Biometric passport

Summary

A biometric passport (also known as an e-passport or a digital passport) is a traditional passport that has an embedded electronic microprocessor chip which contains biometric information that can be used to authenticate the identity of the passport holder. It uses contactless smart card technology, including a microprocessor chip (computer chip) and antenna (for both power to the chip and communication) embedded in the front or back cover, or centre page, of the passport. The passport's critical information is printed on the data page of the passport, repeated on the machine readable lines and stored in the chip. Public key infrastructure (PKI) is used to authenticate the data stored electronically in the passport chip, supposedly making it expensive and difficult to forge when all security mechanisms are fully and correctly implemented. Many countries are moving towards issuing biometric passports to their citizens. Malaysia was the first country to issue biometric passports in 19

Official source

https://en.wikipedia.org/wiki/Biometric_passport

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related publications (13)

Related publications

Related people (2)

Related people

Related units (1)

Related units

Related concepts (12)

Related concepts

Related courses (2)

Related courses

Related lectures (5)

Related lectures

Since the beginning of this brand new century, and especially since the 2001 Sept 11 events in the U.S, several biometric technologies are considered mature enough to be a new tool for security. Generally associated to a personal device for privacy protection, biometric references are stored in secured electronic devices such as smart cards, and systems are using cryptographic tools to communicate with the smart card and securely exchange biometric data. After a general introduction about biometrics, smart cards and cryptography, a second part will introduce our work with fake finger attacks on fingerprint sensors and tests done with different materials. The third part will present our approach for a lightweight fingerprint recognition algorithm for smart cards. The fourth part will detail security protocols used in different applications such as Personal Identity Verification cards. We will discuss our implementation such as the one we developed for the NIST to be used in PIV smart cards. Finally, a fifth part will address Cryptography-Biometrics interaction. We will highlight the antagonism between Cryptography – determinism, stable data – and Biometrics – statistical, error-prone –. Then we will present our application of challenge-response protocol to biometric data for easing the fingerprint recognition process.

EPFL2010

The Extended Access Control for Machine Readable Travel Documents

Rafik Chaabouni

Machine Readable travel documents have been rapidly put in place since 2004. The initial standard was made by the ICAO and it has been quickly followed by the Extended Access Control (EAC). In this presentation, we discuss about the evolution of these standards and more precisely on the evolution of EAC. This presentation and its related paper [1] intend to give a realistic survey on these standards and discusse about their problems, such as the inexistence of a clock in the biometric passports and the absence of a switch preventing the lecture of a closed passport. We will also look at the issue with retrocompatibility that could be easily solved and the issue with terminal revocation that is harder. Hence the conclusions that we obtained, invalidates the claims of [5]. [1] R. Chaabouni, S. Vaudenay. The Extended Access Control for Machine Readable Travel Documents. In BIOSIG 2009: Biometrics and Electronic Signatures, volume 155 of Lecture Notes in Informatics, pages 93-103, Darmstadt, Germany, 17.-18. September, 2009. Gesellschaft für Informatik. [5] R. Nithyanand. The Evolution of Cryptographic Protocols in Electronic Passports. Cryptology ePrint Archive, Report 2009/200.

2010

Enhancing Privacy Protection

Rafik Chaabouni

Privacy has recently gained an importance beyond the field of cryptography. In that regard, the main goal behind this thesis is to enhance privacy protection. All of the necessary mathematical and cryptographic preliminaries are introduced at the start of this thesis. We then show in Part I how to improve set membership and range proofs, which are cryptographic primitives enabling better privacy protection. Part II shows how to improve the standards for Machine Readable Travel Documents (MRTDs), such as biometric passports. Regarding set membership proofs, we provide an efficient protocol based on the Boneh-Boyen signature scheme. We show that alternative signature schemes can be used and we provide a general protocol description that can be applied for any secure signature scheme. We also show that signature schemes in our design can be replaced by cryptographic accumulators. For range proofs, we provide interactive solutions where the range is divided in a base u and the u-ary digits are handled by one of our set membership proofs. A general construction is also provided for any set membership proof. We additionally explain how to handle arbitrary ranges with either two range proofs or with an improved solution based on sumset representation. These efficient solutions achieve, to date, the lowest asymptotical communication load. Furthermore, this thesis shows that the first efficient non-interactive range proof is insecure. This thesis thus provides the first efficient and secure non-interactive range proof. In the case of MRTDs, two standards exist: one produced by the International Civil Aviation Organization (ICAO) and the other by the European Union, which is called the Extended Access Control (EAC). Although this thesis focuses on the EAC, which is supposed to solve all privacy concerns, it shows that both standards fail to provide complete privacy protection. Lastly, we provide several solutions to improve them.

EPFL2017

Enhancing Privacy Protection

Rafik Chaabouni

EPFL2017