Your new post is loading...
ESORICS 2019 Conference: Researchers at the University of Luxembourg have discovered a flaw in the security standard used in biometric passports (e-passports) worldwide since 2004. This standard, ICAO 9303, allows e-passport readers at airports to scan the chip inside a passport and identify the holder.
Most passports today use the standard ICAO 9303, which is issued by the International Civil Aviation Organization (ICAO). The standard is designed to ensure that the privacy and unlinkability of the passport holder is protected to the highest degree. Unlinkability ensures that an attacker could not distinguish if two elements are closely related.
Dr Ross Horne, Prof. Sjouke Mauw, PhD candidate Zach Smith and Master student Ihor Filimonov tested the standard. They discovered a flaw which allows specific non-authorised equipment to access passport data. “With the right device, you can scan passports in close vicinity and reidentify previously observed passport holders, keeping track of their movements”, Dr Horne explains. “Thus, passport holders are not protected against having their movements traced by an unauthorised observer.”
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/luxembourg-europe/?&tag=University+Luxembourg
https://www.scoop.it/topic/luxembourg-europe/?&tag=ePassport
ESORICS 2019 Conference: Researchers at the University of Luxembourg have discovered a flaw in the security standard used in biometric passports (e-passports) worldwide since 2004. This standard, ICAO 9303, allows e-passport readers at airports to scan the chip inside a passport and identify the holder.
Most passports today use the standard ICAO 9303, which is issued by the International Civil Aviation Organization (ICAO). The standard is designed to ensure that the privacy and unlinkability of the passport holder is protected to the highest degree. Unlinkability ensures that an attacker could not distinguish if two elements are closely related.
Dr Ross Horne, Prof. Sjouke Mauw, PhD candidate Zach Smith and Master student Ihor Filimonov tested the standard. They discovered a flaw which allows specific non-authorised equipment to access passport data. “With the right device, you can scan passports in close vicinity and reidentify previously observed passport holders, keeping track of their movements”, Dr Horne explains. “Thus, passport holders are not protected against having their movements traced by an unauthorised observer.”
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/luxembourg-europe/?&tag=University+Luxembourg
https://www.scoop.it/topic/luxembourg-europe/?&tag=ePassport