←back to thread

Reading NFC Passport Chips in Linux

(shkspr.mobi)
287 points robin_reala | 1 comments | 25 Jun 25 07:33 UTC | HN request time: 0s | source
Show context
dzhiurgis ◴[25 Jun 25 09:35 UTC] No.44375315[source]
Hol up. So what stops you from uploading custom photo + metadata onto random chip and planting it in a fake passport?
replies(5): >>44375334 #>>44375336 #>>44375342 #>>44375469 #>>44376015 #
edent ◴[25 Jun 25 09:39 UTC] No.44375342[source]
The data are signed with the passport issuing authority's private key.

So you could implement a chip which reacts like an official passport. When the border guards see that the signature is invalid, you can explain how it's just a prank and you'll all have a jolly good laugh about it.

replies(4): >>44375530 #>>44375612 #>>44375693 #>>44375852 #
23434dsf ◴[25 Jun 25 10:12 UTC] No.44375530[source]
So if I strolled through the airport with a high power NFC reader/writer, I could ruin a lot of peoples trips?
replies(4): >>44375586 #>>44375593 #>>44375610 #>>44376406 #
lukan ◴[25 Jun 25 10:21 UTC] No.44375593[source]
"The NFC chip in a passport is protected by a password. The password is printed on the inside of the physical passport. As well as needing to be physically close to the passport for NFC to work0, you also need to be able to see the password."
replies(2): >>44375631 #>>44379675 #
wkat4242 ◴[25 Jun 25 10:25 UTC] No.44375631[source]
Yes but. In Europe this tech is also in our id cards whether said passport is printed on the outside (considering it's just a credit card format). You still have to see it but it doesn't have to be opened to the right page like a passport.

Both sides even have the info printed. One side in human format, the owner side in machine readable.

replies(1): >>44375664 #
lukan ◴[25 Jun 25 10:30 UTC] No.44375664[source]
Yes, but this still means a attacker needs to have physical access to the passport?
replies(2): >>44375871 #>>44376215 #
tialaramex ◴[25 Jun 25 11:04 UTC] No.44375871{3}[source]
They need to know the information which functions as key. Because many people don't trust government secrets, the information used for this purpose on a passport is actually just facts about you which were already printed in your passport, plus the passport number. The machine summarises these in a "Machine readable zone" but they're nothing you didn't know.

For a random traveller you can probably guess roughly how old they are, which is a few bits for the date-of-birth, and maybe you could strike up conversation and discover their name (or maybe it's printed on baggage, called out by fellow travellers etc.) but yeah it'll be very hard

For a very well known person you can likely discover everything except the passport number and you might get a decent guess at that from knowing roughly when it would be issued.

replies(1): >>44376030 #
1. lukan ◴[25 Jun 25 11:29 UTC] No.44376030{4}[source]
"For a very well known person you can likely discover everything except the passport number and you might get a decent guess at that from knowing roughly when it would be issued."

From a very well known person you could probably also steal everything you need directly, if your purpose is to create damage.