icao rfi authentication 05182005pak - ibm...icao could establish its own certificate authority, but...

Thomas J. Watson Research Center

24 May 2005 | ICAO RFI - Authentication © 2005 IBM Corporation

ICAO RFI Response:Privacy-Preserving Two-Way Authentication Protocol

Paul A. [email protected]

2

IBM Research Division

ICAO RFI - Authentication © 2005 IBM Corporation

Assumptions

IBM is presenting two different responses to the ICAO New Technologies Working Group RFI issued in the fall of 2004

– Privacy Preserving Two-Way Authentication Protocol– Caernarvon Operating System

Each response will be presented as a separate talk with 5 minutes for questions after each talk – total time for both talks is 1 hourAudience is familiar with ICAO cryptographic proposals for MRTDs, using contactless smart cardsWe will be available after the talk for more detailed questions

3



Improving the Security of MRTDsWe want to thank ICAO for inviting us to present our technologies

We agree that there is a major need for improving the security of travel documents in general and passports in particular

Our presentations are aimed at ensuring that the security of MRTDs is genuinely improved during the transition from paper to contactless smart cards

In particular, we will present the privacy-presevingCaernarvon Authentication Protocol that IBM has already been adopted as a CEN standard, with no proprietary restrictions of any kind.

4



Levels of Authentication Specified by ICAO

Passive Authentication– Digital signing of the various data elements by the issuing State

– Detects attempts to tamper with the stored data

Active Authentication– Optional challenge-response protocol to prevent chip substitution

5



Levels of Access Control Specified by ICAONone

– It is permitted to have no access control over the information

Basic Access Control– Optional encryption mechanism to protect against skimming of

data from the over-the-air interface– Cryptographic key is derived from information printed on the

passport

Extended Access Control– Optional additional encryption mechanism to provide additional

protection for biometrics– Unspecified at this time

6



Challenges with Current Access Control ApproachesNo encryption required – passive authentication only

– A variety of studies (including one by NIST) have shown that it is possible to read contactless smart cards from distances greater than a few centimeters, particularly when the card is currently communicating with a legitimate reader

– At least one passport authority has changed its policy recently to require the use of Basic Access Control

– In theory, ICAO should require Basic Access Control as a minimum for all countries, as the issues affect all passport holders in all countries

Issue – Basic Access Control has weaknesses that make protecting sensitive information (i.e.: fingerprints or social security numbers) difficultOur goal is to make sure that anyone trying to read data off the chip is legitimately authorized to read that data

7



Basic Access Control Overview and Entropy ProblemBasic Access Control derives a cryptographic key from the data printed on the passport

– Key is derived from a hash of the document number, the date of birth, and the date of expiry

– Key is used for secure messaging between the passport and the reader

– This stops simple skimming attacks where the adversary attempts to read passports of people passing by

– ICAO PKI report (Section G) points out that this is insufficiententropy

– Brute force attacks might be possible if the attacker is close to the passport for a long period of time (such as on an extended traintrip)

But this is not the most serious issue

8



Basic Access Control – Unauthorized Access

Anyone who can see the information page of the passport can access the data in the chip

– Immigration officers are OK, but this also includes

– Hotel desk clerks

– Anyone cashing a traveler’s check for the passport holder

– If the passport is used as a National ID card– Clerks at rental car counters– Pharmacists– Librarians– Etc.

In general, these people need to see the passport, but do NOT need to have access to the biometrics

9



What if the biometrics are compromised?

Photographs are not a big issue – your face is always out there, although having the precise digital photograph might help a bad guy

Fingerprints are a big issue – having the digital copy of the fingerprint will make it easier to deceive fingerprint readers

– See Matsumoto’s papers and Thalheim, Krissler, and Ziegler’s paper on deceiving fingerprint readers

Could be a serious problem for unattended immigration stations

Could be used to attack other security systems (not immigration) that have unattended fingerprint readers

10



Summary of Basic Access Control RisksSome countries are only storing a photograph and basic identification information on the passport chip

– No fingerprints or social security numbers– Only name, date of birth, citizenship (basic MRZ data)– Basic Access Control can protect this information from

skimmers, although the entropy should be increased with a random nonce added to the MRZ data and to the hash.

