Security analysis of Australian and E.U. E-passport implementation

Journal of Research and Practice in Information Technology

Volumn 40, Issue 3, 2008, Pages 187-205

  Pasupathinathan, Vijayakrishnan ^a   Pieprzyk, Josef ^a   Wang, Huaxiong ^b  

^a MACQUARIE UNIVERSITY   (Australia)

^b NANYANG TECHNOLOGICAL UNIVERSITY   (Singapore)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL; BIOMETRICS; DATA STORAGE EQUIPMENT; MODEL CHECKING;

AUTOMATED PROCESSING; BIOMETRIC INFORMATIONS; BORDER CONTROLS; EUROPEAN UNIONS; FORMAL SECURITY ANALYSES; PASSPORT SYSTEMS; SECURITY ANALYSES; SECURITY AND PRIVACIES; SECURITY EVALUATIONS; SECURITY GOALS; SECURITY ISSUES; SECURITY WEAKNESSES;

SECURITY SYSTEMS;

EID: 58249119442     PISSN: 1443458X     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (26)

1. AUSTRALIAN CUSTOMS SERVICES (2006): 'Smartgate', http://www.customs.gov. au/ site/page.cfm?u=5555.
2. DANG, Z. and KEMMERER, R.A. (1997): Using the Astral model checker for cryptographic protocols analysis, in ORMAN, H. and MEADOWS, C. eds, Workshop on design and formal verification of security protocols.
3. DESMEDT, Y., GOUTIER, C. and BENGIO, S. (1987): Special uses and abuses of the Fiat-Shamir passport protocol, in Advances in Cryptology - CRYPTO '87, Springer Berlin/Heidelberg, 293: 21-39.
4. FORMAL SYSTEMS (EUROPE) LTD (2003): Failures-divergence refinement, FDR2 User Manual. Available from http://www.fsel.com/.
5. HEINTZE, N. and TYGAR, J.D. (1994): A model for secure protocols and their compositions, in 1994 IEEE Computer Society Symposium on Research in Security and Privacy, IEEE Computer Society Press, 2-13.
6. HOARE, C.A.R. (1985): Communicating sequential processes, Prentice Hall International.
7. HOME AFFAIRS JUSTICE (2006): EU standard specifications for security features and biometrics in passports and travel documents, Technical report, European Union.
8. ICAO (2006): Machine readable travel documents, Technical report, ICAO.
9. ISO/IEC (2000): ISO/IEC14443, identification cards - contactless integrated circuit(s) cards - proximity cards.
10. JOHNSON, B. (2006): Hackers crack new biometric passports, The Guardian.
11. JUELS, A., MOLNAR, D. and WAGNER, D. (2005): Security and privacy issues in e-passports, in IEEE SecureComm '05.
12. K.C, G.S. and KARGER, P.A. (2005): Preventing attacks on Machine Readable Travel Documents (MRTDs), Cryptology ePrint Archive, Report 2005/404. http://eprint.iacr.org/.
13. KNIGHT, W. (2006): Hackers clone radio-chip passports, NewScientist.
14. KLUGLER, D. (2005a): Advance security mechanisms for machine readable travel documents, Technical report, Federal Office for Information Security (BSI), Germany.
15. KLUGLER, D. (2005b): Security concept of the EU-passport, Security in Pervasive Computing 85.
16. LAURIE, A. (2007): Rfidiot, http://rfidiot.org/.
17. LOWE, G. (1996): Breaking and fixing the Needham-Schroeder public-key protocol using CSP and FDR, in MARGARIA, T. and STEFFEN, B. eds, Tools and alogrithms for the construction and analysis of systems, Springer-Verlag, 1055: 147-166.
18. LOWE, G. (1999): Casper - A compiler for the analysis of security protocols, User Manual and Tutorial, Ver1.3.
19. LOWE, G. and ROASCOE, B. (1997): Using CSP to detect errors in the TMN protocols, in IEEE Transactions on Software Engineering, 3.
20. MITCHELL, J.C., MITCHELL, M. and STERN, U. (1997): Automated analysis of cryptographic protocols using murphi, in 16th IEEE Symposium on Security and Privacy, IEEE Computer Society Press.
21. PASUPATHINATHAN, V., PIEPRZYK, J., WANG, H. and CHO, J.Y. (2006): Formal analysis of card-based payment systems in mobile devices, in SAFAVI-NAINI, R., STEKETEE, C. and SUSILO, W. eds, Fourth Australasian Information Security Workshop (Network Security) (AISW 2006), Hobart, Australia, 54: 213-220.
22. PHILLIPS, P.J., MARTIN, A., WILSON, C.L. and PRZYBOCKI, M. (2000): An introduction evaluating biometric systems, IEEE Computer 33(2): 56-63.
23. REID, D. (2006): E-passports at risk from cloning, BBC.
24. SCHERZER, H., CANETTI, R., KARGER, P.A., KRAWCZYK, H., RABIN, T. and TOLL, D.C. (2003): Authenticating mandatory access controls and preserving privacy for a high-assurance smart card, in 8th European Symposium on Research in Computer Security (ESORICS 2003), Lecture Notes in Computer Science, Springer-Verlag, Gjovik, Norway, 2808: 181-200.
25. SCHNEIDER, S. (1997): Verifying authentication protocols with CSP, in 10th IEEE Computer Security Foundations Workshop, IEEE Computer Society Press, 2-17.
26. TOM A. F. KINNEGING for ICAO-NTWG, P. T. F. (2004): PKI for machine readable travel documents offering ICC read-only access, Technical report. Version 1.1.