Abstract
According to the European Commission Decision C(2006) 2909, EU Member States must implement Supplemental Access Control (SAC) on biometric passports. The SAC standard describes two versions of a password based authenticated key exchange protocol called PACE-GM and PACE-IM. Moreover, it defines an extension called PACE-CAM. Apart from password authentication and establishing a session key, the PACE-CAM protocol executes an active authentication of the ePassport with just one extra modular multiplication. However, it uses PACE-GM as a building block and does not work with the more efficient protocol PACE-IM. In this paper we propose an active authentication extension, which can be used with both PACE-GM and PACE-IM. Moreover, the protocol’s overhead on the side of the ePassport, remains the same despite more universality.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For the protocols concerned, in fact we may assume there is one server with many instances.
References
Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptology 21(2), 149–177 (2008)
Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: The PACE|AA protocol for machine readable travel document, and its security. In: Proceedings of the 16th International Conference on Financial Cryptography and Data Security (2012)
Bender, J., Fischlin, M., Kügler, D.: Security analysis of the PACE key-agreement protocol. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 33–48. Springer, Heidelberg (2009)
Bender, J., Fischlin, M., Kügler, D.: The PACE\(|\)CA protocol for machine readable travel documents. In: Bloem, R., Lipp, P. (eds.) INTRUST 2013. LNCS, vol. 8292, pp. 17–35. Springer, Heidelberg (2013)
Bender, J., Kügler, D.: Verfahren zur Authentisierung, RF-chip-Dokument, RF-Chip-Lesegerät und Computerprogrammprodukte, 13 September 2012. WO Patent App. PCT/EP2012/001,076 (2012)
Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE Symposium on Research in Security and Privacy, pp. 72–84 (1992)
Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
BSI. Advanced Security Mechanisms for Machine Readable Travel Documents and eIDAS Token 2.20. Technical Guideline TR-03110-2 (2015)
Coron, J.-S., Gouget, A., Icart, T., Paillier, P.: Supplemental Access Control (PACE v2): Security Analysis of PACE Integrated Mapping. Cryptology ePrint Archive, Report 2011/058 (2011)
Hanzlik, L., Krzywiecki, Ł., Kutyłowski, M.: Simplified PACE\(|\)AA protocol. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 218–232. Springer, Heidelberg (2013)
ISO/IEC JTC1 SC17 WG3/TF5 for the International Civil Aviation Organization. Supplemental access control for machine readable travel documents v1.01. Technical report, 08 March 2011
ISO/IEC JTC1 SC17 WG3/TF5 for the International Civil Aviation Organization. Supplemental access control for machine readable travel documents v1.1. Technical report, 15 April 2014
David, P.: Jablon: strong password-only authenticated key exchange. SIGCOMM Comput. Commun. Rev. 26(5), 5–26 (1996)
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332 (2004). http://eprint.iacr.org/
Acknowledgment
The research was supported by the Polish National Science Centre based on the decision DEC-2013/08/M/ST6/00928. Initial work of the first author has been supported by Foundation for Polish Science project VENTURES/2012-9/4.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Hanzlik, L., Kutyłowski, M. (2016). Chip Authentication for E-Passports: PACE with Chip Authentication Mapping v2 . In: Bishop, M., Nascimento, A. (eds) Information Security. ISC 2016. Lecture Notes in Computer Science(), vol 9866. Springer, Cham. https://doi.org/10.1007/978-3-319-45871-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-45871-7_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-45870-0
Online ISBN: 978-3-319-45871-7
eBook Packages: Computer ScienceComputer Science (R0)