Breaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity

Horne, Ross James; Mauw, Sjouke; Smith, Zachary Daniel; Filimonov, Ihor

Reference : Breaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/41606

Title :	Breaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity
Language :	English
Author, co-author :	Horne, Ross James [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
	Mauw, Sjouke [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
	Smith, Zachary Daniel [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Other contributor :	Filimonov, Ihor [University of Luxembourg > > > Master's Student]
Publication date :	23-Sep-2019
Main document title :	Breaking Unlinkability of the ICAO 9303 Standard for e-Passports using Bisimilarity
Pages :	18
Peer reviewed :	Yes
Audience :	International
Event name :	The European Symposium on Research in Computer Security
Event date :	from 23-09-2019 to 27-09-2019
Event organizer :	University of Luxembourg
Event place (city) :	Luxembourg
Event country :	Luxembourg
Keywords :	[en] Security Protocols ; e-passports ; bisimilarity
Abstract :	[en] We clear up confusion surrounding privacy claims about the ICAO 9303 standard for e-passports. The ICAO 9303 standard includes a Basic Access Control (BAC) protocol that should protect the user from being traced from one session to another. While it is well known that there are attacks on BAC, allowing an attacker to link multiple uses of the same passport, due to differences in implementation; there still remains confusion about whether there is an attack on unlinkability directly on the BAC protocol as specified in the ICAO 9303 standard. This paper clarifies the nature of the debate, and sources of potential confusion. We demonstrate that the original privacy claims made are flawed, by uncovering attacks on a strong formulation of unlinkability. We explain why the use of the bisimilarity equivalence technique is essential for uncovering our attacks. We also clarify what assumptions lead to proofs of formulations of unlinkability using weaker notions of equivalence. Furthermore, we propose a fix for BAC within the scope of the standard, and prove that it is correct, again using a state-of-the-art approach to bisimilarity.
Target :	Researchers ; Professionals
Permalink :	http://hdl.handle.net/10993/41606

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	esorics-2019-unlinkability.pdf		Author postprint	248.93 kB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices