By Topic

Securing E-passports with Elliptic Curves

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)

In this paper, security of ID documents (such as passports) is discussed. A class of cryptographic protocols called Password-Authenticated Key Exchange (PAKE) provides a more robust solution to this problem. PAKE protocols ensure that an eavesdropper can't learn any information on the low-entropy secret. They're also required to be as secure as possible against all passive and active attacks. Basically, all an adversary can do to learn the password is an online dictionary attack (guess the password and try to execute the protocol with one of the parties). We can prevent this through latency, smart card blocking, and so on. For implementing PAKE protocols, especially in constrained environments such as e-passports, elliptic-curve cryptography is fast and requires little memory. However, it involves representing numeric values (in this case, passwords) as points on an elliptic curve, and how to do this efficiently and se curely isn't obvious.

Published in:

Security & Privacy, IEEE  (Volume:9 ,  Issue: 2 )