Difference between revisions of "Belgian ePassport"
Jump to navigation
Jump to search
m |
|||
| Line 1: | Line 1: | ||
Back to [[Belgian eGov]] |
Back to [[Belgian eGov]] |
||
==Belgian ePassports== |
==Belgian ePassports== |
||
| + | See also the general [[ePassport]] page |
||
===Characteristics=== |
===Characteristics=== |
||
* [https://www.checkdoc.be/CheckDoc/index.jsp?currenPage=checkdocument.jsp&choice=checkSecurity&iconDB=02&specific_document=1115&checksecurity_level=2&id_menu=0012 Current versions demo] |
* [https://www.checkdoc.be/CheckDoc/index.jsp?currenPage=checkdocument.jsp&choice=checkSecurity&iconDB=02&specific_document=1115&checksecurity_level=2&id_menu=0012 Current versions demo] |
||
| Line 32: | Line 33: | ||
* http://www.theregister.co.uk/2007/06/10/belgian_epassport_flaws/ |
* http://www.theregister.co.uk/2007/06/10/belgian_epassport_flaws/ |
||
* http://www.dice.ucl.ac.be/crypto/passport/index.html |
* http://www.dice.ucl.ac.be/crypto/passport/index.html |
||
| − | |||
| − | ==RFID-enabled Passports== |
||
| − | ===ICAO standards=== |
||
| − | * [http://www.icao.int/mrtd/download/technical.cfm ICAO MRTD] |
||
| − | * [http://www.hasbrouck.org/documents/ICAO9303-pt1-vol1.pdf ICAO9303-pt1-vol1.pdf] |
||
| − | ** [http://74.125.77.132/search?q=cache:jCSYw4YD9OIJ:www.hasbrouck.org/documents/ICAO9303-pt1-vol1.pdf html] |
||
| − | * [http://www.hasbrouck.org/documents/ICAO9303-pt1-vol2.pdf ICAO9303-pt1-vol2.pdf] |
||
| − | ** [http://74.125.77.132/search?q=cache:dbnXg_0wfxkJ:hasbrouck.org/documents/ICAO9303-pt1-vol2.pdf html] |
||
| − | * [http://www.hasbrouck.org/documents/ICAO9303-pt3.pdf ICAO9303-pt3.pdf] |
||
| − | ** [http://74.125.77.132/search?q=cache:vWDRlnA6feQJ:www.hasbrouck.org/documents/ICAO9303-pt3.pdf html] |
||
| − | * [http://www2.icao.int/en/MRTD/Downloads/Supplements%20to%20Doc%209303/Supplement%20to%20ICAO%20Doc%209303%20-%20Release%207.pdf Supplement to ICAO Doc 9303 - Release_7] |
||
| − | * [http://www.europeanbiometrics.info/images/resources/22_965_file.pdf LDS 1.7] |
||
| − | * Others: |
||
| − | ** [http://www.bsi.bund.de/english/publications/techguidelines/tr03110/TR-03110_v200.pdf Advanced Security Mechanisms for Machine Readable Travel Documents] by BSI |
||
| − | ===Certificates=== |
||
| − | * CSCA certificate (Country Signing CA certificate) |
||
| − | **is typically valid for their period of intended use + period of validity of the issued passports + 3 months (e.g. 5+10+0.25) and renewed after their period of intended use (e.g. 5 years). |
||
| − | **is used to verify the DS certificate |
||
| − | * DS certificate (Document Signer certificate) |
||
| − | ** is typically valid for the period of validity of the passport itself + 3 months and renewed after their period of intended use (3 months). (e.g. 10+0.25) |
||
| − | ** is used to verify the integrity of the EF_DG* files of the passport through their hashes signed in EF_SOD |
||
| − | ** is optionally present in the EF_SOD file of the passport (mandated by US-VISIT & by EU I think) |
||
| − | * SOD (Document Security Object) |
||
| − | ** RFC3369 CMS Signed Data Structure, signed by the Document Signer (DS). |
||
| − | ** Carries the hashed LDS Data Groups. |
||
| − | ** Stored in the MRTD’s chip. |
||
| − | ** MAY carry the Document Signer Certificate |
||
| − | * AA (Active Authentication) keys |
||
| − | ** private key stored in the chip |
||
| − | ** public key available in EF_DG15, whom hash key is signed in SOD by DS |
||
| − | |||
| − | As per epassport2008 there are several certificates for the full EAC solution: |
||
| − | Element File name |
||
| − | CSCA certificate - name NN_CSCA.der (.der, .cer) |
||
| − | DS certificate NN_DS (.der, .cer) preferably included in the ePassport chip |
||
| − | CVCA certificate NN_CVCA.cvcert (minimal validity at least 2 month) |
||
| − | CVCA private key under PKCS#8 format NN_CVCA.pkcs8 |
||
| − | DV certificate NN_DVCA.cvcert (effective date like CVCA certificate) |
||
