critics say that these RFID could be read remotely by identity thieves. So what do the supporters say? What is the benefit in making these documents scannable from a non-trivial distance?
One possible “benefit” might be to allow for instant, 4th amendment be damned police identification of people walking down the street. But are there any other tangible reasons for this change, especially ones that are more relevant to the intended function of the documents involved?
Given the premise of the OP, this one will more likely be a Great Debate rather than a classic General Question. Moved from GQ to GD.
samclem, Moderator
Are you talking about RFID or NFC? What do you mean by “non-trivial distance”? Can you link to something tangible that we can discuss?
The obvious reason for the technology is to allow authentication with very close, but not physical contact. It speeds up the transaction and eliminates the physical wear-and-tear.
Whether or not these benefits outweigh the costs is a reasonable question, but I think you need to tighten the scope a bit first.
Here is an article and video where someone is is picking up RFID tags from people’s passports while driving by in a car.
http://www.engadget.com/2009/02/02/video-hacker-war-drives-san-francisco-cloning-rfid-passports/
Modern RFID can contain a lot of data. Credit cards, for example, just contain a number (I believe).
New data can be written to it (like your stamps).
Everything can be transmitted back and forth encrypted.
Swiping the card/passport is much faster than with a magnetic strip reader.
This isn’t to say that they will use an RFID that is writeable, has lots of memory, and uses encryption. But they can, and it would be reasons to use it.
Why would you want it to be writable? Leaving that data in where the user can get to it means that, if someone breaks the encryption, they suddenly can change the information. With just a number, the actual data is elsewhere.
Imagine if your company let you take all its trade secrets with you on a flash drive rather than requiring a password on site.
The only reason I can see to make them writable is if you are constantly changing codes for security reasons. Not because they’re actually storing data on them. (And I think that would be pretty risky, as it would mean the signal that is changing the code is being pumped through the air, so an industrious hacker might be able to reverse engineer the chip and figure it all out.)
Just because something is writable doesn’t mean that all of it is writable. You can make some data read only (like your name, date of birth, issuing date, etc.).
And like I said, the reason to make it writable might be so you can issue visas electronically. If you want to sacrifice the security of data that could be read-only, you can make it so that you can update the photo and the issuing date, so that a new passport doesn’t have to be issued.
And while saying that the encryption scheme will be broken is all-and-well, I don’t think that any major encryption schemes have been broken since WWII. As soon as anyone starts to approach the capability, everyone moves to a different scheme, starts using longer keys, etc.
And finally, remember that the technologies I pointed out are some things that can be done with RFID. I don’t know if they are planning to use any, let alone, all of those features.
Interesting and disturbing. However, the article was posted on 2nd February, 2009. Was there any fall-out from this? Did Paget release his sourcecode at Shmoocon?
RFID’s need to be writable – at least some of them – because they ARE the account. Example: You buy a card at the copy shoppe and stick them into the copy machines. The balance is recorded on the card itself, not in some database in a server farm buried under a mountain in Wyoming. Self-serve laundromats are beginning to work this way too. In my large apartment complex, you buy card (or add value) at machine in office, then stick card into washers and dryers in laundry rooms, and the card itself records the remaining value. Haven’t seen this yet on public transit systems in my area, but I can guess fer sure it’s out there. Heck, they’re even starting to do parking meters that way.
that’s fine, but here we are discussing the high value documents like credit cards and passports, for which the data is in fact stored in Secretary Evil’s secret volcano lair. Indeed, in the case of credit cards they had them readonly decades by now.
The mathematics of the encryption is generally considered safe, but the implemetations are vulnerable. Here’s an article about a side channel attack on Mifare cards.
In any case, it’s not the encryption you need to worry about. While it can theoretically be broken, it only matterts if the thieves don’t have the real codes, a thoroughly commonplace possibility. All you need is a legitimate reader, with the right added scripts to move the money properly. Imagine everyone walking down the street being charged a small amount (and it could even show up in your bill as Tax $0.14"), indented to look like part of another charge.
I don’t know the details, but you can google “chris paget rfid” for the last year.
This article claims that the federal government requires all their employees to use shielded sleeves for their passports and ID cards.
http://www.theinfomine.com/2010/08/31/why-you-should-protect-your-passport-from-rfid-readers/
Using a shielded sleeve should work, but negates any convenience of using RFID in the first place.
This is a FIPS 202 standard for RFID blocking.
Isn’t the technology in use in the laundromat and the copy shop a magnetic stripe card and not an RFID card?