English: The electronic passport is cracked

A security expert has successfully deciphered one of Britain's new biometric passports, which the government hopes will help reduce border crime and illegal immigration.

The attack method uses only regular RFID readers and personalized codes to retrieve data from an RFID chip from a passport wrapped in a sealed envelope - disclosed by Adam Laurie, a consultant. about RFID security and Bluetooth. With this kind of attack, the passport bearer who didn't know his information was stolen.

Picture 1 of English: The electronic passport is cracked A year ago, the British government began issuing RFID electronic passports, combined with fingerprints and on-chip biometric data, despite concerns about how to store and handle forms. this data. This RFID chip contains many of the passport's personal information, including photos, and security technology to detect unauthorized changes.

Laurie said the attack was done on the passport still in the original envelope when it was moved from the passport holder. Laurie put the device to read data near the passport to get information from the RFID chip inside.

According to Laurie, the data on the passport's chip is locked until the RFID reader provides an encryption key. Key code is calculated based on the combination of passport holder's personal data (such as birth date) with a region called MZR (machine-readable zone) consisting of a string of characters and printed numbers. at the bottom of the first page of the passport.

To scan an RFID chip, Laurie used ACG ID's RFID reader. The data obtained allows Laurie to create an exact copy of the passport.