| − | IS certificate NN_IS.cvcert (effective date like CVCA certificate) |
||
| − | IS private key under PKCS#8 format NN_IS.pkcs8 |
||
| − | ===CSCA certificates=== |
||
| − | * see http://jmrtd.org/csca.shtml |
||
| − | * [http://www2.icao.int/en/MRTD/Pages/icaoPKD.aspx ICAO PKD] |
||
| − | * [https://pkddownloadsg.icao.int/ICAO/pkdLDIFDownload.jsp ICAO PKD LDIF download] |
||
| − | Stupid script to see what are the country certificates there (there are also CRLs): |
||
| − | <source lang=bash> |
||
| − | #!/bin/bash |
||
| − | |||
| − | rm xx* |
||
| − | csplit pkd.000033.ldif '%userCertif%' '/^userCertif/' '{*}' |
||
| − | for i in xx*; do |
||
| − | cat $i |sed '1s/^.*:://;/:/,/qwerty/d' |openssl base64 -d|openssl x509 -inform der -out $i.pem -outform pem |
||
| − | cat $i |sed '1s/^.*:://;/:/,/qwerty/d' |openssl base64 -d|openssl x509 -inform der -text -noout > $i.txt |
||
| − | test $? -eq 0 && rm $i |
||
| − | done |
||
| − | </source> |
||
| − | ===Verifying a passport=== |
||
| − | Example to verify a French passport: |
||
| − | # Get France CSCA certificate: hum you should get country certificates from a trusted source ;-) |
||
| − | wget -O - http://jmrtd.org/csca/fr.cer |openssl x509 -inform der -outform pem -out fr.PEM |
||
| − | # EF_SOD certificate should have been extracted by RFIDIOt, if not: |
||
| − | tail -c+5 EF_SOD.BIN | openssl pkcs7 -inform DER -outform PEM -out EF_SOD.PEM |
||
| − | # Verify DS certificate stored in the passport with country CSCA certificate: |
||
| − | openssl pkcs7 -in EF_SOD.PEM -print_certs -outform PEM |openssl verify -CAfile fr.PEM |
||
| − | # you should get back a OK: |
||
| − | stdin: OK |
||
| − | # Verify SOD is well signed by DS, how? |
||
| − | |||
| − | # Verify files hashes are those signed in SOD |
||
| − | |||
| − | # Active authentication, verify the passport owns the private key of cert in DG15, how? |
||
| − | |||
| − | Moreover to be perfect, we should also check CSCA and DS against CRLs supposedly available at ICAO PKD. |
||
| − | ====Active Authentication==== |
||
| − | from http://www.aph.gov.au/Senate/committee/legcon_ctte/estimates/add_0506/ag/qon_91att_2.pdf |
||
| − | <br>A4.2. Active Authentication Mechanism |
||
| − | <br>Active Authentication is performed using the ISO7816 INTERAL AUTHENTICATE command. The input is a nonce (RND.IFD) that MUST be 8 bytes. The ICC computes a signature, when an integer factorization based mechanism is used, according to ISO9796-2 Digital Signature scheme 1 ([R17], ISO/IEC 9796-2, Information Technology – Security Techniques – Digital Signature Schemes giving message recovery – Part 2: Integer factorisation based mechanisms, 2002.). |
||
| − | <br>M MUST consist of M1 and M2, where M1 MUST be a nonce of length c – 4 bits and M2 is RND.IFD. |
||
| − | <br>The trailer option 1 MUST be used in case of SHA-1, if not SHA-1 then option 2 MUST be used. |
||
| − | <br>The result of the signature computation MUST be signature 3 without the non-recoverable message part M2. |
||
| − | <br>In more detail, IFD (inspection system) and ICC (MRTD’s chip) perform the following steps: |
||
| − | <br>1) The IFD generates a nonce RND.IFD and sends it to the ICC using the INTERNAL AUTHENTICATE command. |
||
| − | <br>2) The ICC performs the following operations: |
||
| − | <br>a) Create the header. |
||
| − | <br>b) Generate M1. |
||
| − | <br>c) Calculate h(M) |
||
| − | <br>d) Create the trailer |
||
| − | <br>e) Calculate the message representative F. |
||
| − | <br>f) Compute the signature 3 and send the response to the IFD. |
||
| − | <br>3) The IFD verifies the response on the send INTERNAL AUTHENTICATE command and checks if the ICC returned the correct value. |
||
| − | |||
| − | ===Security of the ePassport infrastructure=== |
||
| − | * [http://rowlandwatkins.com/past/2008/8/8/on_exploiting_epassport_vulnerabilities/ On Exploiting ePassport Vulnerabilities] (about PKI) |
||
| − | * [http://www.dexlab.nl/ So what’s the issue with ePassport security?] |
||
