{DecK2{EncK1{M}}},

and decryption by

M := DecK1{EncK2{DecK1{M}}}.

In Figure 2.4 a triple DES with three keys is illustrated.

Figure 2.4: The triple DES

15


2.3 Introduction to the Cipher Block Chaining Mode(CBC)

A block cipher encrypts or decrypts messages as data blocks. Usually, the size ofa message string M is larger than the size of the message block of a block cipher,the long message can be divided into a series of sequentially listed message blocks(M = M1||M2||...||Mn), and the cipher processes these blocks one at a time.

Figure 2.5: The Cipher Block Chaining Mode

One such algorithm is the cipher block chaining mode of operation (CBC), in whichplaintext is processed 64 bits at a time and each block of plaintext is encrypted usingthe same key, see Figure 2.5. The output is a sequence of n-bit cipher blocks whichare chained together so that each cipher block is dependent (C = C1||C2||...||Cn).The CBC requires an explicit IV (Initialization Vector) of 64 bits that is the same size as

16

2.3 Introduction to the Cipher Block Chaining Mode (CBC)

the block size. The IV can be a random value which prevents the generation of iden-tical ciphertext. The IV is XORed with the first plaintext block before it is encrypted.For successive blocks, the previous ciphertext block is XORed with the current plain-text before it is encrypted.From the encryption procedure it is known that the first ciphertext block C1 is ran-domized by the IV ; and in the same way and in turn, a subsequent output ciphertextblock is randomized by the immediate preceding ciphertext block. Hence, the CBCmode outputs randomized ciphertext blocks.

17


18

Chapter 3

Electronic Passport

In this chapter some characteristic features of the electronic passport will be dis-cussed. Following an introduction to the Machine Readable Zone of passports thedata structure for the storage medium of the electronic passport will be described.The focus is the security policy and cryptographic protocol for the electronic pass-port.

3.1 Machine Readable Zone (MRZ)

The ICAO developed standards for MRTDs (Machine Readable Travel Documents),including passports and visas, with the intention of accelerating the passport checkprocedure at border crossings.

3.1.1 Structure of MRZ

Every MRTD possesses a special MRZ (Machine Readable Zone), which is usually atthe bottom of it. The MRZ consists of two lines and each line is 44 characters long.Following information is provided in the MRZ of a passport: name, sex, date of birth,nationality, passport number, date of expiry and check digits. Three fields of themare extremely important for the electronic passport and play an unsubstituted rolefor security of the passport date. They are passport number, date of birth and date ofexpiry. To simplify the formula expression below, we denote the passport number asPN , date of birth as DB and date of expiry as DE. Here in Figure 3.1 an example forMRZ can be seen.

19

Chapter 3 Electronic Passport

Figure 3.1: An example of MRZ

3.1.2 Calculation of Check Digits

The check digits 1, 2 and 3 (See Figure 3.1) are separately computed before calculatingthe check digit 4. Therefore the check digit 4 is used for checking that if the numberswhich are in front of it are correct. We describe the procedure of calculation of allcheck digits in brief: each number is multiplied with the corresponding weight (SeeFigure 3.2). The first digit is multipled with 7, the next with 3, and the next with 1.The pattern then repeats 7, 3, 1, 7, 3, 1, 7, 3, 1, etc.. An example is shown in Figure 3.2.

Figure 3.2: Calculation of Check Digits

20

3.2 Data Structure of the Electronic Passport

3.2 Data Structure of the Electronic Passport

As already mentioned in Chapter 1 an RFID chip is embedded in each electronic pass-port. A file system for the chip is defined as LDS (Logical Data Structure) which isspecified in a technical report [12]. In the current version of the report the LDS ini-tially consists of 16 data groups. In the future three additional data groups will bealso supported, in which data, e.g. visa of the destination country or travel record de-tails, can be stored. Figure 3.3 shows the whole data structure and details of contents.

Figure 3.3: Logical Data Structure

21


According to specifications of ICAO the LDS must be compatible with standard ISO7816-4, which is specially defined for data structure of smart card file system. Thereare basically two categories of files [28]. The first category are directory files, whichare called MF (master file) and DFs (dedicated files). The second category consists ofnormal data files, which are called EFs (elementary files), containing the actual userdata. The MF is the root directory. It is implicitly selected after the smart card is reset.The MF contains all other directories and all files. It must be present in every smartcard. A DF acts as a sort of folder in which other files (DFs and EFs) can be groupedtogether. Note a DF may contain other DFs. The user data needed for an applicationare located in EFs. EFs may be located directly below the MF or below a DF and theirrelationships are illustrated in Figure 3.4.

Figure 3.4: File tree according to ISO/IEC 7816-4

The aforementioned 16 data groups are used for user data of passport; hence theyare respectively called EF.DG1, EF.DG2, ..., EF.DG16. The 16 data groups, however,must not be completely implemented in the electronic passport. According to spec-ifications of ICAO the data groups 1 and 2 are mandatory and all other data groupsare optional. The data group 1 contains the data of the MRZ from the passport. Adigital facial image of the passport holder is stored in data group 2 as the biometricidentifier for face recognition.Further, an auxiliary elementary file called Security Data (EF.SOD) is also imple-mented in the LDS. As security measure the EF.SOD can guarantee authenticity andintegrity of the all data groups which are implemented in a particular chip. Eachdata group will be hashed and these hash values are stored in EF.SOD. In addition,a DATA Group Presence Map (EF.COM ) is also placed in the chip and it indicateswhich data groups are implemented.These EFs are located below a DF for the issuer state of the electronic passport. Inthe future, EF.DG17, EF.DG18 and EF.DG19 will be stored below another DF for thecountries into which the passport holder enters. The structure of LDS on the RFIDchip is shown in Figure 3.5.

22

3.3 Data Authenticity and Integrity

Figure 3.5: The structure of LDS

3.3 Data Authenticity and Integrity

The data security of electronic passport becomes focus of discussion since the elec-tronic passport was adopted. It is well known that digital data can be arbitrarily andeven lossless copied. Furthermore, the use of RF technology in electronic passportscould make the illegal duplication of passport data even easier, as it may not be noti-fied by the MRTD holder.In order to ensure authenticity and integrity of the digital data stored on the chipof passport, a digital signature system is adopted, so that each form of falsificationand/or manipulation of data can be discovered. Concretely, it can be proved if thesigned data were derived from an authorized entity and no more changed since thesignature. For signing and verifying the digital data of electronic passports a PKI isintroduced: Each member state sets up only one single Country Signing CA (Certifi-cation Authority) and at least one Document Signer.The Country Signing CA is the highest certificate authority of a country and it acts asthe national trust point for all receiving states. Electronic passports will be issued byDocument Signer, for example, Bundesdruckerei produces electronic passports. Thepublic and private keys for digital signature are generated by the Country SigningCA. Their expiration dates are, however, different. According to the specification ofICAO the private key of the Country Signing CA is valid for three to five years andthe public key must keep its validity between 13 and 15 years because the expiration

23


date of passport is specified for ten years in Germany.In more detail, the signature procedure is accomplished as follows: In the LogicalData Structure of the chip in the passport the Security Data EF.SOD contains hashvalue of the implemented data groups, for example, EF.DG1 and EF.DG2. The hashvalues are afresh signed with the key of the Document Signing CA by the issuerstate (Figure 3.5). Each state possesses a certificate, which was signed by the CountrySigning CA and stored in a public key register of the ICAO. The ICAO specifies algo-rithms and key lengths for the signature as well as hash algorithms to calculate thehash value stored in the Security Data EF.SOD. The algorithms RSA, DSA (digitalSignature Algorithm) and ECDSA (Elliptic Curve digitally Signature Algorithm) areallowed as candidates for digital signature. For example, the ECDSA was chosen forthe German electronic passport. The recommended key lengths for all three candi-dates are represented in the Table 3.1.

Algorithm Country Signing CA [Bit] Document Signer [Bit]RSA/DSA 3072 2048

ECDSA 256 224

Table 3.1: Key Length for Digital Signature Algorithms

In the case that a key of a Country Signing CA or of a Document Signing CA is com-promised before expiration date, the concerned certificate must be revoked. Informa-tion about the revoked keys is distributed in a so-called revocation list. By revocationof a certificate for a Country Signing CA all Document Signing CA keys certified withthis key are also invalid. Although the digital data signed with the revoked key is in-valid, the validity of the passport is unaffected. By distributing as fast as possible therevocation list, the world-wide border sites can be informed of the compromise of thekeys and execute an “intensified control” for the concerned passport.

3.4 Data Confidentiality

Data confidentiality was defined by the ISO as “ensuring that information is accessi-ble only to those authorized to have access” and that is also one of the design goalsfor electronic passport. In the technical report [14] the ICAO suggested an optionalcountermeasure called Basic Access Control and Secure Messaging to prevent that“untrusted” parties get reading access to the information stored in the electronic pass-port.

24


3.4.1 Description of the Basic Access Control Protocol

Before any information can be read from an electronic passport via a passport reader,the reader must carry out the BAC (Basic Access Control) protocol. The BAC requiresan initial interaction between electronic passport and passport reader to set up a se-

Reader Passport (RF-chip)

generating KENC and KMACget challenge−→

rp ∈R {0, 1}64rp←−

rr ∈R {0, 1}64Rr ∈R {0, 1}128

Mr := rr‖rp‖Rr

Cr := EncKENC(Mr)

Sr := MacKMAC(Cr)

Cr‖Sr−→decrypt and verify Cr‖Sr

Rp ∈R {0, 1}128Mp := rp‖rr‖Rp

Cp := EncKENC(Mp)

Sp := MacKMAC(Cp)

Cp‖Sp←−decrypt and verify Cp‖Sp

Kseed := Rr ⊕Rp Kseed := Rr ⊕Rp

Figure 3.6: The BAC Protocol

cure communication channel for data exchange. Firstly, the reader procures the MRZfrom the data page of the passport, generally via a connected OCR (Optical Char-acter Recognition) scanner. The MRZ is used for computing access keys KENC andKMAC for BAC. The KENC and KMAC are both 128 bits long and used for the encryp-tion and message authentication. The same keys are already stored in the passportchip as from issuing the passport. Only in such a way the passport can verify if thereader really has knowledge of the contents of the MRZ. While scanning the pass-port the reader initiates a challenge response protocol with the intention to generate

25


a key seed Kseed, which is then used for computing the session key pair (KSENC andKSMAC) (see Section 3.4.2). Each session needs a fresh session key pair so that themessages between passport and reader are also encrypted, that is the so-called se-cure messaging. If authentication is not successful, the session will be immediatelystopped by the passport, in the reverse case, the passport releases its data contents.The protocol is illustrated in Figure 3.6.

