Tag Archives: eMRTD

First results of eMRTD Interoperability Test 2017 in Ispra

The European Commission (EC) organised another eMRTD interoperability test. This time the event took place in Ispra at the Joint Research Center of the European Union. The objective of this interoperability test was to assure that countries and companies have established a stable PACE protocol in their eMRTD, respective ePassports, and ID cards.

Test setup of eMRTD interoperability test

Every participant had the chance to submit up to two different sets of documents with different implementations. Altogether there were 42 different samples available at the beginning of the event. 2 samples didn’t pass the smoke test and one sample was not suitable to be tested by the labs. All remaining samples were tested in two different test procedures: crossover test and conformity test. Twelve document verification system providers with 16 different solutions took part in the crossover test. And 23 document providers threw 42 sets in the ring (28 countries, 14 industries).

In this blog post the conformity test is focused on, because protocols are in foreground in this kind of test. There were three test labs (Keolabs, UL and secunet) taking part in the interoperability test with their test tools to perform a subset of “ICAO TR RF Protocol and Application Test Standard for e-Passports, Part 3” (Version 2.10). The subset includes the following test suites and test cases:

  • ISO7816_O: Security conditions for PACE protected eMRTDs
  • ISO7816_P: Password Authenticated Connection Establishment (PACEv2)
  • ISO7816_Q: Command READ and SELECT for file EF.CardAccess
  • LDS_E: Matching between EF.DG14 and EF.CardAccess
  • LDS_I: Structure of EF.CardAccess
  • LDS_K: Structure of EF.CardSecurity
  • LDS_D_06: Test case to perform Passive Authentication

Information concerning documents

The document providers describe in the implementation conformance statement (ICS) the features of their chips. Not all ICS were fulfilled consistently, so the following information concerning the documents should be read carefully. Concerning the LDS version 16 providers reported version 1.7 to be used in their documents. And three reported version 1.8, while all others don’t deliver any information concerning the version number.

The following diagram describes the relation between DH and ECDH in PACE:

PACE algorithms

PACE algorithms

The following diagram describes the relation of the mapping protocols in PACE:

Mapping protocols in PACE

Mapping protocols

16 documents supported besides the MRZ also a CAN as a password to get access to the stored data.

Again, the number of PACEInfos store in EF.CardAccess varied:

  • 28 documents stored one PACEInfo,
  • Eight documents stored two PACEInfos,
  • One stored each three, seven or ten PACEInfos.

Investigations concerning EF.ATR/INFO in documents

The file EF.ATR/INFO allows storing some information about the chip, that allows the reader to handle the chip optimally. On this way the chip can offer the ideal buffer size used with extended length during reading and writing. In context of the event I had a closer look at EF.ATR/INFO. 26 documents of 42 stored an EF.ATR/INFO but 5 of them don’t offer information concerning extended length and buffer sizes there. So at the end I’ve investigated the reading buffer sizes of 21 documents of the eMRTD interoperability test with the following result:

  • Seven documents support buffer sizes between 1 and 1.5 KByte,
  • Three documents support buffer sizes between 1.5 and 2 KByte,
  • Eleven documents support buffer sizes of ~64 KByte.
Buffer sizes for reading in EF.ATR/INFO

Buffer sizes in EF.ATR/INFO (reading)

With these large buffer sizes data groups like DG2 storing the facial image or DG3 storing the finger prints can be read in only one command. This allows the inspection system to read the content of the chip faster and improves the reading time at eGates.

Results of conformity testing

During the conformity test, all three test labs performed 18.135 test cases altogether. Less than 1 percent of these test cases failed during the conformity test.

