[Ben]: | RFID passports | No discussion found | By Bruce Schneier ...
Source
Since 9/11, the Bush administration -- specifically, the Department of Homeland Security -- has wanted the world to standardize on machine-readable passports. Future U.S. passports, currently being tested, will include an embedded computer chip. This chip will allow the passport to contain much more information than a simple machine-readable character font, and will allow passport officials to quickly and easily read that information. That's a reasonable requirement, and a good idea for bringing passport technology into the 21st Century. But the administration is advocating radio frequency identification (RFID) chips for both US and foreign passports, and that's a very bad thing.
RFID chips are like smart cards, but they can be read from a distance. A receiving device can "talk" to the chip remotely, without any need for physical contact, and get whatever information is on it. Passport officials envision being able to download the information on the chip simply by bringing it within a few centimeters of a reader.
Unfortunately, RFID chips can be read by any reader, not just the ones at passport control. The upshot of this is that anyone carrying around an RFID passport is broadcasting his identity.
Think about what that means for a minute. It means that a passport holder is continuously broadcasting his name,nationality, age, address, and whatever else is on the RFID chip. It means that anyone with a reader can learn that information, without the passport holder's knowledge or consent. It means that pickpockets, kidnappers, and terrorists can easily -- and surreptitiously -- pick Americans out of a crowd.
It's a clear threat to both privacy and personal safety. Quite simply, it's a bad idea.
The administration claims that the chips can only be read from a few centimeters away, so there's no potential for abuse. This is a spectacularly naive claim. All wireless protocols can work at much longer ranges than specified. In tests, RFID chips have been read by receivers 20 meters away. Improvements in technology are inevitable.
Security is always a trade-off. If the benefits of RFID outweigh the risks, then maybe it's worth it. Certainly there isn't a significant benefit when people present their passport to a customs official. If that customs official is going to take the passport and bring it near a reader, why can't he go those extra few centimeters that a contact chip would require?
The administration is deliberately choosing a less secure technology without justification. If there were a good reason to choose that technology, then it might make sense. But there isn't. There's a large cost in security and privacy, and no benefit. Any rational analysis will conclude that there isn't any reason to choose an RFID chip over a conventional chip.
Unfortunately, there is a reason. At least, it's the only reason I can think of for the administration wanting RFID chips in passports: they want surreptitious access themselves. They want to be able to identify people in crowds. They want to pick out the Americans, and pick out the foreigners. They want to do the very thing that they insist, despite demonstrations to the contrary, can't be done.
Normally I am very careful before I ascribe such sinister motives to a government agency. Incompetence is the norm, and malevolence is much rarer. But this seems like a clear case of the government putting its own interests above the security and privacy of its citizens, and then lying about it. |
| 2004-10-19 Permanent Link: RFID passports |