3.4.2 Key Generator

The above mentioned access keys KENC and KMAC for the protocol BAC are derivedfrom the MRZ which is printed on the passport (see Section 3.1). The procedure ofthe key derivation can be considered as a black box named access-key generator. Thismeans that the input of the access-key generator is a 24 byte long character string,which comes from MRZ. The access-key generator mainly consists of two SHA-1s,which was already introduced in Chapter 2. The structure of the access-key generatoris shown in Figure 3.7.

Figure 3.7: Access-Key Generator

The access-key generator is used for generating the keys KENC as well as KMAC ,which are obtained via concatenation of the outputs Ka and Kb. It can be denotedby

26


KENC(MAC) = Ka||Kb.

Note the 2nd SHA-1 has a 20 byte input. For the BAC key derivation one producestwo keys from the MRZ, i.e., KENC and KMAC . For this one needs a 4 byte longstring C (see Figure 3.7). Depending on whether a key is used for encryption or MACcomputation the following values must be used:

• C = 1 for encryption.

• C = 2 for MAC computation.

When the key seed Kseed is computed via the BAC, the session key pair (KSENC andKSMAC) are generated in second key generator called Session-Key generator. It isillustrated in Figure 3.8. The value C is chosen according to the same rules as before.

Figure 3.8: Session-Key Generator

3.4.3 Message Encryption

According to the specification of ICAO the confidentiality of the messages betweenelectronic passport and passport reader must be also guaranteed. To achieve thisgoal the symmetric encryption algorithm triple DES, whose key is 128 bits long (SeeSection 2.3), was adopted as cryptographic algorithm for the message encryption.Because a message is longer than 64 bits, the triple DES is run under the cipher

27


Figure 3.9: Message Encryption

block chaining mode (see Section 2.4). The Figure 3.9 shows, how the message isencrypted.

28

Chapter 4

General Aim and Framework ofAnalysis

According to the specification of ICAO an RFID system for electronic passport hasa reliable range of up to 10 cm. This implies two points. Firstly, a communicationbetween passport reader and passport should not be established, when the passport isoutside of this range. And secondly, a third party may not receive the communicationsignal when he/it is outside of this range. However, many studies show other resultsregarding these points, e.g. the communication between passport and reader can bestill eavesdropped at a longer distance, i.e. several meters, without large technicalexpenditure [9].In addition, the cryptographic protocol Basic Access Control itself is weak, whichcan be used for attacking the whole passport system. In [22] the weakness of theBAC protocol was analysed. That work was based on Dutch electronic passport andshowed how the access key was efficiently guessed without having the concernedMRZ. At the end of that work the authors gave a statement of their results that it willtake 3 hours for searching the access key for a Dutch electronic passport on a standardPC. However, what about the German electronic passport in particular?

4.1 Complexity of Searching Access Key

To obtain the access keys KENC and KMAC for an electronic passport, the correct MRZof this passport is absolutely essential. In Chapter 3 it is described that the MRZ con-sists of the concatenation of three fields, the passport number (PN), date of birth (BD)and date of expiry (ED), including their respective check digits. If the correct MRZ

29

Chapter 4 General Aim and Framework of Analysis

can be guessed, the access keys KENC and KMAC are easy to calculate. To evaluate thecomplexity of searching access keys the Shannon entropy [23] will be applied here toestimate the average minimum number of bits needed to encode a valid MRZ.Here the Shannon entropy (also called information entropy) of an ensemble X is de-fined to be the average Shannon information content of an outcome:

H(X) := −n∑i

P (xi) log2 P (xi)

where X is a random variable which takes on a finite set of values x1, x2, ..., xn; P (xi)is probability of xi. In addition, for estimating a complex system, e.g. an MRZ, whichcontains several parts, it is necessary to observe the joint entropy. The joint entropyof variables (X ,Y ) is:

H(X) := −n∑i

P (xi, yi) log2 P (xi, yi).

For two stochastically independent variables (X ,Y ) the joint entropy is

H(X, Y ) = H(X) + H(Y ) iff P (x, y) = P (x)P (y).

But note that for two stochastically dependent variables (X ,Y ) the joint entropy be-comes

H(X,Y ) ≤ H(X) + H(Y ).

Yet because of the stochastically dependent variables (X ,Y ), it is also necessary tointroduce the conditional entropy

H(X|Y ) := −n∑i

P (xi, yi) log2 P (xi|yi).

Then, the joint entropy and conditional entropy are related by:

H(X, Y ) = H(X) + H(Y |X) = H(Y ) + H(X|Y ).

30


4.1.1 Case Studies

In order to make the situation clear, another passport system, the Dutch electronicpassport system as reference example, will be simultaneously investigated. A casestudy based on the both systems will be taken and the case study data is presentedhere to show quantitatively what the difference is between them. Note that it isfirstly assumed for the case study that the probability distributions are discretelyuniform and the fields PN , BD and ED are stochastically independent. There arealso not any hints or tips for guessing the correct MRZ. Because of these assumptions,the values which are given in the case studies below are the ‘upper bound’ estimates.

Case study 1: The entropy of the Dutch electronic passport scheme

Passport number: In the Netherlands, civil authorities issue passportswith sequential passport number for the whole land. The passport num-ber contains 9 characters which generally consist of a static letter “N” fol-lowed by another character and 7 digits, e.g., NF3858053 [22]. Therefore,its entropy is

HDPN

∗ = −26·107∑i=1

(26−1 · 10−7) log2(26−1 · 10−7) = log2(26 · 107) = 27.95.

Date of expiry: In the Netherlands, passports are valid for 5 years. Withdepending on the date of issuing, i.e., passports are only issued on work-ing days, the entropy of the date of expiry for a valid passport is

HDDE = log2(5 · 365.25 · 5/7) = 10.34.

Date of birth: Instead of denoting the year of birth with four digits, e.g.1978, just the last two digits of it are used in the date of birth for passport,i.e. 78 in this example. Therefore, the entropy of this field is

HDDB = log2(100 · 365.25) = 15.16.

The whole MRZ: As a summary, the total entropy of the whole MRZ is

HDMRZ = HD

PN + HDDE + HD

DB = 27.95 + 10.34 + 15.16 = 53.54.

Case study 2: The entropy of the German electronic passport scheme

∗D = Dutch; G = German

31


Passport number: In comparison with the Dutch electronic passport sys-tem, Germany has another recipe for the passport number. A local civil au-thority in Germany also issues passports with sequential passport numberbut only in the area where this authority is responsible for. Furthermore,each local civil authority possesses an identification code which consistsof four digits. The total number is unchanged by nine digits, however, theactual passport number are five digits. This means that alphanumericalcharacters are not found in German passport number. Therefore, the pass-port number here would be subdivided into two separate individuals, theauthority identification code denoted as AIC and actual passport number.

Authority identification code: The entropy of the authority iden-tification code is

HGAIC = log2(10

4) = 13.29.

passport number: An authority assigns the passport numbercontinuously from 0 to 99999. The entropy of the actual passportnumber is

HGPN = log2(10

5) = 16.61.

Date of expiry: There is also a difference between both systems. Differingfrom the case in the Netherlands, German electronic passports are validfor 10 years. For a valid passport, the entropy of this field becomes basi-cally

HGDE = log2(10 · 365.25 · 5/7) = 11.35.

Date of birth: As same as the case in the Netherlands, the entropy of dateof birth for German electronic passport system is also

HGDB = log2(100 · 365.25) = 15.16.

The whole MRZ: Based on the above analysis, the total entropy of author-ity identification code, passport number, date of birth and date of expirybecomes

HGMRZ = HG

AIC +HGPN +HG

DE +HGDB = 13.29+16.61+11.35+15.16 = 56.41,

whose complexity is just approximately equal to the complexity of a singleDES.

32


4.1.2 Reduction of the Complexity

As it can be read from the section above, it is pointed out that the case studies basedon several assumptions and used therefore a very crude approach. That all made theresults in the case stadies not really useful. Actually, it will be possible to providefiner estimates, as it will be shown in the examples below.

Entropy of Date of Expiry

The assumption is provisionally unchanged from the previous case studies; however,it is noticeable that the entropy of date of expiry in both case studies is not accurateenough. Because the introduction of the electronic passport in Germany has beendone since November 2005 and the introduction started in the Netherlands in August2006. Consequently, there are in total 17 months in Germany and just 8 months in theNetherlands until now (April 2007). Then, the entropy of this field in both systemdecreases respectively to

HDDEnew,1

= log2(8 · 31 · 5/7) = 7.47

and

HGDEnew,1

= log2(17 · 31 · 5/7) = 8.56,

without consideration of the different number of days per month. In this situation,the entropies of the whole MRZ are respectively

HDMRZnew,1

= HDPN + HD

DEnew,1+ HD

DB = 27.95 + 7.47 + 15.16 = 50.58

and

HGMRZnew,1

= HGAIC + HG

PN + HGDEnew,1

+ HGDB = 13.29 + 16.61 + 8.56 + 15.16 = 53.62.

33


Entropy of Date of Birth

In case study 1 and 2 the entropy of date of birth has the same result 15.16, which isobviously not authentic. Though it is reasonable to take 100 as the upper bound ofyear of birth, when no details were given.If we have more information about this field, the entropy will without doubt be moreprecise. For example, in Figure 4.1 a diagram which represents the population agedistribution on the year 2005 in Germany is created. Its source date, a listing aboutthe population age distribution from the year 2001 until 2005, will be attached inAppendix A as additional material. According to this official statistics the entropy of

Figure 4.1: The population age distribution in Germany in the year 2005

date of birth will become another finer value because of the probability distributionof year of birth. The calculation of the probability of year of birth is depicted infollowing

P (xi) =total number of people of one age-group

total number of people of all target age-groups.

34


Generally, the minimum age to apply for a passport is 18 years, so it is reasonable totake age-groups between 18 and 80 years as our target groups, which might still be aconservative estimate. Then the entropy of the year of birth is

HGyear of birth := −

80∑i=18

P (xi) log2 P (xi) = 5.67.

The entropy of date of birth thereby also gets a new value

HGDBnew,2

= 5.67 + log2(365.25) = 14.18.

Once more the entropy of the whole MRZ in the German electronic passport is de-creased to

HGMRZnew,2

= HGAIC +HG

PN +HGDEnew,1

+HGDBnew,2

= 13.29+ 16.61+ 8.56+ 14.18 = 52.64.

Unfortunately, the information about the Dutch population is unknown. If it is sup-posed that the Netherlands has a similar population age distribution as in Germany,the entropy of date of birth for the Dutch electronic passport would also be

HDDBnew,2

= 5.67 + log2(365.25) = 14.18.