Some countries are including fingerprints or other more sensitive information now

– Basic Access Control is insufficient for this more sensitive information

– An internationally agreed-upon Extended Access Control solution is needed now for these countries

11



Extended Access Control is Needed

IBM has developed a privacy-preserving authentication protocol for smart cards

Called Caernarvon authentication protocol

Due to the weaknesses of Basic Access Control, we feel that ALL passports should use this protocol to control access the information on the passport

– Defeats brute force attacks on the entropy

– Simplifies readers – only one protocol to implement

– Essential for National ID cards

12



Goals of Caernarvon Authentication Protocol

Privacy protection for the smart card holder– Existing standards for smart card authentication unnecessarily

expose card holders identity

Protocol proven correct

Submitted to standards groups– Adopted by CEN - Application Interface for smart cards used as

Secure Signature Creation Devices - Part 1: Basic requirements -CWA 14890-1

– Global Platform

13



Privacy Preserving ProtocolBased on SIGMA (SIGn and Mac) family of protocols, including IKE

– Part of IPSEC – standards based– Formally proven

SIGMA protocols better protect privacy– Key is negotiated before any identities are exchanged– Once key is agreed upon, all further communications are encrypted

Caernarvon protocol– Requires that the reader authenticate first, then the card

– Underlying protocol is symmetric, but someone has to go first– Needs for privacy are NOT symmetric – an immigration station

does not move around – passport holders do– Once the reader has authenticated, the card can make a security

policy determination of whether to reveal the card holder’s identify

14



Privacy-Preserving Protocol

1. Starts with a Diffie-Hellman key exchange to establish a session key– Protects the remainder of the protocol from eavesdroppers

2. Reader proves identity to the passport chip

3. Smart card makes a policy decision about whether the reader is authorized

4. If the reader is authorized, then and only then does the passport chip prove its identity to the reader

15



Access Control Policy Decisions

What the policy should be needs to be determined by the issuing country

– Immigration officials

– Law enforcement officials

– Commercial entities

– Etc.

16



Centralized PKI is not requiredICAO could establish its own certificate authority, but this is undesirable for many reasons

Several other options exist– Each country could submit its authentication public key to ICAO,

and each passport-issuing country would sign the certificate and return the signed certificate to ICAO (or the originating country). The reader would know which certificate to send to the passport from country information in the OCR data

– Order n2 problem, but n will never be greater than 200 and more likely will be around 30-50 (Visa waiver countries)

– Immigration stations could be online and make a network connection back to the passport issuing country that would verify and sign the certificate

– More sophisticated options are in the next talk

17



Standards

IBM has not kept the authentication protocol proprietary– Based on IKE that is already a standard part of IPSEC

We have submitted it to – eSign (adopted as CEN standard)

– Global Platform

Could be implemented on any smart card with suitable public key cryptographic hardware

18



ReferencesKc, G.S. and P.A. Karger, Security and Privacy Issues in Machine Readable Travel Documents (MRTDs), RC23575 (W0504-003), 1 April 2005, IBM Corporation, Thomas J. Watson Research Center: Yorktown Heights, NY. URL: http://www.research.ibm.com/resources/paper_search.html Submitted to ESORICS 2005

Scherzer, H., R. Canetti, P.A. Karger, H. Krawczyk, T. Rabin, and D.C. Toll. Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card. in 8th European Symposium on Research in Computer Security (ESORICS 2003). 13-15 October 2003, Gjøvik, Norway:Lecture Notes in Computer Science Vol. 2808. Springer Verlag. p. 181-200.

Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic requirements, CWA 14890-1, March 2004, ComitéEuropéen de Normalisation (CEN): Brussels, Belgium. URL: ftp://ftp.cenorm.be/PUBLIC/CWAs/e-Europe/eSign/cwa14890-01-2004-Mar.pdf