RT info:eu-repo/semantics/article
T1 Security Assessment of the Spanish Contactless Identity Card
A1 Rodríguez, Ricardo J.
A1 García Escartín, Juan Carlos
A1 Sanchez Ballabriga, Víctor
AB The theft of personal information to assume the identity of a person is a common threat.Individual criminals, terrorists, or crime rings normally do it to commit fraud or other felonies.Recently, the Spanish identity card, which provides enough information to hire on-line products such as mortgages or loans, was updated to incorporate a Near Field Communication (NFC) chip as electronic passports do. This contactless interface brings a new attack vector for these criminals, who might take advantage of the RFID communication to secretly steal personal information. In this paper, we assess the security of contactless Spanish identity card against identity theft. In particular, we evaluated the resistance of one of the contactless access protocol against brute-force attacks and found that no defenses were incorporated. We suggest how to avoid brute-force attacks. Furthermore, we also analyzed the pseudo-random number generator within the card, which passed all performed tests with good results.
PB IET
YR 2017
FD 2017
LK http://uvadoc.uva.es/handle/10324/25915
UL http://uvadoc.uva.es/handle/10324/25915
LA eng
NO http://dx.doi.org/10.1049/iet-ifs.2017.0299
DS UVaDOC
RD 29-abr-2024