Then, the entropy of the whole MRZ in the Dutch electronic passport is reduced to

HDMRZnew,2

= HDPN + HD

DEnew,1+ HD

DBnew,2= 27.95 + 7.47 + 14.18 = 49.60.

Correlation between Passport Number and Date of Expiry

In both countries civil authorities issue passports with sequential passport numbers;thus, there is a correlation between the date of issue (and therefore date of expiry)and the passport number. The feature can be exploited to reduce the complexity ofthe key space. For cryptanalysis of electronic passports, a database can be created, inwhich the date of expiry and the passport number are stored as a pair collected fromeach passport. For example, as it is depicted in Figure 4.2 that three such known com-binations (x1, y1), (x2, y2) and (x3, y3) are saved in a database. This gives an asymptotein Figure 4.2. It is then easy to get an interval of the passport number from a given

35


Figure 4.2: Known dates of expiry reduce the search space

expiry date or in other way around. Moreover, the interval reduces even further withevery known combination of a passport number and the expiry date. This methodis especially suitable to use for the analysis of Dutch electronic passports. For Ger-man electronic passport the situation is a little bit more complicated. It is necessaryto build an own database for each particular civil authority which is allowed to issuepassports.With this method, the entropy of the whole MRZ in both systems can be dramati-cally reduced. However, exact values of entropy cannot be yet given here, becauseit depends on how one implements it. In Chapter 5 two implementations will bedeveloped with this method.

Further Possibilities for Reductions

There are actually a lot of possibilities to reduce the complexity of the key space, someof which are obvious and have been already described above. Besides, one can alwaysget more information about unknown MRZ, through actively seeking and collectingconcerned information. For example, it is informed that there are roughly 5300 civilauthories in Germany. Therefore, the entropy of the authority identification code be-comes HG

AICnew= log2(5300) = 12.37, then the whole MRZ in the German electronic

passport has the entropy HGMRZnew,2′ = 51.72, without the considering of the above-

mentioned correlation. Another example, also based on the German electronic pass-port, each civil authority issues passports with sequential passport number within its

36

4.2 Analysis Scenarios

responsible scope. If one knows the total number of valid passports for each author-ity identification code, the work to guess a particular MRZ would be easier. In oderto make the situation clear the subsequent section will deal with concrete analysisscenarios.


In Section 4.1, the entropies of the MRZ fields were calculated under the assumptionthat nothing is known about them. But actually, it is almost always possible to findsome information to make the guessing of the correct MRZ easier. Moreover, for acryptanalysis work it is indispensable to build an analysis model intended for a clearstucture of the framework. In this section six available scenarios will be listed. Inthese scenarios the situation will be as real as possible simulated, so that the degreeof simplicity of reconstructing from MRZ information may be measured or at leastcompared each other.

Scenario 1:Assumption : Stochastic dependence of HPN and HDE not known

Germany :AIC : It is known that the passport was issued, for example, in a

particular city, where there are 10 civil authorities which areallowed to issue passports. ⇒ HG

AIC = log2(10) = 3.32PN : Unknown. ⇒ HG

PN = 16.61DB : One can see the passport holder and guess his age within a

margin of 10 years. ⇒ HGDB = log2(10 · 365.25) = 11.83

DE : Unknown. ⇒ HGDE = HG

DEnew,1= 8.56

Entropy : ⇒ HGMRZ = HG

AIC + HGPN + HG

DB + HGDE = 40.32

Netherlands :PN : Unknown. ⇒ HD


margin of 10 years. ⇒ HDDB = log2(10 · 365.25) = 11.83

DE : Unknown. ⇒ HDDE = HD

DEnew,1= 7.47

Entropy : ⇒ HDMRZ = HD

PN + HDDB + HD

DE = 47.25

37


Scenario 2:Assumption : Stochastic dependence of HPN and HDE is known

Germany :AIC : Equal as in Scenario 1. ⇒ HG

AIC = log2(10) = 3.32PN : Unknown, but through the collection of the valid passport

number from each authority, it is informed that each authorityissues about 60 passports a day.

⇒ HGPN = log2(60 · 17 · 31) = 14.95

DB : Equal as in Scenario 1. ⇒ HGDB = log2(10 · 365.25) = 11.83


AIC + HGPN + HG

DB = 30.10

Netherlands :PN : Unknown, but it is informed that authorities issue about 10188

passports a day. ⇒ HDPN = log2(10188 · 8 · 31) = 21.27

DB : Equal as in Scenario 1. ⇒ HDDB = log2(10 · 365.25) = 11.83


PN + HDDB = 33.10

* See also the implementation results


Germany :AIC : It is known that the passport was issued, for example, in a

particular city where there are 2 civil authorities which are al-lowed to issue passports. ⇒HG

AIC = log2(2) = 1PN : Unknown. ⇒ HG


margin of 5 years. ⇒ HGDB = log2(5 · 365.25) = 10.83

DE : Unknown. ⇒ HGDE = HG

DEnew,1= 8.56


AIC + HGPN + HG

DB + HGDE = 37




DE : Unknown. ⇒ HDDE = HD

DEnew,1= 7.47


PN + HDDB + HD

DE = 46.25

Scenario 4:

38


Assumption : Stochastic dependence of HPN and HDE not knownGermany :

AIC : Equal as in Scenario 3. ⇒ HGAIC = log2(2) = 1

PN : Unknown. ⇒ HGPN = 16.61

DB : It is known that the passport holder was born, e.g. in 1978.⇒ HG

DB = log2(365.25) = 8.51DE : It is only known that the passport was issued, e.g. in 2006.

⇒ HGDE = log2(365.25 · 5

7) = 8.03


AIC + HGPN + HG

DB + HGDE = 34.15




DE : It is only known that the passport was issued, e.g. in 2006.

⇒ HDDE = log2(365.25 · 5

7) = 8.03


PN + HDDB + HD

DE = 44.49


Germany :AIC : Equal as in Scenario 3. ⇒ HG

AIC = log2(2) = 1PN : Unknown. ⇒ HG

PN = 16.61DB : The passport holder was born, e.g. on September 11. But it is

not known in which year.⇒ HG

DB = HGyear of birth = 5.67

DE : Equal as in Scenario 4. ⇒ HGDE = log2(365.25 · 5

7) = 8.03


AIC + HGPN + HG

DB + HGDE = 31.31


PN = 27.95DB : The passport holder was born, e.g. on September 11. But it is

not known in which year.⇒ HD

DB = log2(100) = 6.64

DE : Equal as in Scenario 4. ⇒ HDDE = log2(365.25 · 5

7) = 8.03


PN + HDDB + HD

DE = 42.62

39



Germany :AIC : Known.PN : Unknown. ⇒ HG

PN = 16.61DB : Known.DE : Unknown. ⇒ HG

DE = 8.56Entropy : ⇒ HG

MRZ = HGPN + HG

DE = 25.17


PN = 27.95DB : Known.DE : Unknown. ⇒ HD

DE = 7.47Entropy : ⇒ HD

MRZ = HDPN + HD

DE = 35.42

4.3 Basic Concept

With the complexity analysis for searching of the access key at hand, the actual targetof this work can be achieved: An optimum hardware approach to extract the accesskeys. According to the specification, an unencrypted response message from passportwill be sent to reader as answer to Get Challenge command. The same message willbe received afresh by the passport during the protocol conversation phase, however,it is encrypted by reader with KENC . Following the decryption and the successfulverification, this message, as first block in plaintext, will be encrypted once againin CBC mode by passport. According to the specification of CBC mode, the plaintextblock will be normally changed after XOR operation which is located before the tripleDES encryption. However, as it can be seen in Figure 3.9, the first plaintext block willbe unmodified because the IV = 00000000 (in hex) defined in technical report [14].Therefore, the response message and the first ciphertext block from passport can beseen as the plaintext and ciphertext pair, which is necessary for the analysis work.With intending to get access keys from plaintext and corresponding ciphertext (KnownPlaintext Attack), a communication system based on RFID technology to receive themessages between passport reader and passport should be initially established. Fur-ther the obtained information will be analysed. Instead of communication eavesdrop-ping, an RFID reader is used for a direct communication between this reader and the

40

4.4 Hardware Design Environment

Figure 4.3: Architecture of the complete system

electronic passport. In Figure 4.3 the architecture of the complete system is shown.The reader used as passport reader is a commercially available RFID-reader calledCM5121. The CM5121 is a dual interface USB 2 PC-linked reader that will read/writeto both a 13.56 MHz RFID contactless smart card and virtually any contact smart card.There is no high level RFID protocol implementation on the CM5121; the applicationis done on the host (PC) software.


Before implementing the hardware system it is mandatory to discuss a suitable un-derlying system environment. Specially, the following aspects are to consider:

41


• A multitude of parallel processors.

• Low cost processors.

• Flexibility in parameterization (e.g. bit sizes).

Currently, available choices for hardware design are ASIC (Application Specific Inte-grated Circuits) or FPGA (Field Programmable Gate Arrays). Although ASICs arerelatively cheaper than FPGAs, the great advantage of FPGAs compared to ASICs isbeing flexible in terms of logical modifications. Also consideration of the performanceof reconfigurability, we will employ SRAM FPGA Xilinx Spartan-3 XC3S1000 for thehardware system. Table 4.1 shows a list the features of this FPGA.

Feature XC3S1000System Gates 1000K

Slices 7,680Logic Cells 17,280

Multipliers (18x18) 24Block RAM Bits 432K

Distributed RAM Bits 120KMax Single Ended I/O 391

RS2321 YesUSB 2.01 Yes

VGA D-SUB1 Yes

Table 4.1: Device features of SPARTAN-3 XC3S1000

The Xilinx Spartan-3 XC3S1000 contains 7680 slices, by which the functionality ofbeing reprogrammable is realized. Each slice contains two 4-input LUTs (lookup ta-bles), two configurable D-flip flops, multiplexers, dedicated carry logic, and gatesused for creating slice based multipliers. Each LUT can implement an arbitrary 4-input boolean function.

4.4.1 The COPACOBANA

COPACOBANA (Cost-Optimized Parallel Code Breaker) is an FPGA-based machinewhich is optimized for running cryptanalytical algorithms and by which the aspectsmentioned in the previous section have been realized. The COPACOBANA is suitablefor parallel computation problems which have low communication requirements. In

42


Figure 4.4: The machine - COPACOBANA

[21] the details about the COPACOBANA are described. In Figure 4.4 the COPA-COBANA machine is presented.

