Por favor, use este identificador para citar o enlazar este ítem:http://uvadoc.uva.es/handle/10324/25915
Título
Security Assessment of the Spanish Contactless Identity Card
Año del Documento
2017
Editorial
IET
Documento Fuente
http://dx.doi.org/10.1049/iet-ifs.2017.0299
Abstract
The theft of personal information to assume the identity of a person is a common threat.
Individual criminals, terrorists, or crime rings normally do it to commit fraud or other felonies.
Recently, the Spanish identity card, which provides enough information to hire on-line products such as mortgages or loans, was updated to incorporate a Near Field Communication (NFC) chip as electronic passports do. This contactless interface brings a new attack vector for these criminals, who might take advantage of the RFID communication to secretly steal personal information. In this paper, we assess the security of contactless Spanish identity card against identity theft. In particular, we evaluated the resistance of one of the contactless access protocol against brute-force attacks and found that no defenses were incorporated. We suggest how to avoid brute-force attacks. Furthermore, we also analyzed the pseudo-random number generator within the card, which passed all performed tests with good results.
Revisión por pares
SI
Patrocinador
MINECO CyCriSec (TIN2014-58457-R).
University of Zaragoza and Centro Universitario de la Defensa UZCUD2016-TEC-06.
Project TEC2015-69665-R (MINECO/FEDER, UE).
University of Zaragoza and Centro Universitario de la Defensa UZCUD2016-TEC-06.
Project TEC2015-69665-R (MINECO/FEDER, UE).
Propietario de los Derechos
Institution of Engineering and Technology
Idioma
eng
Derechos
restrictedAccess
Aparece en las colecciones
Files in questo item