« u've got chlamydia | Main | meghan trainor/RFID in wired »
February 03, 2006
All your Dutch RFID e-passports ....
Dutch e-passports which store information in an encrypted RFID have been reportedly cracked by the Dutch Security Firm Riscure. The data transmission was intercepted between the e-passport and the reader and the passcode was cracked, presumably by some bruteforce method, to access the stored contents of the e-passport. These contents were listed as digital fingerprint, digital photograph, other encrypted data (whats in there?) and plain text data, presumably whats printed on the passport and then some.
Fortunatly the US will be issuing e-passports starting this October using the same ISO 14443 spec and encryption scheme that was adopted as the world standard for these sorts of things.
The spec read distance on ISO 14443 passive chips is only 2mm, but claims for greater read distances are out there.
I suggest the new tin foil passport wallet ;)
More at The Register and Engadget General e-passport discussion at Security Info Watch and Vastly Important Blog
Posted by seans at February 3, 2006 11:24 AM