[Infowarrior] - New British passport 'security' cracked in 48 hours

[Richard Forno]

Three million Britons have been issued with the new hi-tech passport,
designed to frustrate terrorists and fraudsters. So why did Steve Boggan and
a friendly computer expert find it so easy to break the security codes?

Friday November 17, 2006
The Guardian
http://www.guardian.co.uk/idcards/story/0,,1950226,00.html

Six months ago, with the help of a rather scary computer expert, I
deconstructed the life of an airline passenger simply by using information
garnered from a boarding-pass stub he had thrown into a dustbin on the
Heathrow Express. By using his British Airways frequent-flyer number and
buying a ticket in his name on the airline's website, we were able to access
his personal data, passport number, date of birth and nationality. Based on
this information, using publicly available databases, we found out where he
lived, his profession, all his academic qualifications and even how much his
house was worth.

It would have been only a short hop to stealing his identity, committing
fraud in his name and generally ruining his life.

Great news then, we thought, that the UK had just begun to issue new,
ultra-secure passports, incorporating tiny microchips to store the holder's
details and a digital description of their physical features (known in the
jargon as biometrics). These, the argument went, would make identity theft
much more difficult and pave the way for the government's proposed ID cards
in 2008 or 2009.

Today, some three million such passports have been issued, and they don't
look so secure. I am sitting with my scary computer man and we have just
sucked out all the supposedly secure data and biometric information from
three new passports and displayed it all on a laptop computer.

The UK Identity and Passport Service website says the new documents are
protected by "an advanced digital encryption technique". So how come we have
the information? What could criminals or terrorists do with it? And what
could it mean for the passports and the ID cards that are meant to follow?

First it is necessary to explain why the new passports were introduced, and
how they work.After the 9/11 attack on the World Trade Centre, in which fake
passports were used, the US decided it wanted foreign citizens who presented
themselves at its borders to have more secure "machine-readable" identity
documents. It told 27 countries that participated in a visa waiver programme
that citizens with passports issued after the 26th of last month must have
micro-chipped biometric passports or would have to apply for a US visa.
Among those 27 countries are the major EU members, and other friendly
nations ranging from Andorra and Iceland to Singapore, Japan and Brunei. The
UK, of course, is also included.

Standards for the new passports were set by the International Civil Aviation
Organisation (ICAO) in 2003 and adopted by the waiver countries and the US.
The ICAO recommended that passports should contain facial biometrics, though
countries could introduce fingerprints at a later date. All these would be
stored on a Radio Frequency Identification (RFID) microchip, which can be
accessed from a short distance using radio waves. Similar chips are commonly
found in retail, where they are used for stock control.

Fatally, however, the ICAO suggested that the key needed to access the data
on the chips should be comprised of, in the following order, the passport
number, the holder's date of birth and the passport expiry date, all of
which are contained on the printed page of the passport on a "machine
readable zone." When an immigration official swipes the passport through a
reader, this feeds in the key, which allows a microchip reader to
communicate with the RFID chip. The data this contains, including the
holder's picture, is then displayed on the official's screen. The assumption
at this stage is that this document is as authentic as it is super-secure.
And, as we shall see later, this could be highly significant.

Once the passports began to be issued in the UK in March, we began laying
the foundations for examining them. Phil Booth, national coordinator of the
campaign group NO2ID, suggested to his members that they apply for a new
passport. Anyone who gets one before ID cards are rolled out will not have
to register for a card until their passports expire in 10 years' time, and
this appealed to Booth.

At the same time, Adam Laurie, my computer expert and technical director of
the Bunker Secure Hosting, a Kent-based computer security company, and I
began laying plans to examine the new passports. Laurie is actually not a
scary individual - he is regarded in the industry as a technical wizard who
cares about privacy and civil rights - but much of the electronic
information he uncovers is. Two years ago, he revealed that Bluetooth mobile
phones could be accessed remotely, drained of their contact details, diary
entries and pictures, and manipulated to act as bugging devices. The
cellphone industry spent millions of pounds plugging the gaps he exposed.

By last month, Booth, Laurie and I each had access to a new biometric
chipped passport and were ready to begin testing them. Laurie's first port
of call was the ICAO's website, where the organisation had published
specifications for the new travel documents. This is where he learned that
the key to opening up the secure chip was contained in the passports
themselves - passport number, date of birth and expiry date.

