The first generation of European e-passports will be issued in 2006. Wediscuss how borders are crossed regarding the security and privacy erosion ofthe proposed schemes, and show which borders need to be crossed to improve thesecurity and the privacy protection of the next generation of e-passports. Inparticular we discuss attacks on Basic Access Control due to the low entropy ofthe data from which the access keys are derived, we sketch the Europeanproposals for Extended Access Control and the weaknesses in that scheme, andshow how fundamentally different design decisions can make e-passports moresecure.
展开▼