eMRTD ‐ Electronic PassportNext Generation InnovationsPeter Schmallegger, Director Segment Secure IdentityMontreal, October  8th 2014

Facilitation • Global adoption of electronic passports to create one global 

solution for secure and convenient travel facilitation• Convenient border crossing using consumer friendly, fast and secure 

ABC with max. global interoperability and solution robustness• Harmonized travel documents, electr. credentials and form factors• Fit for purpose in offline and online environment

Security • Global solutions creating trust in safe and secure travel• Evolving security protection against document fraud, on physical 

and chip security level and infrastructure miss‐use/tempering• End‐to‐end secure document life cycle

2

Facilitation and Security

Secure Chip

ePassport – Key Chip Innovation

1.  Physical Unclonable Function

1

3

3.  Thin Secure Chip Package

2.  Field Security Update

2

Physical Unclonable Functions for Secure Microcontroller ICs for electronic passports

Evolving Attacks on Secure Microcontroller ICs

1995 2010 2025

Fault Attacks(glitch) & light attacksdifferential fault attacks on crypto algorithms, …

Invasive Attacksreverse engineeringprobing, forcing, manipulation, …

Information Leakage Attacksside‐channel attackstiming analysis, power / electromagnetic analysis, …

New Attack ScenariosCombining traditional attacks with system level attacks (Flash Loading,..)

Combined Attackspower analysis + light attacks, …

Reverse Engineering AttacksChallenges and Countermeasures

Typical Reverse Engineering Attacks on • Functional block• Parts of the IC for a subsequent probing attack• Extracting memory content

Standard Countermeasures are• Memory encryption and encryption of data• Scrambled logic (no hard macros)• No security relevant logic in top most layer of IC

• Based on chip‐individual yet robust physical properties• No secret key is present when the chip is powered down• So inherently robust against reverse engineering Ideal as secret key for memory encryption Ideal to protect secret keys of customer applications

Reverse Engineering Attacks and the problem of storing a key

Data need to be encrypted…

For which we need a secret key…

A secret key stored on the chip…

That can be reverse‐engineered…

So it needs to be obfuscated…

PUFTechnology(physically uncloneable functions)

PUF protecting ePassports

Traditional Technology,application key stored in NV

Application key stored with PUF technology

Type of Attack Today  Tomorrow Today TomorrowExtract private key material (offline)

Difficult to impossible

May be possible

Impossible Impossible

Clone a passport by reverse eng.

Difficult to impossible

May be possible

Impossible Impossible

• Unique for each chip • It is not stored in the NV memory• Additional protection for private keys

(e.g. for Chip Authentication, Active Authentication keys)

• Prevent cloning of passports • Proven technology with a life time of more

than 10 years

Unique Chip Fingerpring

Protocol for Security Updates of Issued Electronic Passports in the Field

Electronic Passport System Overview

Enrollment Production Personalization Issuance

Border crossing

ICAO PKDICAO PKD

eVisaseStamps

Security Update End of Life

AFIS

HSM

Civil Registry

Security Update

Secure Operating System Architecture

October 7, 201411

AppletsOperatingSystemK

erne

l

CryptoLibraryH

AL

ePP eSig eID

Execution of Security UpdatesUpdateManager

MemoryBuffer

User data

Data App2

Data App1

AppletsOperating SystemK

erne

l

CryptoLibraryH

AL

User data

Data App2

Data App1ePP eSig eID

Current Architecture

Secure E2E

 Co

nnectio

n

UpdatedCrypto Library U

pdat

e

AppletsOperatingSystemK

erne

lCryptoLibraryH

AL

ePP eSig eID

Architecture for Security Updates

UpdateManager

MemoryBuffer

User data

Data App2

Data App1

SecurityUpdate

Field Security Updates

• Implemented in the field in volume e.g. smartphones• NXP P61N1M3 (eSE) in since years in mio units, complete OS re‐load

• Data integrity and confidentiality • Firewall concept for modular OS architecture, FLASH memory• Trust provisioning for „chip individual“ key and certificate management• More dynamic document life cycle management

• Security certification• Requires new certification scheme and application protection profiles• Infra for security upgrades – certified kiosks (ATM like) in controlled 

environment

• Consumer and business aspects• With LDS2 (eVisa/eStamps) it enhances doc lifetime and effectiveness• Country specific implementation – „get your 5year extension at the kiosk“

12

Thin Secure Chip Packages

Contactless Chip Module Advancements

New Generation Chip Module based on well proven technology platform

Type MOB2 MOB4 MOB6 Next Gen MOB

Module thickness 390 µm 320 µm 250 µm < 200 µm

MOBx Next Gen MOB

Drives Innovation for ePassport Booklets

• Thin and flexible inlays for datapage and e-cover

• Allows for additional security layers and features

• Improved product quality and robustness

• Higher ePassport production efficiency

Thank you for your Attention!

Questions?