understanding the importance and impact of anonymity and authentication in a networked society
navigation menu top border

.:home:.     .:project:.    .:people:.     .:research:.     .:blog:.     .:resources:.     .:media:.

navigation menu bottom border
main display area top border
« CAROLE LUCOCK JOINS ON THE IDENTITY TRAIL AS PROJECT MANAGER | Main | California bill would ban tracking chips in IDs »

Feds Rethinking RFID Passport

posted by:Jennifer Manning // 07:58 AM // April 27, 2005 // Surveillance and social sorting


Following criticism from computer security professionals and civil libertarians about the privacy risks posed by new RFID passports the government plans to begin issuing, a State Department official said his office is reconsidering a privacy solution it rejected earlier that would help protect passport holders' data.

The solution would require an RFID reader to provide a key or password before it could read data embedded on an RFID passport's chip. It would also encrypt data as it's transmitted from the chip to a reader so that no one could read the data if they intercepted it in transit.

Click here for the rest of the Wired News article.

Trackback Pings

TrackBack URL for this entry:
http://www.blogonnymity.com/powerblog/mt-tb.cgi/34

Comments

I think the State Department is not telling the real (or at least reasonable) motivations for using RFIDs on passports.

What is being claimed now (in the article as well as in the INTERNATIONAL CIVIL AVIATION ORGANIZATION document mentioned) is that the RFIDs are being used for the only purpose of holding an electronic signature that can be matched with the information found on the passport thus certifying its authenticity.
But this very same security requirement can be achieved in a 1) more cost effective and 2) more secure (from eavesdropping) way using UPC bar code technology. So why does the State Department insist on using RFIDs? Certainly not for lack of ideas or solutions.

In fact, as indicated in the article, the U.S. officials rejected an anti-skimming/eavesdropping solution that the International Civil Aviation Organization proposed. And that's quite reasonable because their solution destroys RFIDs' ability to be read remotely and with no line-of-sight, reducing it to a mere barcode (with a higher cost!) which is apparently not what U.S. officials are looking for.

For more on RFIDs, their reading range, and cost see http://www.rfid-101.com/rfid-frequencies.htm

Posted by: Mohamed Layouni at April 28, 2005 11:08 AM

Post a comment




Remember Me?


main display area bottom border

.:privacy:. | .:contact:.


This is a SSHRC funded project:
Social Sciences and Humanities Research Council of Canada