Cryptology ePrint Archive: Report 2007/244

A Note on the Relay Attacks on e-passports: The Case of Czech e-passports

Martin Hlavac and Tomas Rosa

Abstract: The threat of relay attacks on authentication protocols is often well recognized, especially for contactless applications like RFID chips. It is, therefore, a bit surprising to meet an implementation that actually encourages rather than eliminates these attacks. We present our experimental observations concerning Czech e-passports. These show clearly an inherent weakness rooted in lower layers of ISO 14443. As the behavior is unavoidable, it induces a question on whether the e-passport should not have used a different communication protocol or authentication scheme.

Category / Keywords: implementation / RFID, e-passport, relay attack

Date: received 19 Jun 2007, last revised 24 Jun 2007

Contact author: hlavm1am at artax karlin mff cuni cz

Available format(s): PDF | BibTeX Citation

Note: The revision fixes several typos (FWT vs. FTW, $36 \mu s$ vs. $36 ms$, invalid reference to conclusion), adds explanation of ATQB and changes "RF channel 2" to "channel 2" in the figure.

Version: 20070624:173318 (All versions of this report)

Short URL: ia.cr/2007/244