Skip to main content
SpringerLink
Log in

A Better Time Approximation Scheme for e-Passports

  • Conference paper
Trust, Privacy, and Security in Digital Business (TrustBus 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8058))

  • 989 Accesses

Abstract

E-passports are the new means of identification documents in border control points, where special reader devices named inspection terminals are installed to authenticate travelers. The authentication of e-passports to inspection terminals is based on biometric data stored in the formers, while the authentication of inspection terminals to e-passports is based on digital certificates. To check the expiration date of certificates, e-passports maintain an internal variable named effective date, which provides only an estimation of the current time. This introduces a serious threat on e-passports’ privacy. Specifically, e-passports may accept expired certificates, considering them as non-expired, due to the time difference between the effective dates of e-passports and the current time. Thus, in case an adversary obtains an expired certificate, he/she may impersonate a fake inspection terminal and compromise sensitive personal information (e.g., biometric data) from e-passports. This paper proposes a scheme that enables e-passports to update their effective dates based on the effective dates of other, more recently updated e-passports, in a secure and effective manner. In this way, more e-passports have a better estimation of the current time, reducing the time window in which an attacker can use an expired certificate. The proposed scheme minimizes the deployment complexity, since it does not require extensive modifications to the existing infrastructure, while at the same time maintains compatibility with the legacy system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany: Advanced Security Mechanisms for Machine Readable Travel Documents – Extended Access Control (EAC), version 1.0, TR-03110 (2006)

    Google Scholar 

  2. Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany: Advanced Security Mechanisms for Machine Readable Travel Documents - EAC, PACE and RI, version 2.0 TR-03110 (2008)

    Google Scholar 

  3. Commission Decision C (2006) 2909, EU – E-passport Specification (June 28, 2006)

    Google Scholar 

  4. Nithyanand, R.: A Survey on the Evolution of Cryptographic Protocols in e-passports. University of California – Irvine (2009)

    Google Scholar 

  5. Sinhahttp, A.: A survey of system security in contactless electronic e-passports. International Journal of Critical Infrastructure Protection 4(3-4), 154–164 (2011), www.sciencedirect.com/science/article/pii/S187454821100045X-af000005

    Article  Google Scholar 

  6. Nithyanand, R., Tsudik, G., Uzun, E.: Readers Behaving Badly Reader Revocation in PKI-Based RFID Systems. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 19–36. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  7. Ullmann, M., Vögeler, M.: Contactless Security Token Enhanced Security by Using New Hardware Features in Cryptographic-Based Security Mechanisms” from “Towards Hardware-Intrinsic Security Information” Security and Cryptography, ch. 4.4, pt. 5, pp. 259–279 (2010)

    Google Scholar 

  8. Pasupathinathan, V., Pieprzyk, J., Wang, H.: An on-line secure E-passport protocol. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 14–28. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  9. Abid, M., Afifi, H.: Secure e-passport protocol using elliptic curve diffie-hellman key agreement protocol. In: 4th International Conference on Information Assurance and Security (2008)

    Google Scholar 

  10. Li, C.H., Zhang, X.F., Jin, H., Xiang, W.: E-passport EAC scheme based on Identity-Based Cryptography. Information Processing Letters 111, 26–30 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  11. Najera, P., Moyano, F., Lopez, J.: Security Mechanisms and Access Control Infrastructure for e-passports and General Purpose e-Documents. Journal of Universal Computer Science 15(5), 970–991 (2009)

    Google Scholar 

  12. Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures for delegating signing operation. In: Proceedings of the 3rd ACM Conference on Computer and Communications Security. ACM (1996)

    Google Scholar 

  13. Shao, Z.: Proxy signature schemes based on factoring. Information Processing Letters 85, 137–143 (2003)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Digital Systems, University of Piraeus, Piraeus, Greece

    Charalampos Petrou, Christoforos Ntantogian & Christos Xenakis

Authors
  1. Charalampos Petrou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christoforos Ntantogian
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christos Xenakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Centre for Security Communications and Network Research, Plymouth University, PL4 8AA, Plymouth, UK

    Steven Furnell

  2. Department of Digital Systems, University of Piraeus, 18532, Piraeus, Greece

    Costas Lambrinoudakis

  3. Computer Science Department, University of Malaga, Campus de Teatinos s/n, 29071, Malaga, Spain

    Javier Lopez

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Petrou, C., Ntantogian, C., Xenakis, C. (2013). A Better Time Approximation Scheme for e-Passports. In: Furnell, S., Lambrinoudakis, C., Lopez, J. (eds) Trust, Privacy, and Security in Digital Business. TrustBus 2013. Lecture Notes in Computer Science, vol 8058. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40343-9_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40343-9_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40342-2

  • Online ISBN: 978-3-642-40343-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation