Les passeports peu sûrs de RFID obtiennent le timbre de l'approbation

LES États-Unis Le département d'état approuve des passeports de RFID parmi des soucis d'intimité

Avec l'incarnation d'original soucis finis claqués de sécurité, une nouvelle race des passeports RFID-permis a reçu les États-Unis Le timbre du département d'état de l'approbation le lundi passé. Les nouveaux passeports sont placés pour lancer ce printemps pour les États-Unis citoyens entrant dans les Etats-Unis par des points de contrôle de terre et de mer.

Lisible à jusqu'à 20 pieds, la conception de la deuxième génération est censée aider sécurité à augmenter passeports' et à réduire les lignes omniprésentes trouvées aux points d'entrée dans le pays.

Comparé au previous generation of RFID passport – dubbed “e-Passports” – the new generation of RFID passports contain security features that are far more protected, with many of its developments based on the 4,000+ responses received by the State Department on a public request for comment in December 2006. New security features include:

• A “randomized unique identification” system that produces a different ID each time the chip is accessed
• A digital signature that can help identify when the passport’s data has been altered
• A metallic insert in the passport’s spine and front cover that blocks radio signals when the cover is closed.

While many critics continue to express privacy concerns, the new security features are sufficient to pacify at least some of the passport’s vocal critics. “At the moment, the security protections in U.S. passports are pretty good,” said Ari Juels, Chief Scientist and Director of Massachusetts-based RSA Laboratories, in a December 14 statement to the Los Angeles Times.

The new passport design will use “vicinity read” RFID technology, as opposed to the previous generation “proximity read” technology, which need to be swiped at a scanner and were only readable from a few inches.

However, while the new passports are a definite improvement, critics stress that they are far from perfect. Critics have particularly attacked the new passports’ increased range, which many claim will help facilitate identity theft. In one example, mobile security company Flexilis found the passport’s metallic shielding inadequate, allowing for the passport’s transmitter to be read even when it is closed.

To demonstrate this, Flexilis posted a YouTube video demonstrating a proof of concept where a trashcan armed with an explosive charge detonates as a dummy equipped with the “shielded” passport passes by. The threat, it says, is that terrorists could use the passports’ increased range to selectively identify Americans in foreign lands, possibly taking action against them that may include bodily harm.

Despite the new passports’ flaws – which the Los Angeles Times says are nothing to lose sleep over – most everyone agrees that the changes are a much-needed improvement over the current RFID passport, which gained pariah status among security circles for notoriously weak security features.

Comment on 'Insecure RFID Passports Get Stamp of Approval' :

RSS TrackBack URL

Related News: