Speakers » Dominik Klein

Dominik Klein

Advisor, Section “Chip-Security Analysis”, Federal Office for Information Security (BSI), Germany

 

Ten years of electronic passports – Attack vectors and future challenges

  • Overview of hardware security of ePassports;
  • Analysis of attack vectors and efforts for execution of attacks;
  • Implications for practical security and counter-measures.


Recent security incidents with regard to web-based authentication facilitate a trend towards two-factor authentication. For authentication of travelers at borders, two-factor authentication started more than ten years ago with the introduction of electronic passports. Here, one factor is the biometric information stored securely (digitally signed) on the passport, whereas the second factor is the possession of the passport itself. Both factors can be subject to attacks: Skimming and eavesdropping refer to attacking the first factor by breaking access and session keys, respectively, for unauthorized access to biometric information. Cloning is an attack on the second factor, namely creating a genuine copy by extracting static authentication keys from the chip. In this presentation, we will give an overview of state-of-the-art skimming, eavesdropping and cloning attacks using side channel analysis and active manipulation of the security chip, analyze the impact with regard to security chips deployed in older and current generations of ePassports, and sketch future advancements in chip security, such as software updates of chips in the field.


Biography
Dominik Klein joined BSI in 2013 after finishing his PhD in Computer Science. As a member of the section ‘eID Technologies and Smartcards’ his responsibilities included  the analysis of security mechanisms of German ePassports and ID cards, as well as technical development and standardization of ePassport technology in ISO/JTC1/SC17/WG3. In 2015 he joined the section ‘Chip-Security Analysis’ where he is concerned with the analysis and practical execution of attacks on security ICs and the development of appropriate counter-measures.


Share this page :
Follow us on :

Premier Sponsors


See more

Sponsors


See more

Premier Partners


See more

Media Partners


See more

Supporting Associations


See more