E-assport Testing Ensuring Global Acceptance By: Jos Chehin Date: 17 ovember 2006 Location: ASML
Global Acceptance of the e-assport Global Acceptance Interoperability Functionality Security Test Standards e-assport Standards www.collis.nl 2
Agenda The e-assport The ICAO/ISO e-assport Standards Test coverage of the Application rotocol and Logical Data Structure Test Standard Findings and Conclusions www.collis.nl 3
The e-assport Contactless chip rocessing capability Data storage KI Biometrics (Face, fingerprint, eyes) Secure electronic identification www.collis.nl 4
The e-assport Standards ISO 14443 ublic Key Cryptography conform to the ICAO KI standard The ISO 7816-4 Standard Standard for the e-assport Logical Data Structure (LDS) ICAO LDS ersonalisation OSI Layer 6-7 ICAO KI ISO 7816-4,8 ISO 14443 Application Hardware OSI Layer 6-7 OSI Layer 1-4 www.collis.nl 5
Testing the e-assport Hardware Collis SmartWave box Reads/simulates Test Suite s Low level interoperability Low level interoperability test events (ISO 14443): Cross-over testing interoperability rates 93% in Singapore 87% in Berlin Readable ISO/ICAO conformance www.collis.nl 6
e-assport Security Mechanisms Security mechanisms: assive Authentication (Mandatory) Active Authentication (Optional) Basic Access Control (Optional) Extended Access Control (Optional) Issuing States MAY choose additional security, using more complex ways of securing the chip and its data. ICAO KI Application OSI Layer 6-7 www.collis.nl 7
e-assport Smartcard Commands e-assport to reader communication on ADU level assive Authentication Active Authentication Basic Access Control Extended Access Control SELECT READ BIARY(B0/B1) SELECT READ BIARY(B0/B1) ITERAL AUTHETICATE SELECT GET CHALLEGE MUTUAL AUTHETICATE ISO 7816-4,8 Application OSI Layer 6-7 www.collis.nl 8
The e-assport LDS ICAO LDS ersonalisation www.collis.nl 9
Testing the e-assport Application and LDS ICAO/ISO Test Standard Security Security Mechanisms Smartcard commands ositive egative The LDS Encoding of the LDS data objects www.collis.nl 10
Test Coverage of the ICAO KI Test Standard assive Auth. Active Auth. Basic Access Control Extended Access Control assive Auth. Active Auth. Basic Access Control Extended Access Control Mandatory EU US Mandatory EU US www.collis.nl 11
Test Coverage of the ICAO LDS Test Standard EF.COM DG1 Machine Readable Zone (MRZ) DG2 Encoded Face DG3 Encoded Finger (s) DG4 Encoded Eye (s) DG5 Displayed Identification features : DG7 Mandatory EU US DG8 Encoded Security Features : DG10 DG11 Additional personal details DG12 Additional Document Details DG13 Optional Details Dg14 Reserved for future use DG15 Active Authentication k DG16 ersons to notify www.collis.nl 12 EF.SOD
Test Coverage of the ICAO LDS Test Standard EF.COM DG1 Machine Readable Zone (MRZ) DG2 Encoded Face DG3 Encoded Finger (s) DG4 Encoded Eye (s) DG5 Displayed Identification features : DG7 Mandatory EU US DG8 Encoded Security Features : DG10 DG11 Additional personal details DG12 Additional Document Details DG13 Optional Details Dg14 Reserved for future use DG15 Active Authentication k DG16 ersons to notify www.collis.nl 13 EF.SOD
Smartcard Command ADU Tests umber of ositive / egative tests defined per ISO 7816 command 12 10 11 8 6 6 7 4 2 0 3 3 22 1 1 1 1 0 0 0 00 SL B0 B1 B0sfi B1sfi GC MA AA ositive Tests Defined egative Tests Defined www.collis.nl 14
ISO 7816 Command Test Coverage Matrix CLA 1 2 Lc Crypt Data CC TLV Offset SM Le Rtrn bytes B1sfi B0sfi B0 B1 SEL GC MA IA www.collis.nl 15
Findings Some optional, but important security features not covered by the ICAO test standard (AA, EA) e-assport chip response on incorrect commands not tested thouroughly (negative tests) Gaps in the test specification Global Acceptance Interoperability Functionality Security Test Standards E-assport Standards www.collis.nl 16
Recommendation Additional tests need to be developed to fill up gaps in the test specification Global Acceptance Interoperability Functionality Security Test Standards E-assport Standards www.collis.nl 17
-End- www.collis.nl 18