Overall results (layer 6 and layer 7):

  • Passed: 11.563
  • Failed: 155 (0,86%)
  • Not applicable: 6.417

Layer 6 (16.614 test cases performed):

  • Passed: 10.885
  • Failed: 124 (0,74%)

Layer 7 (1.521 test cases performed):

  • Passed: 679
  • Failed: 32 (2,10%)

The following diagram shows failed test cases per document during the eMRTD interoperability test:

Number of failures per document

Number of failures per document

The diagram below shows the number of failure per test case during the eMRTD interoperability test:

Failures per test case

Failures per test case

Observations during conformity testing

  • There are minor differences between implementation conformance statement (ICS) and chip.
  • Test results differ between test labs in some test cases.
  • There are differences in handling errors at the test tools and labs (e.g. no CAN causes a failure at the one lab and a ‘not applicable’ at the other lab).
  • Relatively more failures on layer 7 (personalisation) than on layer 6 (COS).
  • Very good quality of chip and personalisation.
  • Improvements during the last interoperability tests in London 2016 and Madrid 2014.
  • Stable specifications (BSI TR-03110, ICAO Doc 9303) and test specifications (BSI TR-03105, ICAO TR Part 3).

Flattr this!

Call for Participation: Interoperability Test 2017 in Ispra

The European Commission will organize conformity and interoperability tests for eMRTDs together with a conference on 25th and 26th September 2017. It will be held in the European Commission Joint Research Centre (JRC) premises in Ispra, Italy. The tests will focus on the latest access control specifications (e.g. the operation of the PACE protocol with Chip Authentication Mapping). This security mechanism, known as “Password Authenticated Connection Establishment with Chip Authentication Mapping” (PACE-CAM) is specified in Technical Report BSI TR-03110 “Advanced Security Mechanisms for Machine Readable Travel Documents and eIDAS token” and it combines PACE and Chip Authentication (CA) into one protocol leading to faster ID document verification.

Logo JRC

The conference will take place on the second day (26/09/2017) and will include speakers from the EU Commission, ICAO (requested) and Member States (requested). At its end, the high-level aggregate results of the tests will be presented.

The main beneficiaries of these tests are EU Member States. Depending on the number of EU Member States that will participate in the event, and provided that it is possible from an organisational perspective, a limited number of non-EU ICAO Member States and private sector travel document manufacturers will be allowed to participate in the test (on a first come first serve basis).

The test will focus on the implementation of PACE as specified in the Technical Report “Radio Frequency Protocol and Application Test Standard for eMRTD Part 3 Tests for Application Protocol and Logical Data Structure“, Version: 2.10, July 2016.

You can find the Call for Participation for the interoperability test here with more information concerning preregistration etc. See you in Ispra!

Flattr this!

eMRTD Test Specification Overview

Currently I’m preparing a project where an ePassport has to be tested. These tests start with the booklet and end with the chip. During the preparation the need for a test specification overview popped up. This need was the root of a new service here on this blog: an overview of all current specifications in the domains of this blog starting with eMRTDs and their corresponding inspection systems.
Keep calm and continue testingTo list all current specifications I’ve added a new page called ‘test specifications‘ in menu above. I will keep this list up-to-date in the future. Finally with every new version of a test specification I will update this list. Currently the list contains test specification released by ICAO and BSI. Both organisations are in the front of implementing tests in context of eMRTD and the corresponding back-end-systems. These certification schemes of BSI and ANSSI also base on these test specification.

Test specifications are “living documents”, which causes several modifications over the time. You need the test specifications, listed here, to prove conformity and finally certify your passport or inspection system.

With every new protocol you need some more or some modified test cases in the specifications. And also maintenance is an important fact to keep the test cases up-to-date. Additionally, I will list also test specifications of other domains like IoT in the closer future.

So have a look at this page next time when you’re back on this blog.

Flattr this!

Update of RF and Protocol Testing Part 4 V2.10 online

Introduction

Simultaneously with Part 3, the ICAO released also version 2.10 of the test specification ‘RF and Protocol Testing Part 4‘ to test the interoperability of inspection systems (IS) in context of eMRTD. While the Technical Advisory Group (TAG) of ICAO endorsed the update on the ICAO website, from now on the test specification can be referenced officially. Finally in version 2.10 of the test specification there are some significant modifications compared with the previous version 1.01 released in 2013:

  • Support of protocol PACE-CAM:
    • New test suite ISO7816_G to test Chip Authentication,ICAO Logo
    • New default configuration including Chip Authentication,
    • Updated implementation conformance statement (ICS) to specify IS supporting PACE-CAM,
    • Updated list of abbreviations,
  • Tests for LDS 1.8,
  • Updated references concerning Doc9303 7th edition,
  • Added Advanced Inspection Procedure (AIP),
  • Additionally, there are some clarifications and minor editorial changes.

