Скачать презентацию Identity in the digital age Travel documents Скачать презентацию Identity in the digital age Travel documents

be60f699477d0b6375e0c4a4df17590b.ppt

  • Количество слайдов: 47

Identity in the digital age Travel documents & Cryptography Dr. Kim Nguyen Bundesdruckerei Gmb. Identity in the digital age Travel documents & Cryptography Dr. Kim Nguyen Bundesdruckerei Gmb. H, Berlin ECC Workshop, Bochum 2004 -09 -21 Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 1

Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into MRTDs Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 2

History From royal printing house to a leading supplier of high-security technology 2000 1994 History From royal printing house to a leading supplier of high-security technology 2000 1994 1951 1945 1879 Bundesdruckerei Gmb. H, SH DP Privatisation of the Bundesdruckerei group Bundesdruckerei Gmb. H Bundesdruckerei Staatsdruckerei (Government Printing House) Reichsdruckerei (Imperial Printing House) Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 3

Key Numbers Bundesdruckerei in figures Human resources Production Currently, Bundesdruckerei employs 1, 429 persons Key Numbers Bundesdruckerei in figures Human resources Production Currently, Bundesdruckerei employs 1, 429 persons of whom work in Berlin (as of 07/2003). In the year 2002, production included: Revenue In the year 2002, Bundesdruckerei including BIS (Bundesdruckerei International Services) generated revenue of around € 230 million - approx. 10 % from sales abroad. 402 3. 5 100 8. 5 3. 9 3. 3 million banknotes billion postage stamps million revenue stamps million identity cards million passports million EU driving licences plus a large number of patent documents and CD-ROMs. August 2004: 200 Million personalized documents produced Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 4

ICAO q November 1944: Convention on International Civil Aviation, also known as the Chicago ICAO q November 1944: Convention on International Civil Aviation, also known as the Chicago Convention, provided the establishment of the International Civil Aviation Organization (ICAO) q Function: International body to guide and regulate international civil aviation Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 5

Travel Documents q Range of requirements for efficient civil aviation operations (Annex 9, Chicago Travel Documents q Range of requirements for efficient civil aviation operations (Annex 9, Chicago Convention): w Requirement for persons travelling by air. . . to comply with immigration, customs and passport regulations w Requirement for States to facilitate border clearance. . . and prevent unnecessary delays w Requirement for States to develop and adopt internationally standard procedures for immigration and customs clearance Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 6

Travel Documents MRTD Programme q 1968: Establishment of a Panel on Passport Cards w Travel Documents MRTD Programme q 1968: Establishment of a Panel on Passport Cards w Machine readable standardized passport book, initial issuance by Australia, Canada, USA q 1984: Establishment of the TAG/MRTD w Comprised of government officials, expansion to specs for machine readable visa and cards Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 7

Travel Documents Co-operation q International Organization for Standardization (ISO) w Technical and engineering advice Travel Documents Co-operation q International Organization for Standardization (ISO) w Technical and engineering advice to TAG/MRTD by ISO w Doc 9303, Part 1 -3, have received endorsement by ISO: ISO 7501 (1 -3) q International Air Transport Association (IATA) q Airports Council International (ACI) q INTERPOL Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 8

MRTDs q Machine Readable Travel Document (MRTD): Official Document issued by a State or MRTDs q Machine Readable Travel Document (MRTD): Official Document issued by a State or organization which is used by the holder for international travel (e. g. passport, visa, official document of identity) and which contains mandatory visual (eye readable) data and a seperate mandatory data summary in a format which is capable of being read by machine. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 9

MRTDs Holographic Shadow Picture 3 D Figure Machine detectable feature Holographic MRZ Machine Readable MRTDs Holographic Shadow Picture 3 D Figure Machine detectable feature Holographic MRZ Machine Readable Zone (MRZ) Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 10

