96 chapter 6 Bad Encryption The cryptographic problems get worse once you consider that not all passports are created alike. While interoperability was a goal with the ICAO standards, not all portions of it were mandatory and countries were allowed to make their own deci- sions in some cases regarding the authentication methods. One method available against cloning one chip to another is called active authentication (AA). With AA, the legit passport is embedded with a private key that cannot be directly read but can be used cryptographically with a public key on the tag to verify those tag contents are original to that tag. A cloned tag would not have that private key and thus would fail the test. This feature is optional, however, and many countries have chosen not to support it, meaning systems have to deal with it not being there. Researchers at The Hackers Choice F found that if they copied the tag contents, altered them, and deleted the original public key on the tag, they could sign the tag contents with their own key from a nonexistent country and pass several automated passport control systems (though doubtful any that included a guard). The problem was that many of these systems checked to see that the contents were signed by the key pair on the tag, but failed to check if those keys were trusted and actually came from the country it claimed to be issued from. Many countries, systems do not do this and would need to patch or upgrade their systems to perform this check. passpOrT summary While the battle between document issuers and document forgers is a never-ending battle, the addition of digital components makes the job just that much harder. However, no system is completely safe, and compromises made for ease of implementation WarnIng While electronic passports are here to stay for the foreseeable future, many people are uncomfortable with them. There are many who advocate damaging the RFID tag to prevent any reading. While this may sound like a good idea, it is worth becoming very familiar with the implications of this for your country. In the United States, an electronic passport where the tag fails is still a valid document G for travel until its expiration. The U.S. border agents may give you more scrutiny than other travelers, but you will not be stopped solely for a broken tag since it would be very bad to leave travelers stranded at the border if they sat on their passport accidentally. What is not clear is if other countries apply the same consideration. In some circumstances, it may be also considered tampering with a federal document if you intentionally damage the tag, which may have unforeseen consequences when attempting to use it to cross a border. While protecting your personal security and privacy is important, it should be done in accordance with your local laws and the laws and policies of your destination. F www.thc.org G http://travel.state.gov/passport/eppt/eppt_2788.html#Fourteen