Furthermore you can find a more detailed list of changes and modifications in version 2.10 to test interoperability of inspection systems.

New test cases in Version 2.10 Update

Basically the new test cases are testing the protocol PACE-CAM or make use of the new LDS 1.8 data structure where the LDS version number is stored in EF.SOD (additionally to EF.COM).

  • ISO7816_C_29: PACE-CAM with missing tag 8Ah but correct ECAD
  • ISO7816_C_30: PACE-CAM with incorrectly encoded ECAD (no octet string)
  • ISO7816_C_31: PACE-CAM with wrong ECAD
  • ISO7816_C_32: PACE-CAM with wrong tag 8Ah (use 8Bh) but correct ECAD
  • ISO7816_C_33: PACE-CAM with correct tag 8Ah but missing ECAD
  • ISO7816_C_34: PACE-CAM with Passive Authentication
  • ISO7816_C_35: Return additional tag 8Ah during PACE-GM
  • ISO7816_C_36: Use DG14 without SecurityInfo during PACE-CAM
  • ISO7816_C_37: Use EF.CardSecurity with wrong ChipAuthenticationPublicKey during PACE-CAM
  • ISO7816_C_38: Use EF.CardSecurity without ChipAuthenticationPublicKeyInfo during PACE-CAM
  • ISO7816_C_39: Check supported standardized Domain Parameters with Chip Authentication Mapping
  • ISO7816_G_01: Chip Authentication with DH
  • ISO7816_G_02: Chip Authentication with ECDH
  • ISO7816_G_03: DG14 with one key reference
  • ISO7816_G_04: DG14 with two key references
  • ISO7816_G_05: DG14 with three key references
  • ISO7816_G_06: DG14 with invalid key reference
  • ISO7816_G_07: DG14 with corrupted DH public key
  • ISO7816_G_08: DG14 with corrupted ECDH public key
  • ISO7816_G_09: Use old session keys after Chip Authentication
  • ISO7816_G_10: Verify lifetime of ephemeral keys
  • ISO7816_G_11: DG14 with invalid DH public key specification
  • ISO7816_G_12: DG14 with invalid ECDH public key specification
  • ISO7816_G_13: ChipAuthenticationPublicKeyInfo: key reference does not match key reference in ChipAuthenticationInfo
  • ISO7816_G_14: Chip Authentication with Extended Length
  • ISO7816_G_15: Use various status words for invalid key reference
  • LDS_A_10: EF.COM with LDS version 1.8
  • LDS_D_35: EF.SOD with LDS Version 1.8
  • LDS_D_36: Security Object with LDS Version 1.8 but Version wrong number
  • LDS_D_37: Security Object with LDS Version 1.7 but Version number 1
  • LDS_D_38: EF.SOD with future LDS Version 1.9

Modified test cases in Version 2.10 Update

Due to the new document structure of version 2.10, it’s difficult to detect all modifications. Therefore please be aware that the list of modified test cases may not be complete and there might be more changes compared to previous version 1.01.

  • ISO7816_C_04: Added new OID for PACE-CAM in table corresponding to test case
  • ISO7816_D_07: Test case deleted

With the release of this test specification, version 2.10 is relevant for certification. So from now on, your inspection system must fulfill these conformity tests to achieve a certificate.

Flattr this!

Update of RF and Protocol Testing Part 3 V2.10 online

Introduction

There is an update of ICAO’s test specification ‘RF and Protocol Testing Part 3‘ available. The specification is focusing on conformity testing and protocol testing for eMRTDs implementing protocols like BAC and PACE.ICAO Part 3 Cover

The Technical Advisory Group (TAG) of ICAO endorsed the updated release on the ICAO website, so from now on the test specification can be referenced officially. In version 2.10 of the test specification there are some major modifications:

  • Additional test cases for PACE-CAM (this includes modifications of existing test cases and also new test cases especially for PACE-CAM).
    • New test suite 7816_S to verify access rights (read and select) of EF.CardSecurity.
    • New test suite LDS_K to test presence and coding of SecurityInfo structures in EF.CardSecurity
  • The referenced documents are updated to Doc 9303 Edition 7 and old specifications including supplements are replaced.
  • With 7th edition of Doc 9303 the wording is changed from ‘PACEv2’ and ‘SAC’ to ‘PACE’.
  • And of course there are some minor editorial corrections.