Advanced MRTDs q Optional expansion of machine readable data capacity w magnetic stripes (especially Advanced MRTDs q Optional expansion of machine readable data capacity w magnetic stripes (especially high density magnetic stripes) w IC chips with contacts, contactless IC chips w optical memories w bar codes, especially 2 D bar codes Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 11

Advanced MRTDs q Machine-assisted identity confirmation (i. e. biometrics) w Displayed identity features (portrait, Advanced MRTDs q Machine-assisted identity confirmation (i. e. biometrics) w Displayed identity features (portrait, signature, fingerprint) w Encoded identity features (face, signature, fingerprints, hand, voice, eyes) Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 12

Advanced MRTDs q ICAO Evaluation and development of advanced MRTDs w Technical Report on Advanced MRTDs q ICAO Evaluation and development of advanced MRTDs w Technical Report on Selection of a Globally Interoperable Biometric for Machine-assisted Identity Confirmation (2001) § Compatibility and ranking of biometric technologies with MRTDs § Face: highest compatibility § Finger, eyes: group 2 § Signature, hand, voice: group 3 Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 13

Advanced MRTDs q Technical Report on Development of a Logical Data Structure (LDS) for Advanced MRTDs q Technical Report on Development of a Logical Data Structure (LDS) for Optional Capacity Expansion Technologies (2002) q ICAO „New Orleans Resolution“, March 2003 Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 14

New Orleans Resolution q ICAO TAG-MRTD/NTWG recognises that Member States currently and will continue New Orleans Resolution q ICAO TAG-MRTD/NTWG recognises that Member States currently and will continue to utilise the facial image as the primary identifier for MRTDs and as such endorses the use of standardised digitally stored facial images as the globally interoperable biometric to support facial recognition technologies for machine assisted identity verification with machine-readable travel documents. q ICAO TAG-MRTD/NTWG further recognises that in addition to the use of a digitally stored facial image, Member States can use standardised digitally stored fingerprint and/or iris images as an additional globally interoperable biometrics in support of machine assisted verification and/or identification. q Member States, in their initial deployment of MRTDs with biometrics identifiers, are encouraged to adopt contactless IC media of sufficient capacity to facilitate onboard storage of additional MRTD data and biometric identifiers. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 15

Co-Existence of Technologies q Additional technologies complement existing technologies q Should one technique fail, Co-Existence of Technologies q Additional technologies complement existing technologies q Should one technique fail, there are other techniques in place that make the proof of the validity of the document possible. q Contactless chip technology is recognized as optimal medium to complement classical high security MRTD. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 16

Contactless Technology q Standard communication with chip card utilizes contact based serial communication q Contactless Technology q Standard communication with chip card utilizes contact based serial communication q The contactless communication uses an electromagnetic field into which the chip module is coupled via an antenna q Data transfer to and from the chip is performed using changes in this field. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 17

Contactless Communication © Philips Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Contactless Communication © Philips Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 18

Chip Technology q Storage of biometric data implies the usage of security controllers with Chip Technology q Storage of biometric data implies the usage of security controllers with large EEPROM sizes w Minimum is 32 k. B w Larger Sizes of 64 k. B and above are recommended q Typical size of biometric data w 12 – 15 k. B for facial image, JPEG compressed w Storing smaller sized templates is at the discretion of the issuing state w Interoperability of templates Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 19

Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into MRTDs Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 20

LDS (Logical Data Structure) q LDS = Logical Data Structure = Standardized interoperable format LDS (Logical Data Structure) q LDS = Logical Data Structure = Standardized interoperable format to store biometric and other personal data on a MRTD q Standardized by ICAO Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 21

What is the LDS? q The LDS is an ISO 7816 -4 compliant file What is the LDS? q The LDS is an ISO 7816 -4 compliant file system used to store biometric data. DF 1 EF. SOD EF. COM EF. DG 1 Bundesdruckerei Gmb. H, SH DP EF. DG 2 EF. DG 3 Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 22

