Security analysis of Australian and E.U. E-passport implementation

Vijayakrishnan Pasupathinathan*, Josef Pieprzyk, Huaxiong Wang

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

7 Citations (Scopus)

Abstract

This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism.

Original languageEnglish
Pages (from-to)187-205
Number of pages19
JournalJournal of Research and Practice in Information Technology
Volume40
Issue number3
Publication statusPublished - 2008

Fingerprint Dive into the research topics of 'Security analysis of Australian and E.U. E-passport implementation'. Together they form a unique fingerprint.

Cite this