Most active commenters
  • lukan(3)
  • crowbahr(3)

←back to thread

Reading NFC Passport Chips in Linux

(shkspr.mobi)
287 points robin_reala | 14 comments | 25 Jun 25 07:33 UTC | HN request time: 0.001s | source | bottom
Show context
dzhiurgis ◴[25 Jun 25 09:35 UTC] No.44375315[source]
Hol up. So what stops you from uploading custom photo + metadata onto random chip and planting it in a fake passport?
replies(5): >>44375334 #>>44375336 #>>44375342 #>>44375469 #>>44376015 #
edent ◴[25 Jun 25 09:39 UTC] No.44375342[source]
The data are signed with the passport issuing authority's private key.

So you could implement a chip which reacts like an official passport. When the border guards see that the signature is invalid, you can explain how it's just a prank and you'll all have a jolly good laugh about it.

replies(4): >>44375530 #>>44375612 #>>44375693 #>>44375852 #
1. 23434dsf ◴[25 Jun 25 10:12 UTC] No.44375530[source]
So if I strolled through the airport with a high power NFC reader/writer, I could ruin a lot of peoples trips?
replies(4): >>44375586 #>>44375593 #>>44375610 #>>44376406 #
2. daveoc64 ◴[25 Jun 25 10:20 UTC] No.44375586[source]
What makes you think you could do this?
3. lukan ◴[25 Jun 25 10:21 UTC] No.44375593[source]
"The NFC chip in a passport is protected by a password. The password is printed on the inside of the physical passport. As well as needing to be physically close to the passport for NFC to work0, you also need to be able to see the password."
replies(2): >>44375631 #>>44379675 #
4. edent ◴[25 Jun 25 10:23 UTC] No.44375610[source]
No.

NFC chips can be locked. That means the data can't be overwritten. No matter the writer, nor its strength, you can't overwrite a passport's chip.

I suppose you could use an EMP - but that would ruin a lot more than just some trips.

5. wkat4242 ◴[25 Jun 25 10:25 UTC] No.44375631[source]
Yes but. In Europe this tech is also in our id cards whether said passport is printed on the outside (considering it's just a credit card format). You still have to see it but it doesn't have to be opened to the right page like a passport.

Both sides even have the info printed. One side in human format, the owner side in machine readable.

replies(1): >>44375664 #
6. lukan ◴[25 Jun 25 10:30 UTC] No.44375664{3}[source]
Yes, but this still means a attacker needs to have physical access to the passport?
replies(2): >>44375871 #>>44376215 #
7. tialaramex ◴[25 Jun 25 11:04 UTC] No.44375871{4}[source]
They need to know the information which functions as key. Because many people don't trust government secrets, the information used for this purpose on a passport is actually just facts about you which were already printed in your passport, plus the passport number. The machine summarises these in a "Machine readable zone" but they're nothing you didn't know.

For a random traveller you can probably guess roughly how old they are, which is a few bits for the date-of-birth, and maybe you could strike up conversation and discover their name (or maybe it's printed on baggage, called out by fellow travellers etc.) but yeah it'll be very hard

For a very well known person you can likely discover everything except the passport number and you might get a decent guess at that from knowing roughly when it would be issued.

replies(1): >>44376030 #
8. lukan ◴[25 Jun 25 11:29 UTC] No.44376030{5}[source]
"For a very well known person you can likely discover everything except the passport number and you might get a decent guess at that from knowing roughly when it would be issued."

From a very well known person you could probably also steal everything you need directly, if your purpose is to create damage.

9. wkat4242 ◴[25 Jun 25 11:52 UTC] No.44376215{4}[source]
Kinda the same as with the NFC.

You can read from a small distance, probably further than you can read an NFC tag with your phone. And you can automate both on a phone (OCR and NFC)

10. crowbahr ◴[25 Jun 25 12:16 UTC] No.44376406[source]
In addition to the mechanisms people are describing here - passports have a metal mesh in them to disrupt NFC signals. It's not a full faraday cage but it works on similar principles. The passport has to be _open_ to be read from, and then only after you transmit the MRZ will you get anything.
replies(1): >>44376888 #
11. raron ◴[25 Jun 25 13:08 UTC] No.44376888[source]
> passports have a metal mesh in them to disrupt NFC signals

I don't think that is universally true. At least I can read my closed 2 years old passport with my phone.

replies(1): >>44377403 #
12. crowbahr ◴[25 Jun 25 13:56 UTC] No.44377403{3}[source]
Hmm the American passports have the mesh afaik - I _thought_ it was part of the ICAO docs (not that that means people do it but still...)
replies(1): >>44379389 #
13. crowbahr ◴[25 Jun 25 16:51 UTC] No.44379389{4}[source]
Just tested on my American passport - it will not read while closed, either from the front or the back. Opening it up - no issues reading. Seems like there is in fact a faraday mesh or something
14. lxgr ◴[25 Jun 25 17:14 UTC] No.44379675[source]
Even that password only gives you read access.

I don't think ICAO passports can ever be rewritten post-issuance. Some national IDs can, e.g. to change the holder's residential address, but for passports, I don't think any part of the on-chip data can be changed post-issuance, since it would also require re-printing data on the photo page usually under protective plastic.