Zusammenfassung
Elektronische Reisepässe verwenden als optionales Sicherheitsmerkmal die ,active authentication‘. Hierzu wird vom Chip des Reisepasses eine RSA-Signatur mit dem geheimen Schlüssel des Chips gerechnet, um die Authentizität des Dokumentes nachzuweisen. In einer Studie konnten in zwei Fällen Schwachstellen aufgedeckt werden, die den geheimen Schlüssel kompromittieren.
This is a preview of subscription content, log in via an institution to check access.
Literatur
[AP-SC] Application of Attack Potential to Smartcards (CC Supporting Document), Version 3.0, April 2019, JIL, abrufbar unter https://www.sogis.eu/documents/cc/domains/sc/JIL-Application-of-Attack-Potential-to-Smartcards-v3-0.pdf
[H09] Martin Hlavác. Known-Plaintext-Only Attack on RSA-CRT with Montgomery Multiplication. In CHES 2009, Lecture Notes in Computer Science 5747, Springer 2009, pages 128-140.
[ISO] International Organization for Standardization (ISO). ISO/IEC 14443: Identification Cards - Contactless Integrated Circuit(s) Cards - Proximity Cards – Part 1-4, www.iso.ch.
[OP11] David Oswald, Christof Paar. Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World. In CHES 2011, Lecture Notes in Computer Science 6917, Springer 2011, pages 207-222.
[KOP11] Timo Kasper, David Oswald, Christof Paar. Seitenkanalanalyse kontaktloser SmartCards. In Datenschutz und Datensicherheit35(11): 786-790 (2011).
[ICAO] International Civil Aviation Organization (ICAO). Doc 9303, Machine Readable Travel Documents. Part 11: Security Mechanisms for MRTDs, https://www.icao.int.
Technische Richtlinie TR-02102-1 Kryptographische Verfahren Empfehlungen und Schlüssellängen, Version 2019-01, Bundesamt für Sicherheit in der Informationstechnik (BSI), 2019.
[T19] Emmanuel Thomé. 795-bit factoring and discrete logarithms. https://lists.gforge.inria.fr/pipermail/cado-nfs-discuss/2019-December/001139.html
[RSA-Guide] Minimum Requirements for Evaluating Side-Channel Attack Resistance of RSA, DSA and Diffie-Hellman Key Exchange Implementations, Anhang zur AIS 46, BSI, 2013
[DQ98] Jean-François Dhem, Jean-Jacques Quisquater. Recent Results on Modular Multiplications for Smart Cards. CARDIS 1998: 336-352.
[BDF98] Boneh, Dan; Durfee, Glenn; Frankel, Yair. An Attack on RSA Given a Small Fraction of the Private Key Bits. In Asiacrypt 1998. Lecture Notes in Computer Science 1514, Springer 1998, pages 25-34.
[CCC+19] Mathieu Carbone, Vincent Conin, Marie-Angela Cornelie, François Dassance, Guillaume Dufresne, Cécile Dumas, Emmanuel Prouff, Alexandre Venelli. Deep Learning to Evaluate Secure RSA Implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2): 132-161 (2019).
[GKS20] Aron Gohr, Dominik Klein, Werner Schindler. Verräterischer Stromverbrauch. In dieser Ausgabe der Datenschutz und Datensicherheit.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Heuft, M., Feldhusen, D. Angriffe auf Chips in Reisepässen . Datenschutz Datensich 44, 436–440 (2020). https://doi.org/10.1007/s11623-020-1301-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11623-020-1301-5