Figure 4.5: COBACOBANA architecture

In order to give more information about its functionality, a summary of this machinewill presented in short. As a whole, 120 FPGAs of type Xilinx XC3S1000 can simul-taneously contribute to a distributed task. However, the FPGAs are not soldereddirectly on a single backplane. Instead of that, six of them are grouped on singlemodules in standard DIMM format. There are 20 DIMM sockets on the backplane

43


which allow for a maximum extension of 20 FPGA modules. This design makes iteasy to run the COPACOBANA in different stages of expansion, e.g. with 24, 66, or amaximum of 120 FPGAs. All modules are connected by a 64-bit data bus and a 16-bitaddress bus. A single DIMM module is shown as a schematic in Figure 4.5. As can beseen from the figure a controller card connect the data bus and address bus to a host-PC via USB interface. Every FPGA module is assigned a unique hardware addressand the FPGAs are directly connected to a common 64-bit data bus on board of theFPGA module which is interfaced to the backplane data bus. Therefore, all FPGAsshould have the same configuration and all FPGA modules should have the samelayout. The controller card has to handle the adaptation of different clock rates: TheUSB interface works on a clock rate of 24 Mhz, the backplane is clocked with 33 Mhzand the controller card itself uses an internal clock of 133 Mhz. The internal clock isgenerated by an external clock synthesizer, the system clock is derived from a DCM(digital clock manager) implemented on the FPGA.

44

Chapter 5

Implementation

In the past chapters, the necessary theories and technical fundamentals for this thesiswere already introduced. Now, it is time to carry on the practical works. In thischapter, the whole implementation tasks for security analysis of electronic passportwill be described in detail. Initially, to get several pairs of plaintext and ciphertext theBasic Access Control protocol for the communication between passport and passportreader will be established. As it was mentioned in Section 4.4, a hardware solutionfor protocol analysis will be implemented with hardware describe language VHDL(Very High Speed Integrated Circuit Hardware Description Language) [30].

5.1 Establishing Communication Relationship forPassport

In order to get several ciphertexts encrypted by a particular electronic passport, it isnecessary not only to generate a correct BAC protocol, but also to establish a trans-mission protocol between the passport and passport reader. The transmission pro-tocol is described in standard ISO 14443 and it is very similar to the protocol T = 1which specified in standard ISO 7816-3. The protocol supports the transmission ofAPDU (APplication Data Unit), which can contain any data such as commands andresponses, between a reader and RFID chips.The implementation is performed within the programming language C. It is based ona free software from a project named openmrtd [27]. Its goal is developing a softwareimplementation of the ISO 14443 protocol stack. The developing environment runsunder Linux.The RFID reader which is chosen for this work is a commercially available reader

45

Chapter 5 Implementation

named CM5121. Its part for contactless application is a Philips CL RC632 reader.There is no high level RFID protocol implementation on the CM5121, therefore theapplication protocol is accomplished on the host PC.In order to achieve an implementation with clearly structure, the protocol is imple-mented completely according to the OSI layer model. However, instead of 7 layers asnormal, it requires only 3 layers for RFID reader. There are the physical layer, trans-port layer and the application layer, i.e. layer 1, 2 and 7. An overview of the structureof the implementation is depicted in Figure 5.1.

Figure 5.1: Overview of the structure of the implementation

In technical report [14] the ICAO specified the BAC protocol for the communica-tion between passport and passport reader. According to the standard ISO 14443the whole communication procedure can be divided in two completely different pro-cedures, i.e. Type A and Type B. For this implementation it is just necessary to imple-ment the Type A procedure, because the German electronic passport is only compat-ible with the communication procedure Type A.As it can be seen in Figure 5.1 the BAC protocol runs completely on the applicationlayer. Firstly, the message for electronic passport will be encrypted in BAC protocoland then transformed in APDU format according to ISO 7816-3. With support byUSB driver functions the encrypted message will be sent to reader CM5121. Beforethe message is saved in registers of the reader, it will be formed by RC632 commandset. On account of the known format the reader can read the message from its reg-isters and submits the message to passport in an appropriate form. In Appendix B

46

5.2 Hardware Design for Searching Access Key

there is an operation result of the BAC protocol.


With the collection of plain- and ciphertext pairs at hand, the next step, hardwareapproach for searching access key, can be run. The target for this hardware designis to provide a faster and individual hardware solution comparing with other corre-sponding software designs. As it was mentioned in Section 4.4, the approach runs onCOPACOBANA, an FPGA-based machine which is suitable for parallel computationproblems. The FPGAs work together as a whole system, but the single one of themconcerns oneself with its own task. Therefore, the design emphasis shall concen-trate on both the layout of single FPGA and the global functionality. The followingsections describe the design structure with a top down approach, starting with thehighest level entity and going down to the lower one.

5.2.1 Global Design Description

The design works in the following way: every FPGA receives the same plain- andciphertext pair and encrypts the plaintext into a new ciphertext. For each encryption,

Algorithm 3 Access Key Searching with COPACOBANAInput: Plaintext M; Ciphertext C; Subkeyspace(Part of MRZ fixed for each FPGA)Output: MRZ

1: while overflow 6= 1 do . not all probabilities of MRZ are tested2: Generate a new MRZ named MRZTEMP ;3: KENC = SHA− 1(SHA− 1(MRZTEMP ));4: CNEW = EncKENC

(M); . Encryption with TDES;5: if CNEW = C then6: return MRZ = MRZTEMP ; . Key is found!7: end if8: end while

however, the key is not the same. Notice also that the keys do not come from the hostPC for each encryption, because the USB interface uses a different clock rate in com-parison with FPGAs (See Section 4.4). Instead of that, each FPGA possesses an own

47


MRZ generator which produces a new MRZ per encryption. If the both ciphertextsare identical, that will mean that the concerned key (and therefore the MRZ informa-tion) is found. The whole procedure can be demonstrated in Algorithm 3.

Figure 5.2: Layout of a single FPGA

According to the design principle there are the following main components in eachFPGA, a MRZ generator, an encryption engine, a register to store part MRZ infor-mation and a comparator to see if the both ciphertexts are identical. The FPGA Xil-inx Spartan-3 XC3S1000 which is employed in COPACOBANA offers a relatively bigamount of configurable logic. This feature will be used for attaining more efficientwork for the implementation. Therefore, the parallel computation principle can beonce more adopted inside a single FPGA. There are in total four engines implementedto accelerate the process fourfold. The whole layout of a single FPGA is illustrated in

48


Figure 5.2. The behaviour of the single FPGA implementation can be also shown in afinite state machine composed of five states.

Figure 5.3: BAC analyst state machine

• RESET: at the beginning, each FPGA is set to the RESET state when the globalreset signal is high. All internal registers are being set to default values and thestate machine automatically goes to IDLE state, after the global reset signal islow.

• IDLE: in the IDLE state, the encryption engines are still inactive, but the MRZgenerator prepares for receiving its fixed part (Subkeyspace) coming from thehost PC. The registers for the plaintext, ciphertext and Subkeyspace are to write.After the Subkeyspace is written, the host PC issues the mrz-reset command, thestate machine goes to the MRZ-RESET state.

• MRZ-RESET: in this state, the MRZ generator is being set to default value. Then,the host PC issues the start-engine command, the state machine goes to the RUNstate.

• RUN: in this state, the MRZ generator produces new MRZ which is taken bythe encryption engine. The comparator compares the new ciphertext againstthe original ciphertext for each encryption operation.

49


• SUCCESS: in case that the output of one of four comparators is high, the key isfound. The MRZ generator is stopped and the concerned MRZ information isstored in a found key register. Then, the host PC issues two commands to readthe MRZ information out of the found key register consecutively. The reasonwhy two commands are necessary is because there is only a common 64-bitdata bus connected to the controller card (and therefore to host PC).

• DONE: if the overflow signal is high, the all possible MRZs which can be pro-duced by MRZ generator will be complete tested. For this fixed MRZ part (Sub-keyspace) it is impossible to provide any correct MRZ information. The FPGAneeds a new MRZ part and a new search is necessary.

5.2.2 The Encryption Engine

In this section the encryption engine and its components will be described. An overviewis shown in Figure 5.4. The engine consists of two components, an access-key gener-ator and a triple DES. The access-key generator converts a valid MRZ into a 128-bit

Figure 5.4: Stucture of the encryption engine

long key with two SHA-1s, which are connected in series. In front of the two SHA-1s,there is another small but also important component, an ASCII expansion unit. Actu-ally, the MRZ information contains 24 characters, which are equal to 192-bit code. The

50


ASCII expansion is therefore necessary, because the MRZ in Germany consists only ofdigits (0,1, ... , 9) whose hexadecimal ASCII Code are (30, 31, ... ,39). This feature canbe seen as an advantage using for our design of MRZ generator. It is only necessaryto deal with low significant 4-bit of each character of the 24 characters string. Thismeans that the actual bit number needed to produce a correct MRZ amount only to96-bit, which also points to a smaller complexity and therefore a faster implementa-tion. The ASCII expansion unit forms its input “XX...X” into output “3X3X...3X”,where the “X” is a 4-bit digit.

The SHA-1

Figure 5.5: Stucture of SHA-1

As critical component, the SHA-1 plays a decisive role in the whole design. It itselfdetermines the main frequency with which the searching system works, because the

51


SHA-1 works relatively slow in comparison with other components. It runs at aninternal clock of 40 MHz. Otherwise, the SHA-1 takes 80 rounds to produces a hashvalue. The output period is consequently 80 ∗ 25ns = 2.0µs long.As it can be seen in Figure 5.4, two SHA-1s are connected in series. With this structurethe two SHA-1s work together using a pipeline principle. This means that they bothcan work simultaneously. The second SHA-1 handles the output value from the firstSHA-1, while the first SHA-1 deals already with the next MRZ. Therefore, althoughtwo SHA-1s are required in access-key generator, the generator can deliver a hashvalue per 2.0µs.

The Triple DES

Figure 5.6: Structure of triple DES

The triple DES works especially fast in hardware; however, we can not fully put thisadvantage to use for our design. The reason why not is that the efficiency of tripleDES completely depends upon the speed of SHA-1 because of its position. Therefore,a general implementation, e.g. three single DES connect in series, i.e. a pipelining, is

52


not really meaningful. Since such a triple DES always falls into the “idle” situationanyway, we had rather implement the triple DES without pipelining. In such a way,we can save some slices at least, whose meaning is even important for parallel com-putation.With this thought, we separate a round encryption (also as decryption) and a roundkey schedule from the whole 16 rounds and let them respectively run cyclically. Thestructure is shown in Figure 5.6. With this architecture our triple DES here can deliverits result after 48 cycles. In this way, the triple DES just has to waste 32 rounds timeto wait for the next input, yet the significant economization of the number of slices isobviously. That is also the reason why we can implement four engines into a singleFPGA.

