par, did you ever try this? I'd be interested in the results. If you don't want to make them widely known, feel free to PM me. I'd like to know what my new passport will be telling the world about me... :eek:

I haven't bought it yet. It's on the todo list but i'm kind of swamped the next 2 weeks.

We definitely have the 96-bit "dumb" tags at work - they are definitely not encrypted - so your explaination makes perfect sense. Thank you very much for the reply. One of these days I'll have some free time and be able to do some research about the differences.

If the passports are minimally-encrypted and are protected when closed - then elaborate (if you can) about what was done incorrectly (and what should have been done). I'm a major supporter of RFID technology at a commercial level - but it sure isn't a time-tested technology and I can't say I'm looking forward to renewing my passport :rolleyes:

Thanks again,
Chris

Well, I don't want to overstate the problems. The encryption ("Basic Access Control") and the Faraday shielding should help to mitigate the problems. Also, the short read range of ISO 14443 chips should help to reduce the risks, too. But here are some of the potential downsides, as best as I can tell:

When your passport is open, you can be tracked. Someone with a reader who is not too far away can query the RFID chip and, while they can't read the biometric data stored on the chip, it appears they can read a unique ID number (the "collision-avoidance" ID) that is unique to you. I have seen a recent report saying that even opening the passport by a half-inch or so is enough to expose the RFID chip to such queries. In some scenarios -- scenarios which fortunately aren't very realistic today -- this might enable tracking of US e-passport holders. (People have also talked about the risk of smart bombs that explode whenever a US passport-holder comes within range. Presumably, with the new shielding this would only be possible if the passport holder had their passport partially or complete open.)

When your passport is open and being interrogated by a legitimate RFID reader, it is possible for unauthorized third parties to eavesdrop on that communication and obtain access to the biometric information stored on the passport. Due to the short read range of ISO 14443 tags, the third party might need to be fairly close to the passport holder. No one knows exactly how close, but there are reports that NIST was able to eavesdrop on the RFID chips used in e-passports from a distance of approximately 30 feet. Exposing the biometric information on the chip to unauthorized third parties poses some risks to the passport holder. I believe that information includes a photograph, name, and birth date, which could aid identity theft. It could also potentially be used to clone the e-passport of a legitimate passport-holder.

The truth is that the addition of encryption ("Basic Access Control") and shields (Faraday cages) goes a long way to mitigate the risks present in the State Department's initial vision for e-passports. But I still don't think the current RFID solution is ideal. It wasn't very well thought out. Frankly, I don't think the State Department really knew what they were doing or what they were getting into; and I suspect they may have been bamboozled a little bit by smartcard and RFID vendors, who told them everything would be fine, and not to worry. When the problems started coming out, the State Department initially tried to pretend that everything was ok. Eventually they gave in and put in place some mitigations (Basic Access Control, the Faraday cages). They started with an approach that didn't make sense, and now they're trying to patch up the worst problems in it, which is good, but it's not clear whether this will be 100% what we would have wanted.

The other problem is that the State Department is being secretive about this. When critics started raising these concerns, some scientists called for the State Dept. to share their prototype passports / RFID chips with independent labs so that outside scientists could independently test the claims and get to the bottom of it. Unfortunately, the State Department has strongly resisted doing that. Instead, they have forced this technology upon us before allowing any kind of independent third-party review of the privacy and security properties of the technology. (For instance, this is why no one knows what range the RFID chips used in e-passports can be read from, and all we have is speculation.) Personally, I suspect this secretive attitude has been at least as much of a factor in the criticism as the actual technical flaws have been. It leads people to suspect that the State Dept. is more interested in protecting themselves from embarassment than they are getting it right.

Because of this lack of transparency, for all we know, it is possible that the US e-passport deployment contains other privacy problems that we don't know about and that we won't learn about until many people have already been given RFID-chipped passports. Normally, in the security business, the conventional wisdom says that -- for high-stakes applications -- you should have an independent security review performed before deploying the technology (not after). In the case of e-passports, that apparently was not done.

Again, I don't want to blow this out of proportion. As these things go, it could be a lot worse. Hopefully, the experience with e-passports will go smoothly, and any problems will be minor. But at this point, it's hard to be completely certain that everything will be ok -- there's this lingering fear that is hard to completely dispel.

The Denver passport office is supposed to be the first that goes through with going for (nearly) all RFID-passports and then it'll roll out to the rest in full by this time next year.

Is the New York, DC or Chicago passport office doing this yet?

I'm curious why the governments chose RFID instead of the more traditional smartchips like the ones embedded in some creditcards now? There's no practical reason why the passports would need to be read remotely.. and since they added all this shielding to the passports, I presume it would never be legitimately be read remotely...

If authenticity/integrity of the passport was of primary concern, smartchips of some sort is what would have been adopted. Although the RFID chip would make it harder to forge passports than currently, the purpose for the current-state RFID to be used is other than mere passport authenticity/integrity.

Not sure about those, but New Orleans isn't. My mother just got a new passport back two weeks ago and it was the non-RFID type.

I don't know. Others have asked the same question. It's a good question. It deserves a detailed answer -- but unfortunately, we have yet to get any such answer on this point from the US State Dept.

By way of background, it's worth pointing out that the RFID chips they are going to use in US passports are closer to "contactless smartcards" (i.e., smartcards with wireless instead of a direct connection).

So I suspect your question is really: Why did they chose to use contactless smartcards instead of more traditional smartcards with physical contacts? You could easily imagine a passport where you can't read it remotely -- where you have to insert or swipe it into a reader. I haven't been able to get any good answers, and the State Dept. has mostly dodged questions like this. One concern I have heard some people advance is that perhaps the contacts would get dirty after too much use and the lifetime of the passport might be limited. On the other hand, I have heard others say that smartcards are currently used in Europe and some are designed to be used on a daily basis and last for years. Personally, I've had a hard time getting a straight answer on this, so I can't quite tell whether there is a legitimate technical reason to use contactless smartcards, or whether this is just a case of the State Dept buying whatever the vendors told them to buy.

Another question that many people have asked is why the State Dept didn't use an optical 2-D barcode, instead of a wireless RFID chip. That also seems like a good question to me. It's not clear to me whether a 2-D barcode has enough capacity to store all the information they want to store -- but it's not clear it is inadequate, either.

The one thing that is clear here is that once the State Dept. announced that they were going to use RFID, they absolutely refused to engage in any discussion of alternatives. It was as if they had made their decision and no way in hell were they going to re-consider, no matter how many problems were later discovered. If the State Dept. had been doing their job, they should have considered all three of these alternatives, carefully analyzed their tradeoffs, and been prepared to publicly defend their choice and document their decision. Unfortunately, the State Dept. didn't do that. Personally, I think that was a case of poor management on their part.

My impression is that the State Dept. folks didn't really know what they were doing, they just did whatever the vendors told them to do, and they got in a little over their heads.

Keep in mind, this is hardly the only case of the government doing a poor job of managing a large IT deployment. This kind of mismanagement of ambitious technology projects is common in government (and not unheard of in the private sector).

Just catching up on my readings and i saw this
"WASHINGTON—American travelers have begun receiving a new RFID-equipped electronic passport in mid-August, according to an announcement from the U.S. Department of State.

Right now, the only people receiving the new passports, which are embedded with an RFID chip that contains full passport information, including the photo, are only going to people served by the Passport Agency in Aurora, Colo."

It is also mentioned that "the RFID chip has been redesigned and the covers of the passport are now made of a metalized substance that prevents reading the RFID chip when the cover is closed."

LOL, Feel safer? :D

I'm glad I got my passport while it is still unchipped.