This bachelor thesis in cooperation with NXP, analyzes the Austrian ePassport (MRTD with RFID chip) and outlines security and privacy issues, with corresponding emphasis on the implemented protocol (BAC, EAC).
The new ePassport, which contains a contact less smart card controller with the personal data of the passport holder, has already been issued in the middle of 2006 in several countries. The security methods of those passports are specified by the guidelines of the internationally civil aviation organization (ICAO) and used worldwide.
Several vulnerabilities could be found in the procedures by analyzing the security methods and investigating possible attacks. In particular, the access controls, which were developed for the protection of the personal data, offer a wide range of attacks. Without any optional protocols, it is even possible to gather the personal data of the passport holder while passing by. Even with the implementation of optional access controls and encrypted communication it is still possible to eavesdrop unnoticed from a several meters distance and decode the data within a few hours. In combination with the portrait of the passport holder, which is digitized in a very high quality on the chip and transferred with each passport control, the ePassport makes it possible to gather a new identity easily.
A serious problem is the possibility to uniquely identify an ePassports. Without optional protocols, person profiles and thus personal bombs can be built due to the personal data.
In 2008, the European Union stores further biometric data on the ePassport, which could be abused for certain access controls if the ePassport is stolen. Therefore, the question comes up whether the ePassport actually offers more security or is a huge risk, like renowned technologists state.