Cryptology ePrint Archive: Report 2005/095

Security and Privacy Issues in E-passports

Ari Juels and David Molnar and David Wagner

Abstract: Within the next year, travelers from dozens of nations may be carrying a new form of passport in response to a mandate by the United States government. The e-passport, as it is sometimes called, represents a bold initiative in the deployment of two new technologies: Radio-Frequency Identification (RFID) and biometrics. Important in their own right, e-passports are also the harbinger of a wave of next-generation ID cards: several national governments plan to deploy identity cards integrating RFID and biometrics for domestic use. We explore the privacy and security implications of this impending worldwide experiment in next-generation authentication technology. We describe privacy and security issues that apply to e-passports, then analyze these issues in the context of the International Civil Aviation Organization (ICAO) standard for e-passports.

Category / Keywords: applications / passport RFID ICAO biometrics

Publication Info: Abbreviated version in IEEE SecureComm 2005

Date: received 28 Mar 2005, last revised 18 Sep 2005

Contact author: dmolnar at eecs berkeley edu

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: Includes new information on European e-passports.

Version: 20050918:194614 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]