About Machine-Readable Travel Documents
Passports are now equipped with RFID chips that contain private information, biometric data, and a digital signature by issuing authorities. We review most of applicable security and privacy issues. We argue that the main privacy issue is not unauthorized access through radio channel or data skimming as claimed before, but rather the leakage of a digital signature by government authorities for private data. To fix this, we rather need the e-passport to prove the knowledge of a valid signature in a non-transferable way. Besides, several identification protocols such as GPS identification in RFID could lead to challenge semantics attacks that are privacy threats. To fix this, we also need some kind of non-transferability. In 2003, Steinfeld et al. proposed the universal designated-verifier signature (UDVS) primitive. Its drawback is in demanding verifiers to have public keys authenticated by the passport. One compromise was proposed by Baek et al. with the UDVSP primitive. We show that UDVSP does not provide non-transferability and fix it by using zero-knowledge proof of knowledge. We propose a simple method to protect Sigma-protocols against offline Mafia fraud and challenge semantics. We apply this by proposing a simple protocol based on Guillou-Quisquater identification that only requires two RSA computations and would substantially enhance the privacy of the e-passport bearer.
Record created on 2007-08-27, modified on 2016-08-08