This is cache of http://www.schneier.com/blog/archives/2008/08/uk_electronic_p.html. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
UK Electronic Passport Cloned
2008-08-07 06:11:52 by schneier in Schneier on Security
 

The headline says it all: "‘Fakeproof’ e-passport is cloned in minutes."

Does this surprise anyone? This is what I wrote about electronic passports two years ago in The Washington Post:

The other security mechanisms are also vulnerable, and several security researchers have already discovered flaws. One found that he could identify individual chips via unique characteristics of the radio transmissions. Another successfully cloned a chip. The State Department called this a "meaningless stunt," pointing out that the researcher could not read or change the data. But the researcher spent only two weeks trying; the security of your passport has to be strong enough to last 10 years.

This is perhaps the greatest risk. The security mechanisms on your passport chip have to last the lifetime of your passport. It is as ridiculous to think that passport security will remain secure for that long as it would be to think that you won't see another security update for Microsoft Windows in that time. Improvements in antenna technology will certainly increase the distance at which they can be read and might even allow unauthorized readers to penetrate the shielding.

 
Tags: passport, passport chip, fakeproof e-passport, security, passport security, security researchers, security mechanisms, chip, antenna technology
 
 
 
 
 
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia