Gesellschaft für Informatik e.V.

Lecture Notes in Informatics

BIOSIG 2013 P-212, 15-26 (2013).

Gesellschaft für Informatik, Bonn

Copyright © Gesellschaft für Informatik, Bonn


Security considerations on extending PACE to a biometric-based connection establishment

Nicolas Buchmann , Roel Peeters , Harald Baier and Andreas Pashalidis


The regulations of the European Union (EU) Council in 2004 are the basis of the deployment of electronic passports within the EU. Since then EU member states adopt the format and the access protocols to further electronic machine readable travel documents (eMRTD) like national electronic ID cards and electronic residence permits, respectively. The security protocols to communicate with an eMRTD are based on the paradigm of strong cohesion and loose coupling, i.e., each step is designed to ensure only a particular security goal like authorisation to access a certain data group, authenticity and integrity of the data, originality of the chip, or the linkage between the eMRTD and its holder. However, recently a discussion evolved to integrate the linkage security goal within the connection establishment, which currently only aims at limiting basic access of authorised terminals to the eMRTD. For instance, the BioPACE protocol proposes to replace the knowledge-based shared 'secret' of PACE by a biometric-based one. The goal of the paper at hand is twofold: First, we evaluate the BioPACE protocol and propose improvements to enhance its features. Second, we analyse the expediency of integrating our BioPACE version 2 into the eMRTD domain. Our initial evaluation shows that our BioPACE version 2 is expedient if the EAC protocols and the corresponding PKI are abandoned.

Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-606-0

Last changed 12.03.2014 15:18:55