5.2.3 Implementations based on Particular Scenarios

As a matter of attention, the important component, MRZ generator, is not introducedin the section above, because the structure of this component is not always the same.It depends on which assumption one takes as starting point for guessing the MRZ. Inthis section it will be described how the structure of MRZ generator is implementedconforming the particular situation. The implementations based on two scenarios,which were enumerated together with other fours in Chapter 4, will be shown in fol-lowing sections.Before the concrete implementation, it is necessary to make design principle of sub-keyspace comprehensible. The subkeyspace always obtains a fixed part of MRZ foreach searching process, but the selection, which part is suitable as the content of sub-keyspace, is very essential for the work efficiency of the searching access key. Asintroduced, the FPGAs work very fast and the reload of a new subkeyspace takesa relatively long time. Therefore, it has a great meaning to ensure that each search-ing process spans a long period of time. In other words, the reload times of newsubkeyspaces should be reduced as least as possible. The concrete deals with thedistribution of the subkeyspace is described in the following implementations.

Implementation for Scenario 1

Suppose that the passport holder lives in a big city where there are a lot of civil au-thorities; however, 10 of them are allowed to issue passport. Their authority identi-fication codes are, for example, between 5600 and 5609. It is unknown when and in

53


which authority the passport was issued. Furthermore, it remains also unclear whatis the passport number. With a little bit luck, it was informed that the concerned per-son is between 29-39 years old. That means that the person was born between 1968and 1978.With such information about the MRZ at hand, we can carry on with the implementa-tion work. All components except for the MRZ generator are the same. It is necessaryto implement a special MRZ generator to bring it into agreement with the conditionin this scenario.According to the basic assumption of this scenario, it is difficult to find any correla-tion between passport number and expiry date. It is practically impossible to reducethe complexity of searching access key with the method which was described in Sec-tion 4.1.2. In fact, the total number of the possible expiry date is only 516 until now.Therefore, in order to reduce the reload times of new subkey spaces, the date of ex-piry can be distributed among the FPGAs in COPACOBANA. Each FPGA obtains aparticular expiry date which is stored in the “part of MRZ” register. For the remain-ing part of the MRZ five counters are required. They are respectively: authority code,

Algorithm 4 MRZ Generation for Scenario 1 (for Germany)Input: DE . fixed for each FPGAOutput: MRZ

1: for AIC = (560)0 to (560)9 do2: for PN = 0 to 99999 do3: for DB.Y = 68 to 78 do4: for DB.M = 1 to 12 do5: for DB.D = 0 to 7 do6: Compute the check digits for MRZ;7: if Key is found then8: return 0;9: end if

10: end for11: end for12: end for13: end for14: end for15: set overflow = 1 . Key is not found for current subkey space!

passport number, day, month and year counter. The day counter therein is a 3-bit

54


counter and it counts from 0 to 7 (in bit representation 000 to 111). Two bits, whichare both used as identity code for engines and as additional bits for the day counter,are hardwired in each of the encryption engines and are different for each of them (00to 11). Accordingly, the first engine handles the possible days from 0 to 7 (00000 to00111), the second engine from 8 to 15 (01000 to 01111, the third from 16 to 23 (10000to 10111)and the fourth from 24 to 31 (11000 to 11111). The operation of the MRZgenerator can be described in the Algorithm 4.In order to further simplify the expression below, we denote the part of date of birth-day, i.e. year, month and day respectively as DB.Y , DB.M and DB.D and the part ofdate of expiry respectively as DE.Y , DE.M and DE.D.

Implementation for Scenario 2

For this implementation the same information about the MRZ as in the previous sce-nario is known; however, it is possible to manage to get some valid MRZs collectedrespectively from each authority (See Appendix C), so that it can be roughly evalu-ated how many passports would be issued during a day in every authority. In thissituation the correlation between passport number and date of expiry can be anal-ysed, thereby further reducing the complexity of searching access key. The operatingmode of MRZ generator for this scenario can be described in Algorithm 5. Note thatthe possible first passport number which was issued by a particular authority during

Algorithm 5 MRZ Generation for Scenario 2 (for Germany)Input: DB.Y , DB.M . fixed for each FPGAOutput: MRZ

1: for AIC = (560)0 to (560)9 do2: for DB.D = 1 to 31 do3: for DE.Y = 15 to 17 do4: for DE.M = 1 to 12 do . beginning on 01/11/15, ending on 31/03/175: PN = PNmin,i; . i = AIC6: for DE.D = 0 to 7 do7: PNlast = PN + PNsum,i

8: while PN ≤ PNlast do9: Compute the check digits for MRZ

10: · · ·

55


Algorithm 5 Part 211: · · ·12: if Key is found then13: return 0;14: end if15: PN = PN + 1;16: end while17: end for18: end for19: end for20: end for21: end for22: set overflow = 1 . Key is not found!

a day is denoted PNmin,i and the possible last one is denoted PNlast, where i is theauthority identification code for this authority. The total number of passports whichwere issued in a particular authority during a day is denoted PNsum,i.Additionally, we will implement the Scenario 2 based not only on the German elec-tronic passport, but also based on the Dutch electronic passport, in order to collectthe important date for comparing the both systems, especially when the above men-tioned correlation can be used. The Algorithm 6 describes the operation to generatethe MRZ for the Dutch electronic passport. However, the notation is a bit different,because the passport number is differently specified in Dutch MRZ. The second char-acter of the passport number is denoted PN7 and the remaining part of the passportnumber is PN6→0. PNi,min is denoted as the minimal passport number which is cho-sen for the searching work, where i is either 7 or 6→0. The PNsum is then the totalnumber of passports which were issued in the netherlands during a day.

Algorithm 6 MRZ Generation for Scenario 2 (for Netherlands)Input: DB.Y , DB.M . fixed for each FPGAOutput: MRZ

1: SET: PN7 = PN7,min and PN6→0 = PN6→0,min ;2: for DB.D = 1 to 31 do3: for DE.Y = 16 to 17 do4: for DE.M = 1 to 12 do . beginning on 01/08/16, ending on 31/03/175: · · ·

56


Algorithm 6 Part 26: · · ·7: for DE.D = 0 to 7 do8: for Counter = 1 to PNsum do9: Compute the checksums for MRZ

10: if Key is found then11: return 0;12: else if PN6→0 ≤ 9999999 then13: PN6→0 = PN6→0 + 1;14: else15: PN7 = PN7 + 1;16: PN6→0 = 0;17: end if18: end for19: end for20: end for21: end for22: end for23: set overflow = 1 . Key is not found!

As a summary, the usage of the method based on the correlation between passportnumber and date of expiry can really accelerate the searching process, as it can beseen from the result provided in Section 6.2.2. On the other hand, it has to be ac-knowledged that this method leads not always to a correct result. For example, amistake produced through the estimate tolerance of the total number of passports is-sued during a day can bring to an unfortunate conclusion that the concerned MRZ,which is actually located in searching area, can be not found.

57


58

Chapter 6

Results

So far the main components and the functionality of the implementation have beendescribed. The remaining work to complete the thesis is to present the implementa-tion results. In this chapter, the results of all implemented scenarios will be repre-sented in details.

6.1 Operating Speed

There are two different scenarios implemented for the cryptanalysis of the BAC pro-tocol. For the second scenario therein an additional implementation based on Dutchelectronic passport was also completed, in order to have a comparison between Dutchand German electronic passport. The implementations were programmed in hard-ware describe language VHDL and therefore, their simulation were accomplishedwith Xilinx Modelsim. Finally, to obtain the important results for the thesis, all im-plementations also run on the machine COPACOBANA. In Figure 6.1 a snapshot ofthe console output from COPACOBANA is given.As it was described in Chapter 5, the clock rate per FPGA in COPACOBANA is 40MHz, however, this does not mean that the candidate keys would be also tested withthis frequency. The reason why the key seaching does not work with this frequencyis that the access-key generator needs 80 clocks to convert a valid MRZ into a 128-bit long triple DES key because of its critical component, SHA-1. Therefore, the timewhich is necessary to test a key is 80·25ns = 2.0µs. Its implicit meaning is that a singleFPGA can check 4 keys per 2.0µs, i.e., 2,000,000 keys per second, because four encryp-tion engines are implemented into it (See Section 5.2.1). If all 120 FPGAs participatein the searching work, the COPACOBANA will check 4 · 120 = 480 keys every 2.0µs,

59

Chapter 6 Results

Figure 6.1: Console output from COPACOBANA

60

6.2 Result of Scenarios

i.e., 240, 000, 000 keys per second. Using this data as a basis the subsequent sectionswill give the concrete results to the implementations.

6.2 Result of Scenarios

6.2.1 Result of Scenario 1

According to the description in Section 5.2.3, each FPGA in COPACOBANA obtainsone fixed expiry date assigned from the host-PC during the initial phase; hence, theamount of MRZ candidates for a fixed DE which denoted as SUMMRZ is

SUMMRZ = #AIC· #PN · #DB.Y · #DB.M · #DB.D = 3, 84 · 109

per FPGA , where # means the total number of the particular component in the for-mula. These keys can completely be checked in (3, 84 · 109/4) ·2.0µs, i.e., 32 minutesby a single FPGA. From November 1, 2005 until Apri 31, 2007, there are 516 days, butthe working days are only 369 days. Therefore, the complete amount of MRZ candi-dates is 3, 84 ·109 ·369 = 1.42 ·1012, which means an approximate complexity of 240 forthe whole system based on Scenario 1. Thus, on average, COPACOBANA can findthe correcte MRZ after (239/480) ·2.0µs which is approximately 38 minutes. The timerequired for loading the plaintext, ciphertext and date of expiry are neglectable.

6.2.2 Result of Scenario 2

There are two versions implemented for Scenario 2. Both implementations share acommon design principle. The year and month of birthday are chosen as the fixedpart stored in each FPGA. The reason of it is that there are exactly 120 months for 10years, so that it required only one searching process. Respectively, the results of themwill be summarized in follow.

61

Chapter 6 Results

For German Electronic Passport

Through an analysis of the exemplary collection of MRZs attached in Appendix C, itis possible to find out how many passports will be issued during a day per authority.According to the Algorithm 5, the amount of MRZ candidates is

SUMMRZ =AIC10∑

i=AIC1

#DB.D· #DE.Y · #DE.M · #DE.D· PNsumi= 9, 02 · 106

per FPGA. Therefore, the complete amount of MRZ candidates is 9, 02 · 106 · 120 =1.08·109 ≈ 230. This means that the complexity is decreased from approximate 240 (SeeScenario 1 and 2 in Section 4.2) to 230, just because of the usage of the method basedon the correlation between passport number and date of expiry. Thus, the averagetime which the COPACOBANA needs to find the right MRZ is (229/480)·2.0µs whichis only approximately 2.24 seconds.

