this post was submitted on 05 Feb 2024
214 points (97.8% liked)
Technology
60052 readers
3048 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Isn't NFC pretty vulnerable to short-range cloning attacks? Obviously it's better than nothing but it still has issues compared with a chip that requires electrical contact in order to be read.
The chip in a passport or ID card is not a simple data storage device. It's more like a tiny computer that the reader talks to. This is unlike a simple NDEF tag that you can easily clone, there are several layers of protection.
First, you need a key to even access the chip. This key is derived from 3 pieces of information on the document: the document number, the date of birth and the date of expiry. The idea is that to get this data, you already have to be looking at the data page of the passport, that is: to access the privacy-sensitive data inside the chip, you already have to be able to look at that same data printed on the page.
This data then goes into a key derivation function. Some handshake messages are exchanged which I won't bore you with, and both the chip and the reader should at that point be able to derive another key that will then be used to encrypt any communication between chip and reader. There are actually 2 different mechanisms for this, the older BAC mechanism (Basic Access Control) and the newer PACE mechanism (Password Authenticated Connection Establishment). The latter uses newer and even more secure crypto.
This prevents eavesdropping and ensures you cannot remotely read the document.
Once the connection has been established, the reader can request certain chunks of data from the document. This includes everything that is printed on the data page, as well as a higher-quality color version of the photo on you document.
The data that can be read from the document is digitally signed by the government of the issuing country. You can verify this signature against a list of trusted certificates. Only the government that issued the document should have access to the corresponding private key and as such you cannot forge this data (unless you are able to break certain cryptographic standards, but if someone can do that we have bigger problems than fake IDs). This is called 'passive authentication'.
Now, if you get your hands on someone's passport, you could still copy the data, you can't modify it, but you can clone it. To prevent this passports also have a clone detection mechanism. Again there are multiple versions of this, but the most basic form is called Active Authentication. Part of the data read from the passport, is a public key. The chip in the passport has the corresponding private key, but there is no way to read this key. You can confirm it's not a clone by sending a piece of random data to the passport and asking it to sign that data with its private key. You then use the public key to check the signature and confirm the document is in possession of the corresponding private key. You can also confirm the authenticity of the public key, because that is also signed with the private key of the issuing government.
Now, theoretically you could try to extract the private key used in clone detection from the physical document, you would need some extremely advanced tech to do this, and the chips in ID documents have all kinds of physical protections against these kind of attacks. Maybe some intelligence services would have this capability, but it would only allow you to clone a document, not forge one.
After reading about all the trouble they go to for passports, social security numbers are hilariously fucking inadequate by comparison (or even in absolute terms, for that matter).
Thank you so, so much for this explanation! I’ve been wondering for years and years and I finally get it, it’s so cool to see public key cryptography being used for clone detection.