Upload File

technical report pki for machine readable travel documents offering icc read-only access tag_15...

  • Home
  • Documents
  • Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging
14
Technical Report PKI for Machine Readable Travel Documents offering ICC read- only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Upload: leah-hunter

Post on 27-Mar-2015

223 views

Category:

Documents


7 download

Report

Tags:

TRANSCRIPT

Page 1: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Technical Report

PKI for Machine Readable Travel Documents offering ICC read-only access

TAG_15 Montreal, 2004-05-18

Tom Kinneging

Page 2: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Authenticity and Integrity

Document Security Object Standardized data structure (RFC3369)Containing hash-representations of LDS

data groupsDigitally signed by issuing State

Page 3: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Document Security Object

Data Group 1 (MRZ)

Data Group 2 (Encoded Face)

Data Group 3 (Encoded Finger)

Data Group 4 (Encoded Iris)

Data Group 5 (Displayed Face)

Data Group 6 (Future use)

Data Group 16 (Persons to notify)

LDS

Data Group 7 - 15

Hash DG_1

Hash DG_2

Hash DG_3

Hash DG_5

SOD

Digital Signature

Page 4: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Key Management

Document Signer Certificates Country Signing CA CertificatesCertificate RevocationICAO Public Key Directory

Page 5: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Key Management

Country Signing CA Document Signer

Issue & sign Issue & Sign Sign

Country Signing CA Certificate

Hash DG_1Hash DG_2Hash DG_3Hash DG_5

SOD

Digital Signature

Document Security Object

Document SignerCertificate

Inspection system MRTD chip

2

2

11

1

Page 6: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Additional options

Basic Access ControlActive AuthenticationSecuring additional biometrics

Page 7: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Basic Access Control

MRZ based key derivationSkimming

Access to chip data Eavesdropping

Secure communications chip / reader

Page 8: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Basic Access Control

Page 9: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Basic Access Control

Inspection system

10011101111001

Page 10: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Active Authentication

Chip SubstitutionData CopyingDocument’s Key pair

Page 11: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Active Authentication

Data Group 1 (MRZ)

Data Group 2 (Encoded Face)

Data Group 3 (Encoded Finger)

Data Group 4 (Encoded Iris)

Data Group 5 (Displayed Face)

Data Group 6 (Future use)

LDS

Data Group 7 - 14

Hash DG_1

Hash DG_2

Hash DG_3

Hash DG_5

SOD

Digital Signature

Data Group 16 (Persons to notify)

Data Group 15 (AA Public Key)

Hash DG_15

AA Private Key

Page 12: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Next steps

Implementation experiencesFurther development

Page 13: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Frequently Asked Questions

TAG-MRTD-WP/10Keep up-to-date

Page 14: Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, 2004-05-18 Tom Kinneging

Action by the TAG/MRTD

The TAG/MRTD is invited to endorse the Technical Report, “PKI for Machine Readable Travel documents Offering ICC Read-only Access”, Version 1.0.


بسم الله. PKI Revealed Ayman Saeed Agenda Cryptography Review. PKI …… WHY and HOW!!!!!. X.509 Certificate. PKI Hierarchies Certification. Practical Implementation

MACHINE READABLE TRAVEL DOCUMENTS - University of …rsc/Resources/US-Passports/icao-tr-pki-tech.pdf · PKI Digital Signatures for Machine Readable Travel Documents, version 4) described

Wireless PKI

Wp Pki IntroPKILuna

Crypto and PKI

Cisco IOS PKI Overview Understanding and Planning a PKI · Cisco IOS PKI Overview Understanding and Planning a PKI CiscoIOSpublickeyinfrastructure(PKI)providescertificatemanagementtosupportsecurityprotocols

ECB PKI Certificate Policy (CP) Certification Practice ...cps.pki.ecb.europa.eu/cps/ecb pki cp cps.pdf · ECB CLASS 1 PKI Certificate Policy (CP) v2.0……………………………………

PKI and Applications

Cryptography Basics Pki

Readable Perl

PKI history 4 PKI – Public Key Infrastructure

Pki Training V1.5

Pki and OpenSSL

Pki for dummies

PKIS: END-TO-END PKI PROVISIONING SYSTEM€¦ · ARRIS PKI Center Evolution PKI CENTER OEM’s OEM’s OEM’s Legacy General Instruments 4 WEB BLOG . 5 END-TO-END PKI PROVISIONING

Private PKI 1 Certificate Policy · Private PKI 1 Certificate Policy Private PKI 1 Certificate Policy 1.3.171.5.2.1.1.1.1 Version: 1.1 Classification: Unclassified

PKI Security

machine readable travel documents, advanced security mechanisms for machine readable travel

PKI Thesis

INFORMATION TECHNOLOGY COMMITTEE ESCB-PKI PROJECTa-pki.escb.eu/epkweb/pdf/ESCB-PKI-Import_Export_Standard_Certific… · INFORMATION TECHNOLOGY COMMITTEE ESCB-PKI PROJECT USER GUIDE:

PKI Digital Signatures For Machine Readable Travel Documents Digital Signatures.pdf · ICAO/TAG Technical Report April 19, 2003 Prepared by Canada (David Clark) for NTWG Implementation

PKI - articol

Public Key Infrastructure (PKI) Trust Serviceshecker.org/mozilla/slalom-pki-fact-sheet.pdfyour PKI will be ready for global acceptance Public Key Infrastructure (PKI) Trust Services

Dissertation - Readable

Storing PKI Credentials - Cisco...Storing PKI Credentials Publickeyinfrastructure(PKI)credentials,suchasRivest,Shamir,andAdelman(RSA)keysandcertificates canbestoredinaspecificlocationontherouter

Federal PKI Architecture Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority

Ainiakbari00jarrgoog Readable

Cryptography PKI Encryption

Scott Rea - IoT: Taking PKI Where No PKI Has Gone Before

PKI Robin Burke ECT 582. Outline Discussion Review The need for PKI PKI hierarchical PKI networked PKI bridging Certificate policies rationale examples

Readable - cdn.ymaws.com

Windows PKI

PKI 5002 SHOCK

локчейн и PKI: друзья или конкуренты?pki-forum.ru/files/files/2016/23 khramtsovskaya.pdf · локчейн и pki: друзья или конкуренты?

Reflection PKI Services Manager User Guide - …docs.attachmate.com/reflection/pki/1.3sp1/pki-manager-user-guide.pdfTest Certificate Dialog Box ... 8 Reflection PKI Services Manager