[IP] The return of RFID border credentials?

["David Farber" <dave@xxxxxxxxxx>]

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

--- Begin Message ---

• To: dave@xxxxxxxxxx
• Subject: The return of RFID border credentials?
• From: "Steven M. Bellovin" <smb@xxxxxxxxxxxxxxx>
• Date: Tue, 25 Apr 2006 13:37:20 -0400
• Organization: Columbia University
• Source-info: Sender is really cyrus+@xxxxxxxxxxxxxxxxxxx

Remember that last year, the State Department wanted to deploy passports
with unprotected RFID chips in them?  They were eventually persuaded that
the chips could indeed be read from a distance, and that was indeed a
privacy and security risk.  They opted instead for a variant that uses
encryption and access control.

Now DHS wants to move in the opposite direction for the passport surrogate
to be used for re-entry from Canada and Mexico:

        U.S. Customs and Border Protection (CBP) agency wants border
        inspectors to be able to read PASS cards from as far as 30 feet
        away, said Jim Williams, director of the U.S. Visitor and
        Immigrant Status Indicator Technology program, which screens for
        terrorists among foreign travelers.

though the article does claim that there are provisions for encrypting the
data.

See http://www.fcw.com/article94156-04-24-06-Print for more details.

                --Steven M. Bellovin, http://www.cs.columbia.edu/~smb

--- End Message ---