| − | * [http://www.cs.auckland.ac.nz/~pgut001/pubs/pass_faq.html Hello, my name is ...] |
||
| − | * [https://www.os3.nl/2008-2009/epassport_eng E-passport security] |
||
| − | * [http://www.cs.ru.nl/E.Poll/papers/nluug.pdf Fingerprinting passports] via their non-standard error codes |
||
| − | ====US Passport Card==== |
||
| − | Don't mix US Passport Book (ICAO) with the [http://travel.state.gov/passport/ppt_card/ppt_card_3926.html US Passport Card] (see also [http://en.wikipedia.org/wiki/Passport_card wikipedia]), valid when entering the United States from Canada, Mexico, the Caribbean and Bermuda at land border crossings |
||
| − | or sea ports-of-entry and [http://www.theregister.co.uk/2009/02/02/low_cost_rfid_cloner/ skimmed much more easily]. |
||
| − | [http://travel.state.gov/passport/ppt_card/ppt_card_3921.html Won’t this chip violate Americans’ privacy?] |
||
| − | <i>There will be no personal information written on the electronic chip itself. The chip will have only a unique number pointing to a stored record contained in secure government databases.[...] In addition, to mitigate any possibility that the card could be tracked, it will be issued with a protective sleeve that will prevent the card from being read when not in use.</i> |
||
| − | |||
| − | ===Tools=== |
||
| − | ====[http://openmrtd.org/ OpenMRTD]==== |
||
| − | library |
||
| − | ====[http://jmrtd.org/ JMRTD]==== |
||
| − | Java host API & Javacard applet to build your own epassport infrastructure |
||
| − | ====RFIDIOt==== |
||
| − | See [[RFID#RFIDIOt]] |
||
| − | |||
| − | ====[http://www.dexlab.nl/ eCL0WN]==== |
||
| − | Applet for Nokia NFC phone |
||
| − | ====[http://freeworld.thc.org/thc-epassport/ vonJeek emulator]==== |
||
| − | |||
| − | ==Misc== |
||
| − | * [http://www.smartcardfocus.com/shop/ilp/se~37/p/index.shtml Protective sleeves & wallets] shielding RFID stuff like ePassports |
||
Revision as of 00:40, 4 February 2009
Back to Belgian eGov
Belgian ePassports
See also the general ePassport page
Characteristics
- Current versions demo
- Uses Opentrust PKI (former IDX-PKI from idealx)
- Price:
- 30€ droit de chancellerie
- taxes communales (Ixelles=26€, Leuven=11€?,...)
- 41€ frais de confection
- Much more expensive if urgent or 64 pages (~250€)
- maker? at least not Zetes (contradictory info here)
Mais nous ne fabriquons pas le passeport belge, c’est vrai. C’est un contrat qui a été attribué avant que nous ne soyons actifs sur ce segment. S’il y a un appel d’offres, j’imagine que nous y répondrons.
chip
- ATR 3B 8E 80 01 80 91 E1 31 C0 64 77 E3 03 00 83 82 90 00 6C
- ATR 3B 8E 80 01 80 91 91 31 C0 64 77 E3 03 00 83 82 90 00 1C (as mentioned in pcsc-lite smartcard_list.txt)
- ATR 3B 88 80 01 00 00 01 07 01 72 90 00 EC (on a recent passport 01/2009 EH431xxx)
- Belgium is one rare country to also include the owner handwritten signature, in EF_DG7
- Non-compliances?
- Requires option 0x0C whenever you select the application or a file (important for non-BAC passports), usually other passports implement 7816-4 a bit better and accept the standard select_file but apparently Belgium just implemented the example of LDS just as it was presented, no more)
- non-BAC passports have a bug in EF_DG11, in full name of holder (tag 5F0E): null length followed by "A0 06 02 01 01"
- newer passports have a bug in EF_DG12, using tag 5F85 instead of 5F55 for the document issuance timestamp (5F85 is in LDS1.7, 5F55 is in ISO standard)
- newest passports (with polycarbonate transparent sheet) don't have the bug anymore in EF_DG12, skipping simply document issuance timestamp
- Reading the DS certificate in EF_SOD (output truncated):
openssl pkcs7 -text -print_certs -in EF_SOD.PEM
Authority:
Issuer: C=BE, O=Kingdom of Belgium, OU=Federal Public Service Foreign Affairs Belgium, CN=CSCAPKI_BE
Subject: C=BE, O=Kingdom of Belgium, OU=Federal Public Service Foreign Affairs Belgium, CN=DSPKI_BE
X509v3 extensions:
X509v3 Authority Key Identifier:.
keyid:00:84:19:14:B2:CE:7E:0A:DE:3A:26:F9:FD:DD:1F:F4:01:42:A8:0E