For Dutch Electronic Passport

It is known that the Dutch electronic passports are issued with sequential passportnumber for the whole Netherlands. Therefore, the same method can be also used forthe implementation here to reduce the searching complexity of MRZ. The populationof the Netherlands in 2005 was estimated by the CIA World Factbook ∗ at 16,407,491.In that year approximately 19% of the population under 15 years of age. This age-group usually possess no passport. Through a very conservative calculation which ishere carried out,

PNsum = (1−19%)·16,407,491

5·365.25· 57

≈ 10188,

the total number of the passports which were issued during a day in the Netherlandsis informed. Consequently, according to the Algorithm 6, the amount of MRZ candi-dates is

SUMMRZ = #DB.D· #DE.Y · #DE.M · #DE.D· PNsum = 8, 08 · 107

∗https://www.cia.gov/cia/publications/factbook/print/nl.html

62

https://www.cia.gov/cia/publications/factbook/print/nl.html

6.3 Theoretical Estimation

per FPGA. Therefore, the complete amount of MRZ candidates is 8, 08 · 107 · 120 =9.70 · 109 ≈ 233, which indicates that the complexity is also decreased from approx-imate 247 (See Scenario 1 and 2 in Section 4.2) to 233. Note that the extent of thedecrease can strongly vary depending on that how the scenario is implemented. Onaverage, COPACOBANA can find the correcte MRZ after (232/480) ·2.0µs which isapproximately 17.90 seconds.

6.3 Theoretical Estimation

In order to make the results of this thesis more complete, a theoretical estimate willbe performed in this section as a supplement to the practical part. Suppose that themission is to restore the passport date through decrypting the communication seg-ment, which was eavesdropped during a communication between the passport anda passport reader. However, differing from the previous scenarios, it is impossibleto obtain any hints or tips about the concerned MRZ. In this case, it is to estimatehow long the COPACOBANA will take to find the key. Doing the same as above, theestimate will be also performed in two situations.

6.3.1 For German Electronic Passport

Just like it is given in Section 4.1.2, the entropy of a whole MRZ becomes HGMEZ =

HGMEZnew,2′ = 51.72, if it is considered that there are roughly 5300 civil authories in

Germany. Thus, based on the average complexity, the COPACOBANA can find thecorrecte MRZ after (250/480) ·2.0µs which is approximately 54 days.

6.3.2 For Dutch Electronic Passport

According to the complexity analysis in Section 4.1.2, the entropy of the MRZ ofDutch electronic passport is HD

MEZ = HDMEZnew,1

= 50.58. Similarly, on average, theCOPACOBANA needs approximately 27 days to find a key.

63

Chapter 6 Results

64

Chapter 7

Conclusion and Future Work

At the end of this thesis, the last item to deal with is the conclusion of the whole work.In addition of that, there are still some points to clarify, both the problems that havebeen detected during the investigation, and also the recommendations that might beinteresting for future works.

7.1 Conclusion

This thesis dedicates to investigate the security of the electronic passport through thedemonstration of an optimum hardware approach against the Basic Access Controlprotocol. For this purpose, both the theoretical and practical cryptanalysis has beenperformed. It is based not only on German but also on Dutch electronic passportsystem, in order to make the conclusion more robust and reliable. Theoretically, thecomplexity to search the access keys for both systems would be just approximatelyequal the complexity of a single DES (See Section 6.3), if there are not any hints ortips for guessing the correct MRZ. But actually, the realistic assumption is that it isalmost always possible to find some information to make the guessing of the correctMRZ easier. As it was demonstrated through the scenarios in Chapter 4 and theimplementation in Chapter 5, with the hardware approach one can find the access keyin very short time (See Section 6.2), especially, when the correlation between passportnumber and date of expiry is known. However, as a fact, it has to be acknowledgedthat the implementation based on the correlation between passport number and dateof expiry leads not always to a correct result (See Section 5.2.3). As contrasted withthis, the implementation based on the Scenario 1 always bring the desired result,although the searching time is longer.

65

Chapter 7 Conclusion and Future Work

7.2 Future Works

Due to limitations of time and resources, the investigation’s scope was restricted. Asdescribed in Chapter 4, an absolutely meaningful investigation work, a simulationof the eavesdropping on the communication between passport and passport reader,was not the aim of this thesis and therefore, it was not carried out. Whereas manyarticles (i.e.[24],[9]) made speculation that the communication between passport andpassport reader can be eavesdropped from a range of 4 even 10 meter, the BSI hasrecently acknowledged that the eavesdropping is possible at a distance up to 2 meter[4]. Moreover, there are just a few of the articles which made this statement based ona practical experiment. Therefore, it is very interesting and meaningful to fulfill thisproject, yet.

Figure 7.1: SHA-1 with pipeline principle

66

7.2 Future Works

The second point, which is necessary to discuss (disregarding from the design cost ofCOPACOBANA), is that the layout of single FPGA and its searching speed are closelydependent on the architecture and the design principle of COPACOBANA. The MRZgenerator is required in our design, just because the machine can not offer a place,e.g., RAM, to store the keys, which can be actually obtained from previously compu-tations. If that becomes true, it would not be necessary to implement the SHA-1 andMRZ generator, so that it would be also possible that the searching system runs with100 Mhz frequency [21].As described in Section 5.2.2, the SHA-1 is the critical component which determinesthe main frequency of the whole system. Because it needs 80 rounds to generate ahash value. The only possible solution to accelerate the process is the pipeline archi-tecture. Also, due to limitation of available area of FPGA Xilinx Spartan-3 XC3S1000,the pipeline architecture is impossible to realize in our design. If we have more avail-able slices of FPGA, we would implement the SHA-1 with a pipeline architecture,which is shown in Figure 7.1. If we use this pipeline architecture within our designprinciple, the searching speed could be accelerated fourfold.

67

Chapter 7 Conclusion and Future Work

68

Appendix A

Population Age Distribution

Deutschland Bevolkerungsstand (Anzahl)31.12.2001 31.12.2002 31.12.2003 31.12.2004 31.12.2005

14-Jahrige 955683 979021 953449 964512 87680815-Jahrige 940218 959420 981339 955150 96536816-Jahrige 911412 945119 962594 983816 95683117-Jahrige 910945 916538 948796 965211 98533318-Jahrige 922226 917900 921679 953027 96801319-Jahrige 955826 934459 927797 930660 96024420-Jahrige 963199 969933 945735 938284 93966021-Jahrige 978755 976442 980454 955094 94722222-Jahrige 939322 992803 987005 989696 96450523-Jahrige 936609 952985 1003813 995985 99901624-Jahrige 936232 948860 962464 1011157 100340525-Jahrige 928552 946009 956147 967850 101684626-Jahrige 909454 936263 951628 959583 97185627-Jahrige 927431 916169 940907 954065 96263728-Jahrige 943227 933124 919707 942967 95621029-Jahrige 1038983 947840 935548 920783 94452830-Jahrige 1151707 1042534 949498 935934 92209631-Jahrige 1207656 1154077 1043319 948735 93679832-Jahrige 1299552 1209961 1154414 1042715 94909633-Jahrige 1364225 1300709 1209537 1153319 104254634-Jahrige 1399998 1364686 1300032 1208122 115264035-Jahrige 1440128 1400187 1363600 1298062 1206890

69

Appendix A Population Age Distribution

36-Jahrige 1450670 1439945 1398377 1361271 129642737-Jahrige 1476899 1450555 1438447 1396023 135934838-Jahrige 1468690 1476463 1448475 1436163 139424639-Jahrige 1424674 1468226 1474533 1446132 143423140-Jahrige 1404263 1424198 1466359 1471934 144413441-Jahrige 1367630 1403660 1422470 1463934 146954342-Jahrige 1325031 1366909 1401548 1419889 146160143-Jahrige 1259536 1324022 1364641 1399349 141759744-Jahrige 1236607 1258214 1321898 1361891 139712845-Jahrige 1207862 1234722 1256051 1319398 135943946-Jahrige 1174673 1205707 1232037 1253391 131663847-Jahrige 1157765 1172503 1202886 1228841 125064648-Jahrige 1124315 1155464 1169433 1199763 122576949-Jahrige 1128577 1121436 1152162 1166096 119651350-Jahrige 1108022 1125457 1117790 1148046 116245051-Jahrige 1117385 1104667 1121792 1113855 114419052-Jahrige 1080585 1113405 1100655 1117256 110960353-Jahrige 995557 1076523 1108775 1095815 111258054-Jahrige 939581 991293 1071635 1103272 109074555-Jahrige 826037 934937 986273 1065894 109758156-Jahrige 733724 821345 929925 980565 105973357-Jahrige 975354 729066 816200 923799 97444058-Jahrige 992976 968455 723816 810138 91767259-Jahrige 968067 985523 960921 718034 80403160-Jahrige 1171255 959970 976976 952224 71170961-Jahrige 1236424 1161033 951271 967657 94332162-Jahrige 1212233 1224590 1150029 941731 95789163-Jahrige 1130839 1199711 1211778 1138052 93175864-Jahrige 1054855 1118264 1186400 1198112 112534565-Jahrige 1024140 1042034 1104720 1171624 1183296

70

66-Jahrige 985463 1010252 1028050 1089904 115626767-Jahrige 912376 970422 995364 1013057 107464068-Jahrige 731607 896637 954207 979443 99741869-Jahrige 724474 717779 880013 937396 96277870-Jahrige 732099 709693 703388 862525 91968271-Jahrige 764629 715508 693668 688150 84434972-Jahrige 732999 745642 697782 677310 67331573-Jahrige 718511 712768 725229 679357 66034074-Jahrige 656444 696700 691416 704524 66204475-Jahrige 632558 634908 673450 669442 68260676-Jahrige 610897 610122 613167 649616 64625177-Jahrige 551956 587216 586192 589997 62456078-Jahrige 521892 528378 561897 562120 56547079-Jahrige 520874 496753 503089 536004 53623880-Jahrige 515478 492383 469764 477455 50841081-Jahrige 475438 483677 462122 443098 45043382-Jahrige 335240 442751 450653 432259 41447683-Jahrige 201446 309447 408189 418011 40071484-Jahrige 177109 184069 282744 374843 38397785 Jahre und mehr 1540092 1451680 1374891 1411316 1522810Insgesamt 82440309 82536680 82531671 82500849 82437995

(C)opyright Statistisches Bundesamt, Wiesbaden 2007Stand: 13.02.2007 17:27:18

71

Appendix A Population Age Distribution

72

Appendix B

Operation Results of BAC protocolImplementation

+------------------------------------------------+| programanfang |+------------------------------------------------+

*************************reader init*************************-->rfid_reader_open()reader Omnikey CardMan 5121 RFID,mit id: 0-->cm5121_open()usb-init

