DeepAI AI Chat
Log In Sign Up

Discovering ePassport Vulnerabilities using Bisimilarity

02/18/2020
by   Ross Horne, et al.
0

We uncover privacy vulnerabilities in the ICAO 9303 standard implemented by ePassports worldwide. These vulnerabilities, confirmed by ICAO, enable an ePassport holder who recently passed through a checkpoint to be reidentified without openning their ePassport. This paper explains how bisimilarity was used to discover these vulnerabilities. In order to tackle such bisimilarity problems, we develop here a chain of methods for the applied pi-calculus including a symbolic under approximation of bisimilarity, called open bisimilarity, and a modal logic, called classical FM, for describing and certifying attacks. Evidence is provided to argue for a new scheme for specifying such unlinkability problems that more accurately reflects the capabilities of an attacker.

READ FULL TEXT

page 1

page 2

page 3

page 4

Related Research

research
03/13/2018

Reviewing KLEE's Sonar-Search Strategy in Context of Greybox Fuzzing

Automatic test-case generation techniques of symbolic execution and fuzz...
0 Saahil Ognawala, et al.
research
12/15/2018

A Survey of Privacy Infrastructures and Their Vulnerabilities

Over the last two decades, the scale and complexity of Anonymous network...
0 Tian Yunfan, et al.
research
11/03/2019

InSpectre: Breaking and Fixing Microarchitectural Vulnerabilities by Formal Analysis

The recent Spectre attacks has demonstrated the fundamental insecurity o...
0 Musard Balliu, et al.
research
12/28/2021

Common Privacy Weaknesses and Vulnerabilities in Software Applications

In this digital era, our privacy is under constant threat as our persona...
0 Pattaraporn Sangaroonsilp, et al.
research
07/30/2022

L2Fuzz: Discovering Bluetooth L2CAP Vulnerabilities Using Stateful Fuzz Testing

Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) is a wireless technolog...
0 Haram Park, et al.
research
03/20/2023

Attacks Against Security Context in 5G Network

The security context used in 5G authentication is generated during the A...
0 Zhiwei Cui, et al.
research
12/01/2019

SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities

SPEculative Execution side Channel Hardware (SPEECH) Vulnerabilities hav...
0 Yuan Xiao, et al.

Sign up for DeepAI

Already have an account? Login here

Login to DeepAI

Don't have an account? Signup here

Become a DeepAI PRO

$4.99/mo
500 generated images per month
Private image generation
Complete styles library
API access
Ad-free experience
AI Chat access with Genius Mode
*
This is a recurring payment that will happen monthly
*
If you exceed more than 500 images, they will be charged at a rate of $5 per 500 images

Pay as you go

$5 per 100 images
Private image generation
Complete styles library
API access
Ad-free experience

SHARE