The interim version 2.08 of this test specification was used during the interoperability test in London 2016 (first results of this event can be found in a previous post). This version was prepared at the meeting of ISO WG3 TF4R in Berlin to establish a valid version for the test event. Version 2.10 includes all the updates and some minor changes. In the following the update of version 2.10 is listed more detailed.

New test cases in layer 6

  • ISO7816_O_55: Accessing the EF.CardSecurity file with explicit file selection.
  • ISO7816_O_56: Accessing the EF.CardSecurity file with implicit file selection (ReadBinary with SFI).
  • ISO7816_O_57: Accessing the EF.CardSecurity file with ReadBinary. The test verifies the enforcement of SM after the PACE-CAM protocol has been performed successfully.
  • ISO7816_O_58: Accessing the EF.CardSecurity file with ReadBinary. The test verifies the enforcement of SM after a PACE protocol different from PACE-CAM has been performed successfully.
  • ISO7816_P_78: Positive test with a complete sequence of PACE without Chip Authentication Mapping commands and with MRZ password. The tag 0x8A during PACE-GM and PACE-IM MUST NOT be returned.
  • ISO7816_S_01: Accessing EF.CardSecurity with explicit file selection and Read Binary.
  • ISO7816_S_02: Accessing EF.CardSecurity with implicit file selection (ReadBinary with SFI).
  • ISO7816_S_03: Accessing EF.CardSecurity with explicit file selection and Read Binary OddIns.
  • ISO7816_S_04: Accessing EF.CardSecurity with implicit file selection (ReadBinary OddIns with SFI).

Modified test cases in layer 6

  • ISO7816_P_01: New step 6 and step 7 added for PACE-CAM, Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_02: New step 6 and step 7 added for PACE-CAM, Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_03: Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_14: Step 6 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_25: Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_26: Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_27: Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_28: Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_41: Adopted profile to handle PACE-CAM.
  • ISO7816_P_42: Adopted profile to handle PACE-CAM.
  • ISO7816_P_43: Adopted profile, step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_44: Adopted profile, Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_45: Adopted profile, step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_46: Adopted profile, step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_49: Adopted profile to handle PACE-CAM.
  • ISO7816_P_50: Adopted profile to handle PACE-CAM.
  • ISO7816_P_68: Adopted purpose.
  • ISO7816_P_73: Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_P_74: Step 5 return new data object 0x8A used in PACE-CAM.
  • ISO7816_R_05: Correction in referenced RFC.
  • ISO7816_R_06: Correction in referenced RFC.

New test cases in layer 7

  • LDS_E_09: Test that EF.DG14 contains at least one valid set of SecurityInfos for Chip Authentication. A chip supporting PACE-CAM must also support CA.
  • LDS_I_05: Verify that EF.CardAccess contains at least one valid PACEInfo for PACE-GM or PACE-IM as an additional mapping procedure if PACE-CAM is supported.
  • LDS_K_01: Test the ASN.1 encoding of the SecurityInfos.
  • LDS_K_02: Verify the ASN.1 encoding of the ChipAuthenticationPublicKey.
  • LDS_K_03: Test the coherency between the EF.CardSecurity and EF.CardAccess.
  • LDS_K_04: Verify that the parameterID also denotes the ID of the Chip Authentication key used, i.e. the chip MUST provide a ChipAuthenticationPublicKeyInfo with keyID equal to parameterID.

Modified test cases in layer 7

  • LDS_I_02: Added OIDs for PACE-CAM and new step 3 (to check that a valid OID is present for each declared configuration).
  • LDS_I_03: Added OID for PACE-CAM.
  • LDS_I_04: Test case deleted.
  • LDS_J_04: Correction in referenced RFC.

Previous ideas to migrate this test specification to an ISO document are canceled due to political reasons. Part 3 (eMRTD) and Part 4 (inspection systems) will be ICAO documents furthermore whereas Part 1 (durability of ePassports) and Part 2 (contactless interface) are still migrated to ISO documents (ISO 18745-1 and ISO 18745-2).

Flattr this!

Author: .