Paper 2007/244

A Note on the Relay Attacks on e-passports: The Case of Czech e-passports

Martin Hlavac and Tomas Rosa

Abstract

The threat of relay attacks on authentication protocols is often well recognized, especially for contactless applications like RFID chips. It is, therefore, a bit surprising to meet an implementation that actually encourages rather than eliminates these attacks. We present our experimental observations concerning Czech e-passports. These show clearly an inherent weakness rooted in lower layers of ISO 14443. As the behavior is unavoidable, it induces a question on whether the e-passport should not have used a different communication protocol or authentication scheme.

Note: The revision fixes several typos (FWT vs. FTW, $36 \mu s$ vs. $36 ms$, invalid reference to conclusion), adds explanation of ATQB and changes "RF channel 2" to "channel 2" in the figure.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Keywords
RFIDe-passportrelay attack
Contact author(s)
hlavm1am @ artax karlin mff cuni cz
History
2007-06-24: revised
2007-06-19: received
See all versions
Short URL
https://ia.cr/2007/244
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2007/244,
      author = {Martin Hlavac and Tomas Rosa},
      title = {A Note on the Relay Attacks on e-passports: The Case of Czech e-passports},
      howpublished = {Cryptology {ePrint} Archive, Paper 2007/244},
      year = {2007},
      url = {https://eprint.iacr.org/2007/244}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.