Where is the LDS stored? q On a chip embedded into the passport w Where is the LDS stored? q On a chip embedded into the passport w Different alternatives: § Cover § Data card § In extra page q The chip is accessed contact-less, i. e. via an electromagnetic field. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 23

Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into MRTDs Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 24

Security Mechanisms q Assets to be protected: q Authenticity of personal data w Changes Security Mechanisms q Assets to be protected: q Authenticity of personal data w Changes of biometric data must be detectable w Data must be written to MRTD by authorized organizations only q Privacy of personal data w Who has access to the data stored on the MRTD ? w Can the communication between MRTD and verification terminal be tracked ? q Uniqueness of MRTD w It must not be possible to copy digital data from one passport to another. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 25

Security Mechanisms q Special threats due to usage of contactless technology: w Skimming: Active Security Mechanisms q Special threats due to usage of contactless technology: w Skimming: Active reading the contactless chip from a small distance (may not be observed by holder of document) w Eavesdropping: Passive observation of communication between MRTD and verifier terminal Contactless communication uses changes in EM field these changes induce EM waves Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 26

Sensitivity of data q Data stored on MRTD: w Printed data: § Personal information Sensitivity of data q Data stored on MRTD: w Printed data: § Personal information (Name, date of birth, etc) also encapsulated in MRZ § Facial Image § Signature w Digital Data: § MRZ § Facial Image (mandatory) § Finger prints (optional) § Iris (optional) Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 27

Security Mechanisms Cloning can be prevented by using a chip-individual key pair in a Security Mechanisms Cloning can be prevented by using a chip-individual key pair in a challenge-response mechanism. (optional) Asymmetric crypto Privacy of especially sensitive data can additionality be secured by Extended Access Control (optional) Symmetric/ Asymmetric crypto Privacy can be secured by Basic Access Control (optional) Symmetric crypto Authenticity is secured by a digital signature (Mandatory) 2 level PKI Biometric Data stored on MRTD Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 28

Data Authenticity q Authenticity of the MRTD data is secured by means of a Data Authenticity q Authenticity of the MRTD data is secured by means of a digital signature q Authenticity of the data groups stored can be verified using hash values stored in EF. SO_D. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 29

Data Authenticity q Basic Check mechanism: w Read MRZ optical w First check signature Data Authenticity q Basic Check mechanism: w Read MRZ optical w First check signature in order to check authenticity of complete digital data w Read MRZ digital, check hash value w Compare optical and digital MRZ q Thus a strong link between printed and digital MRTD is achieved. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 30

MRTD PKI Country Signing CA = national root Document Signing CA MRTD Data Digital MRTD PKI Country Signing CA = national root Document Signing CA MRTD Data Digital Signature Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 31

MRTD PKI q ICAO PKD contains Document Signer CA of all participating countries q MRTD PKI q ICAO PKD contains Document Signer CA of all participating countries q ICAO PKD will not contain Country Signer CAs q Distribution of CSCAs has to be performed by bilateral means and via diplomatic channels. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 32

MRTD PKI q Certificate Revocation: CRL must be distributed bilaterally and via the ICAO MRTD PKI q Certificate Revocation: CRL must be distributed bilaterally and via the ICAO PKD q Document Signer Certificate may be included in Document Security Object in order to allow off-line signature verification Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 33

MRTD PKI q MRTDs have validity of 10 years q This poses strong requirements MRTD PKI q MRTDs have validity of 10 years q This poses strong requirements on the parameters of the signature algorithms used q Three algorithms are specified: w ECDSA w RSA w DAS Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 34

MRTD PKI Country Signing CA Keys (Minimum size of parameters) Document Signing CA Keys MRTD PKI Country Signing CA Keys (Minimum size of parameters) Document Signing CA Keys (Minimum size of parameters) Algorit hm Param eter Size/bi ts Param eter Size/bits RSA N 3072 N 2048 DSA p 3072 p 2048 q 256 q 224 256 Point order 224 ECDSA Point order Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 35