***********************************************************************************ISO-Norm init*************************-->iso_init()ISO 14443-3 A, mit id: 1-->iso14443a_anticol: UID 08 35 6c 9b

***********************************************************************************protocol init*************************-->protocol_init()ISO 14443-4 / T=CL, mit id: 1

***************************************************************************running basic access control******************-->key_generate()

73

Appendix B Operation Results of BAC protocol Implementation

mrzinfo =’5606####################’SHA1mrzinfo = b8 5d 51 3f 08 31 d5 1b ac 7a

11 22 48 f5 42 9c 40 61 ad 97Kseed = b8 5d 51 3f 08 31 d5 1b ac 7a 11 22 48 f5 42 9cKenc = ce 4f 73 a4 b3 4c ea ea 57 37 9b 7a d6 bf a1 c4Kmac = 6b 86 c2 c1 c7 75 1c 2a 4f 73 9d 10 32 a8 8c b0-->get_challenge()RND_ICC = 07 a1 00 13 3c ac 5e 13-->basic_authenticate()S = 09 95 ec c5 46 51 dc 5f 07 a1 00 13 3c ac 5e 1343 12 8d a5 f9 0f 6b 62 ab ea 03 db c3 79 34 fdEifd = c6 a4 cb 2e 76 92 50 d6 25 58 76 ea df 6d 67 bb

8f 79 4b 31 ee df 89 c6 5f c2 c9 56 77 62 92 e2Kmac = 6b 86 c2 c1 c7 75 1c 2a 4f 73 9d 10 32 a8 8c b0

*****************sending message to ePass******************cmd_data = 00 82 00 00 28 c6 a4 cb 2e 76 92 50 d6 25 5876 ea df 6d 67 bb 8f 79 4b 31 ee df 89 c6 5fc2 c9 56 77 62 92 e2 7b 2f 4a 33 ab 11 ca 5b28resp_apdu = 59 93 29 18 50 2e fa 48 2f 25 0a c1 48 c7 0956 e9 61 75 3f 39 86 fc 4c 1e db 07 b4 ed a2ea f0 7d 77 1b 93 54 00 6f a1 90 00

MAC correct!!RND.IFD correct!!RND.ICC correct!!Kseed = 35 8e 62 1c 20 6d d6 4c a4 07 2d 42 73 23 d5 bcKSenc = 04 a8 64 16 e0 c2 bf 57 c4 3b 2f 80 43 a4 89 73KSmac = c7 f8 bf b3 b5 b0 10 ab 6d a4 b6 fd 01 ab 04 32

bac protocol successful!!!

*************************************************************************************selecting EF.COM************************cmd_data = 0c a4 02 0c 80 00 00 00 87 0901 ae 25 8a 81 bf ad ff 5aCC= c7 7d 3a e3 2c b7 89 96

74

← private date,HIDDEN!

ProtectedAPDU = 0c a4 02 0c 15 87 09 01 ae 25 8a 81 bfad ff 5a 8e 08 c7 7d 3a e3 2c b7 89 96 00

resp_apdu = 99 02 90 00 8e 08 6a fa 8d 42 c9 6e aa be 90 00

***********************reading EF.COM*************************cmd_hdr = 0c b0 00 00 80 00 00 00CC= c8 c2 a2 5f 26 df d6 4fProtectedAPDU = 0c b0 00 00 0d 97 01 16 8e

08 c8 c2 a2 5f 26 df d6 4f 00RAPDU = 87 19 01 c0 eb 8d a6 57 e1 78 d2 6b d4 02 91

e5 d1 9f 58 fa a7 ef a7 9e d5 db 12 99 02 90 008e 08 c6 56 ef 90 bb d5 71 c5 90 00

DO87 [25] = 01 c0 eb 8d a6 57 e1 78 d2 6b d4 02 91e5 d1 9f 58 fa a7 ef a7 9e d5 db 12

DO99 [2] = 90 00DO8E [8] = c6 56 ef 90 bb d5 71 c5SSC=0x0xbfd48498=[ 3c ac 5e 13 46 51 dc 63]Data= 87 19 01 c0 eb 8d a6 57 e1 78 d2 6b d4 02 91

e5 d1 9f 58 fa a7 ef a7 9e d5 db 12 99 02 90 00dst = 87 19 01 c0CC= c6 56 ef 90 bb d5 71 c5rx [24] = 60 14 5f 01 04 30 31 30 37 5f 36 06

30 34 30 30 30 30 5c 02 61 75 90 00already_read = 22bytes_to_read =44cmd = 00 b0 00 16 2ccmd_hdr = 0c b0 00 16 80 00 00 00DO97 = 97 01 2cM = 0c b0 00 16 80 00 00 00 97 01 2cSSC=0x0xbfd484a8=[ 3c ac 5e 13 46 51 dc 64]Data= 0c b0 00 16 80 00 00 00 97 01 2cCC= 45 38 08 55 24 fa ff 77ProtectedAPDU = 0c b0 00 16 0d 97 01 2c 8e

08 45 38 08 55 24 fa ff 77 00

l2 transceive finishedRAPDU = 99 02 6b 00 8e 08 03 b5 d6 2e 45 ee 34 0e 6b 00DO99 [2] = 6b 00

75


DO8E [8] = 03 b5 d6 2e 45 ee 34 0eSSC=0x0xbfd48498=[ 3c ac 5e 13 46 51 dc 65]Data= 99 02 6b 00CC= 03 b5 d6 2e 45 ee 34 0e

parsing EF.COM

********************************************

selecting EF.DG1

********************************************cmd_hdr = 0c a4 02 0c 80 00 00 00Data = 01 01 80 00 00 00 00 00TLV87 = 87 09 01 00 80 00 00 00 00DO87 = 87 09 01 5a e7 61 d0 0f fd 48 deM = 0c a4 02 0c 80 00 00 00

87 09 01 5a e7 61 d0 0f fd 48 deSSC=0x0xbfd48578=[ 3c ac 5e 13 46 51 dc 66]Data= 0c a4 02 0c 80 00 00 00 87 09 01 5a e7 61 d0 0f fd 48 deCC= 86 33 d9 70 0f 1e be 91ProtectedAPDU = 0c a4 02 0c 15 87 09 01 5a e7 61 d0 0f

fd 48 de 8e 08 86 33 d9 70 0f 1e be 91 0018 [ 02 99 02 90 00 8e 08 7d 40 fb 18 05 a5 ed b0 90 00]l2 transceive finishedRAPDU = 99 02 90 00 8e 08 7d 40 fb 18 05 a5 ed b0 90 00DO99 [2] = 90 00DO8E [8] = 7d 40 fb 18 05 a5 ed b0SSC=0x0xbfd48568=[ 3c ac 5e 13 46 51 dc 67]Data= 99 02 90 00CC= 7d 40 fb 18 05 a5 ed b0rx [2] = 90 00

..readingcmd = 00 b0 00 00 16cmd_hdr = 0c b0 00 00 80 00 00 00DO97 = 97 01 16M = 0c b0 00 00 80 00 00 00 97 01 16SSC=0x0xbfd484a8=[ 3c ac 5e 13 46 51 dc 68]Data= 0c b0 00 00 80 00 00 00 97 01 16

76

CC= 89 ca 76 d9 ff 4b 24 44ProtectedAPDU = 0c b0 00 00 0d 97 01 16 8e 08

89 ca 76 d9 ff 4b 24 44 0045 [ 03 87 19 01 92 d4 a1 63 18 cc f2 88 0e 94 b7 96 93ed f0 f0 e3 0b 60 cd 5f 05 ae 16 99 02 90 00 8e 08 fcdd d0 08 5d f4 18 33 90 00]l2 transceive finishedRAPDU = 87 19 01 92 d4 a1 63 18 cc f2 88 0e 94 b7 96 93

ed f0 f0 e3 0b 60 cd 5f 05 ae 16 99 02 90 00 8e08 fc dd d0 08 5d f4 18 33 90 00

DO87 [25] = 01 92 d4 a1 63 18 cc f2 88 0e 94 b796 93 ed f0 f0 e3 0b 60 cd 5f 05 ae 16

DO99 [2] = 90 00DO8E [8] = fc dd d0 08 5d f4 18 33SSC=0x0xbfd48498=[ 3c ac 5e 13 46 51 dc 69]Data= 87 19 01 92 d4 a1 63 18 cc f2 88 0e 94 b7 96

93 ed f0 f0 e3 0b 60 cd 5f 05 ae 16 99 02 90 00dst = 87 19 01 92CC= fc dd d0 08 5d f4 18 33rx [24] = 61 5b 5f 1f 58 50 3c 44 3c 3c 57 4f

4c 46 3c 3c 4d 41 52 4b 4f 3c 90 00cmd_hdr = 0c b0 00 16 80 00 00 00DO97 = 97 01 2cM = 0c b0 00 16 80 00 00 00 97 01 2cSSC=0x0xbfd484a8=[ 3c ac 5e 13 46 51 dc 6a]Data= 0c b0 00 16 80 00 00 00 97 01 2cdst = 0c b0 00 16CC= 11 eb 29 56 58 7c 5a 67ProtectedAPDU = 0c b0 00 16 0d 97 01 2c 8e 08

11 eb 29 56 58 7c 5a 67 0063 [ 12 87 31 01 58 e8 79 01 df 57 e9 2f 59 eb be cd73 4c 6f fe b5 38 99 55 6a 36 02 21 6e 7b e0 37 fb 6f35 b8 c0 c9 de ff 8c 8f c0 9e 66 f3 cb b1 c7 b0 0a 0199 02 90 00 8e 08 59 3a 14 ec]l2 transceive finished61 bytesnot the last frame in the chain, continue

77


8 [ 03 4c b3 3c 1d 90 00]l2 transceive finishedRAPDU = 87 31 01 58 e8 79 01 df 57 e9 2f 59 eb be cd

73 4c 6f fe b5 38 99 55 6a 36 02 21 6e 7b e037 fb 6f 35 b8 c0 c9 de ff 8c 8f c0 9e 66 f3cb b1 c7 b0 0a 01 99 02 90 00 8e 08 59 3a 14ec 4c b3 3c 1d 90 00

DO87 [49] = 01 58 e8 79 01 df 57 e9 2f 59 eb be cd73 4c 6f fe b5 38 99 55 6a 36 02 21 6e7b e0 37 fb 6f 35 b8 c0 c9 de ff 8c 8fc0 9e 66 f3 cb b1 c7 b0 0a 01

DO99 [2] = 90 00DO8E [8] = 59 3a 14 ec 4c b3 3c 1dSSC=0x0xbfd48498=[ 3c ac 5e 13 46 51 dc 6b]Data= 87 31 01 58 e8 79 01 df 57 e9 2f 59 eb be cd 73

