Basic Access Control

To protect passport holder privacy the optional Basic Access Control (BAC) mechanism was designed. This mechanism requires an inspection system to use symmetric encryption on the radio interface. The key for this encryption is static and derived from three primary properties of the passport data: 1) date of birth of holder; 2) expiry date of the passport; 3) the passport number. This data is printed in the Machine Readable Zone (MRZ) a bottom strip (see figure Figure 3) of one of the passport pages. In a normal access procedure the MRZ data is read first with an OCR scanner. The inspection system derives the access key from the MRZ data and can then set up an encrypted radio communication channel with the chip to read out all confidential data. Although this procedure can be automated it sets high requirements to inspection systems and also impacts inspection performance.



Figure 3: Passport with Machine Readable Zone (MRZ).


The BAC mechanism does provide some additional privacy protection, but there are two limitations that limit the strength of this mechanism:

• The BAC key is individual but static, and is computed and used for each access. An adversary needs to get hold of this key only once and will from then on always be able to get access to a passport’s data. A passport holder may perceive this as a disadvantage considering the possibility that a passport contains dynamic data.
• The BAC key is derived from data that may lack sufficient entropy: the date of expiry is always in a window of less than ten years, the date of birth can often be estimated and the document number may be related to the expiry date.

The author of this article discovered BAC security issues in July 2005 and showed that the key entropy that could reach 66 bits may drop below 35 bits due to internal data dependencies. When passport numbers are for instance allocated sequentially they have a strong correlation with the expiry date, effectively reducing the key entropy. An eavesdropper would then be able to compute the BAC key in a few hours and decode all confidential data exchanged with an inspection system. The Netherlands, and maybe other countries, have changed their issuance procedures since this report to strengthen the BAC key.