"I was amazed that they made it so easy," Laurie says. "The information
contained in the chip is not encrypted, but to access it you have to start
up an encrypted conversation between the reader and the RFID chip in the
passport.

"The reader - I bought one for £250 - has to say hello to the chip and tell
it that it is authorised to make contact. The key to that is in the date of
birth, etc. Once they communicate, the conversation is encrypted, but I
wrote some software in about 48 hours that made sense of it.

"The Home Office has adopted a very high encryption technology called 3DES -
that is, to a military-level data-encryption standard times three. So they
are using strong cryptography to prevent conversations between the passport
and the reader being eavesdropped, but they are then breaking one of the
fundamental principles of encryption by using non-secret information
actually published in the passport to create a 'secret key'. That is the
equivalent of installing a solid steel front door to your house and then
putting the key under the mat."

Within minutes of applying the three passports to the reader, the
information from all of them has been copied and the holders' images appear
on the screen of Laurie's laptop. The passports belong to Booth, and to
Laurie's son, Max, and my partner, who have all given their permission.

Booth is staggered. He has undercut Laurie by finding an RFID reader for
£174, which also works. "This is simply not supposed to happen," Booth says.
"This could provide a bonanza for counterfeiters because drawing the
information from the chip, complete with the digital signature it contains,
could result in a passport being passed off as the real article. You could
make a perfect clone of the passport."

But could you - and what use would my passport be to you? A security feature
of the chip ensures that information cannot be added or altered, so you
couldn't put your picture on my chip. So is our attack really so impressive?

The Home Office thinks not. It correctly points out that the information
sucked out of the chip is only the same as that which appears on the page,
readable with the human eye. And to obtain the key in the first place, you
would need to have access to the passport to read (with the naked eye) its
number, expiry date and the date of birth of its holder.

"This doesn't matter," says a Home Office spokesman. "By the time you have
accessed the information on the chip, you have already seen it on the
passport. What use would my biometric image be to you? And even if you had
the information, you would still have to counterfeit the new passport - and
it has lots of new security features. If you were a criminal, you might as
well just steal a passport."

However, some computer experts believe the Home Office is being dangerously
naive. Several months ago, Lukas Grunwald, founder of DN-Systems Enterprise
Solutions in Germany, conducted a similar attack to ours on a German
biometric passport and succeeded in cloning its RFID chip. He believes
unscrupulous criminals or terrorists would find this technology very useful.

"If you can read the chip, then you can clone it," he says. "You could use
this to clone a passport that would exploit the system to illegally enter
another country." (We did not clone any of our passport chips on the
assumption that to do so would be illegal.)

Grunwald adds: "The problems could get worse when they put fingerprint
biometrics on to the passports. There are established ways of making forged
fingerprints. In the future, the authorities would like to have automated
border controls, and such forged fingerprints [stuck on to fingers] would
probably fool them."

But what about facial recognition systems (your biometric passport contains
precise measurements of key points on your face and head)? "Yes," says
Grunwald, "but they are not yet in operation at airports and the technology
throws up between 20 and 25% false negatives or false positives. It isn't
reliable."

Neither is the human eye, according to research conducted by a team of
psychologists from the University of Westminster in 1996. Remember,
information - such as a new picture - cannot be added to a cloned chip, so
anyone using it to make a counterfeit passport would have to use one that
bore a reasonable resemblance to themselves.

But during Westminster University's study, which examined whether putting
people's images on credit cards might reduce fraud, supermarket staff
drafted in for tests had great difficulty matching faces to pictures. The
conclusion was that pictures would not improve security and they were never
introduced on credit cards. This means that each time you hand over your
passport at, say, a hotel reception or car-rental office abroad to be
"photocopied", it could be cloned with equipment like ours. This could have
been done with an old passport, but since the new biometric passports are
supposed to be secure they are more likely to be accepted without question
at borders.

Given the results of the Westminster study, if a terrorist bore a slight
resemblance to you - and grew a beard, perhaps - he would have a good chance
of getting through a border. Because his chip is cloned, with the necessary
digital signatures, and because you have not reported your passport stolen -
you still have it! - his machine-readable travel document will get him
wherever he wants to go, using your identity.

What about the technical difficulties? The government claims the new
biometric passport chips can be read over a distance of just 2cm, but
researchers all over the world claim to have read them from further. The
physics governing those in British passports says they could be read over a
metre, but no one has yet done that. A Dutch team claims to have contacted
chips at 30cm.

Laurie has, however, rigged up a piece of equipment that can connect to a
passport over 7.5cm. That isn't as far as the Dutch 30cm, but it is enough
if your target subject is sitting next to you on the London Underground or
crushed up against you on the Gatwick Airport monorail, his pocketed
passport next to the reader you have hidden in a bag.

It takes around four seconds to suck out the information with a reader; then
it can be relayed and unscrambled by an accomplice with a laptop up to 1km
away. With a Heath Robinson device we built on Tuesday using a Bluetooth
antenna connected to an RFID reader, Laurie relayed details of his son's
passport over a distance of 10 metres and through two walls to a laptop.

Ah, the Home Office will say, but you still need to see the information in
the passport that will form the key needed for connection. Well, not
necessarily. Consider this scenario: A postman involved with organised crime
knows he has a passport to deliver to your home. He already knows your name
and address from the envelope. He can get your date of birth by several
means, including credit-reference agencies or from the register of births,
marriages and deaths (and, let's face it, he delivers all your birthday
cards anyway).

He knows the expiry date - 10 years from yesterday, give or take a day, when
the passport was mailed to you. That leaves the nine-digit passport number.
NO2ID says reports from its 30,000 members up and down the country are
throwing up a number of similarities in the first four digits of the
passport number, so that reduces the number of permutations, potentially
leaving five purely random numbers to establish.

"If the rogue postman were to take your passport home, without opening the
envelope he could put it against a reader and begin a 'brute force' attack
in which your computer tries 12 different permutations every second until it
has the right access codes," says Laurie. "A five-digit number would take 23
hours to crack at the most. Once all those numbers were established, you
could communicate with the RFID chip and steal all the information. And your
passport could be delivered to you, unopened and just a day late."

But is this really credible? Would criminals or terrorists really go to such
lengths? Ross Anderson, professor of security engineering at the University
of Cambridge computer laboratory, believes they would. "The point is that
once you have extracted the data from the chip you can have a forged
passport that contains not just forged physical stuff," he says. "You also
have the digital bit-stream so the digital signature of the passport checks
out. That makes it possible to travel through borders with it.

"What concerns me is that this demonstrates bad design on the part of the
Home Office, and we know that government IT projects have a habit of going
terribly wrong. There is a lack of security in what we can see - so what
about the 90% of the iceberg in the system that we can't see?

"There isn't even a defence against the brute-force attack. In much the same
way as you are only allowed three attempts to feed in your PIN number at an
ATM, the passport chip could have been made to stop allowing repeated
incorrect attempts to contact it. As things stand, a computer can keep
trying until it gets the numbers right. To say this doesn't matter displays
a cavalier lack of concern."

The problems we have identified with RFID chips in passports raise all sorts
of questions about the UK's proposed ID card scheme, which will use the same
technology. The government has not said exactly what will be contained in
the ID card's chip, but there will be a National Identity Register that
could contain around 50 pieces of information about you, ranging from your
name, age, and all your addresses, to your national insurance number and
biometric details. Eventually, you may need one to access healthcare. It
could even replace the passport.

Already, then, criminals and terrorists will have identified just how useful
cloned ID cards might be. It would be folly to think their best minds are
not on the case.

The Home Office insists that UK passports are secure and among the best in
the world, but not everyone agrees. Last week, an EU-funded body entitled
the Future of Identity in the Information Society (Fidis) issued a
declaration on machine-readable travel documents such as RFID-chipped
passports and ID cards. It said the technology was "poorly conceived" and
added: "European governments have effectively forced citizens to adopt new
... documents which dramatically decrease their security and privacy and
increase risk of identity theft."

The government is now facing demands from the Liberal Democrats and anti-ID
card groups for a recall of the passports so that simple devices such as
foil covers can be installed - at enormous cost. Such covers would at least
stop chips being scanned remotely, though they wouldn't prevent an
unscrupulous hotel receptionist from opening the passport and sucking out
its contents the way we did.

It may be that at some point in the future the government will accept that
putting RFID chips in to passports is ill-conceived and unnecessary. Until
then, the only people likely to embrace this kind of technology are those
with mischief in mind.