4c 6f fe b5 38 99 55 6a 36 02 21 6e 7b e0 37 fb6f 35 b8 c0 c9 de ff 8c 8f c0 9e 66 f3 cb b1 c7b0 0a 01 99 02 90 00

dst = 87 31 01 58CC= 59 3a 14 ec 4c b3 3c 1drx [46] = 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c

3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3536 30 36 39 31 39 37 35 32 44 3c 3c 37 3630 37 90 00

already_read = 66bytes_to_read =88cmd = 00 b0 00 42 58cmd_hdr = 0c b0 00 42 80 00 00 00DO97 = 97 01 58M = 0c b0 00 42 80 00 00 00 97 01 58SSC=0x0xbfd484a8=[ 3c ac 5e 13 46 51 dc 6c]Data= 0c b0 00 42 80 00 00 00 97 01 58CC= b2 3c 62 50 4d 80 17 faProtectedAPDU = 0c b0 00 42 0d 97 01 58 8e 08

b2 3c 62 50 4d 80 17 fa 0053 [ 02 87 21 01 07 20 26 a9 06 b7 d0 10 90 37 ee 28d9 27 cf b8 07 a8 b8 d8 cc 20 59 01 b3 6d 19 14 8e d8fc f8 99 02 62 82 8e 08 bf cf b8 ca 10 89 68 61 62 82]

78

l2 transceive finished51 bytesRAPDU = 87 21 01 07 20 26 a9 06 b7 d0 10 90 37 ee 28

d9 27 cf b8 07 a8 b8 d8 cc 20 59 01 b3 6d 1914 8e d8 fc f8 99 02 62 82 8e 08 bf cf b8 ca10 89 68 61 62 82

DO87 [33] = 01 07 20 26 a9 06 b7 d0 10 90 37 ee 28d9 27 cf b8 07 a8 b8 d8 cc 20 59 01 b36d 19 14 8e d8 fc f8

DO99 [2] = 62 82DO8E [8] = bf cf b8 ca 10 89 68 61SSC=0x0xbfd48498=[ 3c ac 5e 13 46 51 dc 6d]Data= 87 21 01 07 20 26 a9 06 b7 d0 10 90 37 ee 28

d9 27 cf b8 07 a8 b8 d8 cc 20 59 01 b3 6d 1914 8e d8 fc f8 99 02 62 82

CC= bf cf b8 ca 10 89 68 61CC = bf cf b8 ca 10 89 68 61rx [29] = 31 37 36 4d 31 36 30 31 30 32 34 3c 3c 3c

3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 3c 36 62 82already_read = 154bytes_to_read =176cmd = 00 b0 00 9a b0cmd_hdr = 0c b0 00 9a 80 00 00 00DO97 = 97 02 ff b0M = 0c b0 00 9a 80 00 00 00 97 02 ff b0SSC=0x0xbfd484a8=[ 3c ac 5e 13 46 51 dc 6e]Data= 0c b0 00 9a 80 00 00 00 97 02 ff b0CC= 24 1a 97 85 a3 a1 88 aaProtectedAPDU = 0c b0 00 9a 0e 97 02 ff b0 8e

08 24 1a 97 85 a3 a1 88 aa 00l2 transceive finished

79


80

Appendix C

An Exemplary Collection of MRZ

Authority identification code MRZ information Passports per day5600 560009213276033071605125 50

5600128646810612616072445601 560108311378122041604106 50

5601128643690622916072445602 560212003579081501604276 60

5602159031720125316070155603 560327131482100251605273 70

5603302812720907516071185604 560413110777032301605128 55

5604166851780513416071635605 560511003576010371605147 50

5605145033690803816072335606 560612867173033081606018 50

5606155673831110616072445607 560708273872063061603121 50

5607149736810612616072445608 560809003175011261605088 50

5608128538840612516072445609 560908213476033071603121 50

560914913281061261607244

81

Appendix C An Exemplary Collection of MRZ

82

Appendix D

Bibliography

[1] ISO/IEC 7498-1. Information Technology Open Systems Interconnection Basic Ref-erence Model: The Basic Model.

[2] BSI. Untersuchung der Leistungsfahigkeit von Gesichtserkennungssystemen zum ge-planten Einsatz in Lichtbilddokumenten - BioP I, April 2004. Version 1.1.

[3] BSI. Untersuchung der Leistungsfahigkeit von biometrischen Verifikationssystemen -BioP II, August 2005. Version 2.0.

[4] G. Schabhuser BSI. Offentliche Anhorung im Innenausschuss des DeutschenBundestages; Aufnahme biometrischer Merkmale in den Reisepass - Anderung desPassG;, March 2007. http://www.bundestag.de/ausschuesse/a04/anhoerungen/Anhoerung07/Stellungnahmen_SV/Stellungnahme06.pdf.

[5] United States Congress. Enhanced Border Security and Visa Entry Reform Act of2002, 2002.

[6] Kommission der Europaischen Gemeinschaften. Entscheidung der Kommis-sion uber die technischen Spezifikationen zu Normen fur Sicherheitsmerkmale undbiometrische Daten in von den Mitgliedsstaaten ausgestellten Passen und Reisedoku-menten, 2005.

[7] T. Finke and H. Kelter. Abhormoglichkeiten der Kommunikation zwischen Lesegeratund Transponder am Beispiel eines ISO14443-Systems. http://www.bsi.de/fachthem/rfid/whitepaper.htm.

[8] K. Finkenzeller. RFID-Handbuch. Carl Hanser, 2002. 3. Aufl.

[9] Gerhard P. Hancke. Practical attacks on proximity identification systems. InSP ’06: Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P’06),pages 328–333, Washington, DC, USA, 2006. IEEE Computer Society.

83

http://www.bundestag.de/ausschuesse/a04/anhoerungen/Anhoerung07/Stellungnahmen_SV/Stellungnahme06.pdf



http://www.bsi.de/fachthem/rfid/whitepaper.htm

http://www.bsi.de/fachthem/rfid/whitepaper.htm

Appendix D Bibliography

[10] J. Hoepman, E. Hubbers, B. Jacobs, M. Oostdijk, and Ronny W. Schreur. Crossingborders: Security and privacy issues of the european e-passport. In Y. Hiroshi,S. Kouichi, R. Kai, M. Yuko, and K. Shin-ichi, editors, Advances in Information andComputer Security, First International Workshop on Security – IWSEC, volume 4266of Lecture Notes in Computer Science, pages 152–167, Kyoto, Japan, October 2006.Springer-Verlag.

[11] ICAO. Biometrics Deployment of Machine Readable Travel Documents, May 2004.Version 2.0.

[12] ICAO. Development Of A Logical Data Structure - LDS for Optional Capacity Expan-sion Technologies, May 2004. Revision 1.7.

[13] ICAO. Issuance of Machine Readable Travel Documents, October 2004.

[14] ICAO. PKI for Machine Readable Travel Documents offering ICC Read-Only Access,October 2004. Version - 1.1.

[15] ICAO. Machine Readable Travel Documents, June 2006. Release 4,Final draft.

[16] ISO/IEC. Identification cards - Contactless integrated circuit(s) cards - Proximitycards, Part 1: Physical characteristics, October 1997. ISO/IEC 14443-1.

[17] ISO/IEC. Identification cards - Contactless integrated circuit(s) cards - Proximitycards, Part 2: Radio frequency power and signal interface, March 1999. ISO/IEC14443-2.

[18] ISO/IEC. Identification cards - Contactless integrated circuit(s) cards - Proximitycards, Part 3: Initialization and anticollision, June 1999. ISO/IEC 14443-3.

[19] ISO/IEC. Identification cards - Contactless integrated circuit(s) cards - Proximitycards, Part 4: Transmission protocol, March 2000. ISO/IEC 14443-4.

[20] Gaurav S. Kc and Paul A. Karger. Preventing Security and Privacy Attacks on Ma-chine Readable Travel Documents (MRTDs). http://citeseer.ist.psu.edu/kc05preventing.html.

[21] S. Kumar, C. Paar, J. Pelzl, G. Pfeiffer, and M. Schimmler. Breaking cipherswith copacobana a cost-optimized parallel code breaker. at the Workshopon Cryptographic Hardware and Embedded Systems - CHES 2006, Yoko-hama, Japan, October 2006. http://www.crypto.ruhr-uni-bochum.de/imperia/md/content/texte/publications/selectedtalks/ches2006_copacobana.pdf.

84

http://citeseer.ist.psu.edu/kc05preventing.html

http://citeseer.ist.psu.edu/kc05preventing.html

http://www.crypto.ruhr-uni-bochum.de/imperia/md/content/texte/publications/selectedtalks/ches2006_copacobana.pdf



Appendix D Bibliography

[22] Riscure Security Lab. epassport privacy attack. at the Cards AsiaSingapore, Singapore, April 2006. http://www.riscure.com/2_news/200604CardsAsiaSingePassportPrivacy.pdf.

[23] David J.C. MacKay. Information Theory, Inference and Learning Algorithms. Cam-bridge University Press, September 2003.

[24] D. Monar, A. Juels, and D. Wagner. Security and privacy issues in e-passports.Cryptology ePrint Archive, Report 2005/095, 2005. http://eprint.iacr.org/.

[25] U.S. DEPARTMENT OF COMMERCE/National Institute of Standards andTechnology. Data Encryption Standard, 1977. http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf.

[26] U.S. DEPARTMENT OF COMMERCE/National Institute of Standards and Tech-nology. Secure Hash Standard, April 1995. http://www.itl.nist.gov/fipspubs/fip180-1.htm.

[27] openmrtd. http://openmrtd.org/.

[28] W. Rankl and W. Effing. Handbuch der Chipkarten. Carl Hanser Verlag, 2002. 4.Aufl.

[29] VHDL-87. IEEE Std 1076-1987, IEEE Standard VHDL Language Reference Manual,1988. IEEE, New York, USA,.

[30] VHDL-93. IEEE Std 1076-1993, IEEE Standard VHDL Language Reference Manua,1994. IEEE, New York, USA,.

85

http://www.riscure.com/2_news/200604 CardsAsiaSing ePassport Privacy.pdf

http://www.riscure.com/2_news/200604 CardsAsiaSing ePassport Privacy.pdf

http://eprint.iacr.org/

http://eprint.iacr.org/

http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf

http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf

http://www.itl.nist.gov/fipspubs/fip180-1.htm

http://www.itl.nist.gov/fipspubs/fip180-1.htm

http://openmrtd.org/

Implementation based security analysis of the electronic passport · 2010. 4. 21. · Diploma...

Documents

Transcript of Implementation based security analysis of the electronic passport · 2010. 4. 21. · Diploma...