Weakening ePassports through Bad Implementations

Different countries issue an electronic passport embedding a contactless chip that stores the holder data (ePassport). Due to the sensitive nature of the information present on such chip, the relative data do not have to be accessible without authorization. That being so an access control mechanism based on symmetric cryptography called Basic Access Control (BAC) has been introduced to regulate the chip access and encrypt its communication. In this work we present the flaws we have found out in some implementations of the software hosted on ePassport chips and how they affect BAC reducing its keys space and opening a door for a MITM attacks. The results of this paper could be exploited as a first guide for reviewing and refining existing ePassport implementations.JRC.G.7-Digital Citizen Securit