[LINK] Industry Reply on e-Passport Cloning

Geoffrey Ramadan gramadan at umd.com.au
Sat Aug 12 15:16:22 AEST 2006 

Adam

1) e-Passports use Near Field electromagnetic properties (i.e. it is not 
like a radio transmitter which uses Far Field properties, but works like 
a transformer which uses inductive coupling). The Near Field boundary is 
defined at  Wavelength/2xPi  @ 13.56MHz this is about 3.52M  This 
defines the theoretical maximum for which this effect works.

The actual distance is dependent on the geometry of the antenna 
(inductance and other factors) and how much energy you can transfer to 
the tag. Noting that the Power the tag receives is dependent on how much 
"flux" it can collect (i.e. area), which is required to power the tags 
microcircuit (hence setting a min requirement)

A very simple approximation is that max read range is fixed by the size 
of the antenna. However, as shown above, the size of the tags antenna is 
also important (greater distance less flux/energy)

Translation: small antenna tag, small read range.

The best I have seen @ 13.56MHz RFID is an antenna frame (which you can 
pass through) the size of a small shed, able to read tags that are 30cm 
square at about 2 meters. The tags had also been specifically designed 
and tuned for this to work.

I would conclude that it would be impossible to read the e-Passport tag 
at any significant distance, and certainly not at 4m. It would be 
interesting to see how well a tunnel reader would work though!

2) Also the passport has in a metal thread embedded into one of the 
pages (forming a ground plane). If the e-Passport is closed, it would be 
impossible to read.

3) As pointed out before, even if they did copy a e-Passport, I believe 
this will make it easier to catch the fraudsters.

Reg

Geoffrey Ramadan B.E.(Elec)
Chairman, Automatic Data Capture Association (www.adca.com.au)
and
Managing Director, Unique Micro Design (www.umd.com.au)


Adam Todd wrote:
>
> Did I not mention this a week ago :)  (Probably end up in the Supreme 
> Court on those comments too!)
>
> Creating a mechanism that clones data and is able to re transmit or 
> cause to be transmitted is easy.
>
> In fact, if you sat near a scanner with a sensitive enough receiver, 
> you could easily record the data stream - say up to 4 meters away 
> would be sufficient.
>
> After recording a dozen data streams at an airport check point, you 
> could easily create clone data, and transmit them in place of the real 
> passports that are being scanned using a more powerful transmitter.
>
> This is rudimentary communications, lets not get into encryption and 
> handshakes and such, because there has to be something common each way 
> to make it all work and as it's wireless it's open to intercept.
>
> At 04:56 PM 11/08/2006, Geoffrey Ramadan wrote:
>> Industry reply on e-passport cloning.
>> http://www.rfidjournal.com/article/articleview/2559/1/1/
>>
>> Some choice comments:
>> "However, Grunwald merely cloned the data on the IC inside his 
>> passport. He did not counterfeit the passport, nor did he manipulate 
>> the data."
>>
>> "Cloning a passport's inlay, according to the Smart Card Alliance, 
>> would be no different than stealing someone else's passport and 
>> trying to present that as your own at a border entry point."
>>
>> "What this person has done is neither unexpected nor really all that 
>> remarkable,"
>>
>> -- 
>> Reg
>>
>> Geoffrey Ramadan B.E.(Elec)
>> Chairman, Automatic Data Capture Association (www.adca.com.au)
>> and
>> Managing Director, Unique Micro Design (www.umd.com.au)
>>
>> _______________________________________________
>> Link mailing list
>> Link at mailman.anu.edu.au
>> http://mailman.anu.edu.au/mailman/listinfo/link
>>
>

More information about the Link mailing list