Coding of digital signature q The digital signature is coded as a signed data Coding of digital signature q The digital signature is coded as a signed data object according to the specification of Cryptographic Message Syntax q I. e. ASN. 1 DER encoding must be used q For elliptic curves this is specified in the SECG papers Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 36

Basic Access Control q Basic Access Control is used in order to prevent skimming Basic Access Control q Basic Access Control is used in order to prevent skimming and eavesdropping q Philosophy: If MRTD is presented by the holder in such a way, that the optical data can be read, the main biometric data (MRZ, face) should also be readable q Mechanism: Access to chip data is only allowed after successfull completion of a symmetric key based challengeresponse mechanism Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 37

Basic Access Control q Symmetric key is derived from data in MRZ P<D<<MUSTERMANN<<MARKUS<<<<<<<<<<< 1234567897 Basic Access Control q Symmetric key is derived from data in MRZ P

Basic Access Control q Opening the closed passport utilizes a Mutual Authenticate scheme: w Basic Access Control q Opening the closed passport utilizes a Mutual Authenticate scheme: w MRTD and Verifier choose a random challenge RND. MRTD and RND. IFD w Mutual Authenticate is also used in order to establish common secret key for subsequent Secure Messaging operation Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 39

Basic Access Control Common Key K. MRZ Chooses RND. IFD Challenge is exchanged Chooses Basic Access Control Common Key K. MRZ Chooses RND. IFD Challenge is exchanged Chooses RND. MRTD Computes response Response is exchanged Computes response If correctness of response is verified on both sides: Common secret keys for Secure Messaging are derived. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 40

Basic Access Control q Secure Messaging is performed in an ISO 7816 like way Basic Access Control q Secure Messaging is performed in an ISO 7816 like way w Transmitted data is encrypted using 3 DES. w Correctness of data is checked via a 3 DES based MAC computation. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 41

Basic Access Control q Analysis of Basic Access Control Mechanism shows: w Data used Basic Access Control q Analysis of Basic Access Control Mechanism shows: w Data used from MRZ has small entropy w Hence with some additional guess work the cryptographic keys involved could be recovered via a brute force attack q Aim of Basic Access Control is mainly the prevention of skimming, not a sound cryptographical protection of access. Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 42

Extended Access Control q Mechanism similar the BAC (challenge-response mechanism) q Can be based Extended Access Control q Mechanism similar the BAC (challenge-response mechanism) q Can be based on symmetric key derived from w MRZ information AND w Masterkey q Can also be based on asymmetric key pair q Thus offers a variety of available mechanisms of different cryptographic strength Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 43

Active Authentication q Based on asymmetric cryptography q Each MRTD has a document specific Active Authentication q Based on asymmetric cryptography q Each MRTD has a document specific key pair: KPu. AA and KPr. AA q Challenge-Response Mechanism (INTERNAL AUTHENTICATE): Inspection system generated random challenge Inspection system verifies certificate using KPu. AA Bundesdruckerei Gmb. H, SH DP Send to MRTD signs the challenge using KPr. AA Send certificate to inspection system Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 44

Active Authentication q Active Authentication represents the strongest mechanism to protect both w privacy Active Authentication q Active Authentication represents the strongest mechanism to protect both w privacy of the biometric data w Uniqueness of chip module inside MRTD q Chip-Individual key pair implies that cloning is not possible Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 45

Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into Agenda ICAO & Machine Readable Travel Documents ICAO LDS Integration of cryptographic concepts into MRTDs Bundesdruckerei Gmb. H, SH DP Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 46

Thank you for your attention! Detailed technical information available at www. icao. int/mrtd Dr. Thank you for your attention! Detailed technical information available at www. icao. int/mrtd Dr. Kim Nguyen Bundesdruckerei Gmb. H, Berlin kim. [email protected] de Dr. Kim Nguyen, ECC Workshop, Bochum, 20. 9. 2004, 47