To enhance border security and facilitate international travel, the U.S. State Department is adding smart chip technology to passports. These e-passports integrate the latest concepts in electronic document protection and readability using a secure smart chip that can be scanned at authorized passport control points. This will speed the authentification process and improve security for travelers. Previously-issued passports without electronic chips will remain valid until their expiration dates.
Embedded in the cover of the new passport, the smart chip holds the same information printed in the passport: name, date of birth, gender, place of birth, dates of passport issuance and expiration, passport number, as well as a digital photo image of the bearer. The data stored in the smart chip is encrypted, which provides security against unauthorized viewing. Using an RFID (radio frequency identification) reader with appropriate decryption, an agent can obtain the personal data without making physical contact with the passport, making it a contactless process. Viewing the digital photograph allows the agent to ensure that the bearer of the passport is the same person to whom it was issued. The new passport also incorporates additional anti-counterfeiting features.
In addition, this passport addresses privacy issues that ensure information safe-keeping. The reader range of the contactless smart chip is only a few centimeters and special shielding material built into the cover prevents communication with the chip while the cover is closed. Plus, it uses the ICAO (International Civil Aviation Organization) basic access control (BAC) standard to prevent skimming and eavesdropping attempts to read the contactless high frequency communication between the passport chip and the reader. These combined features mitigate the potential for unauthorized e-passport reading.
Contact or Contactless Modes
The embedded smart chip has two operating modes. In the contact mode, dc is applied to power the chip and a special programmer loads the encrypted data into on-chip memory. Once programming is complete, the contact mode is disabled so that the stored data cannot be altered.
In the contactless mode, an RF field emitted by an RFID reader supplies power to the chip. The RFID reader interrogates the smart chip via its antenna and the smart chip (which has its own antenna) responds by sending back the stored data. Several factors can affect this communication: the frequency, antenna gain, orientation and polarization of the reader antenna, and the proximity of the smart chip relative to the reader. Because it functions without a battery in the contactless mode, its expected useful life is 20 years or more.
NXP (formerly Philips Semiconductor) is one of the companies chosen by the State Department to supply smart chips for the e-passport. The passport uses the NXP SmartMX (Memory eXtension) multiple interface option platform that features an enhanced smart chip IC architecture. It contains new opcodes that go beyond the compatible classic 80C51 instruction set. The SmartMXfamily is intended for high volume, mono- and multi-application markets such as the e-passport.
SmartMX enables the easy implementation of state-of-the-art operating systems and open platform solutions by offering linear addressing and an enhanced instruction set together with the highest levels of security. Within its targeted segments, this platform with powerful co-processors for public and secret key encryption supporting the RSA encryption algorithm, ECC (Elliptical Curve Cryptography), DES (Data Encryption Standard) and AES (Advanced Encryption Standard), with the high security, ultra low power, performance optimized design concept of handshaking technology. Fig. 1 is a block diagram of NXP's P5CT072 smart chip, which contains:
- 72 Kbytes EEPROM
- 160 Kbytes user ROM
- 4608 bytes RAM
- PKI (Public Key Infrastructure) co-processor (RSA, ECC)
- Dual/Triple key DES-3 co-processor
- AES co-processor
- ISO/IEC 7816 contact interface
- ISO/IEC 14443A contactless interface
- 13.56 MHz operating frequency in contactless mode
- Internal UART
- USB 2.0 low speed contact interface
- EEPROM data retention time: 20 years minimum
Three Interfaces
The P5CT072's 72 Kbytes of EEPROM can be used as data memory and as program memory. Its three interfaces provide a "Secure Triple Interface Smart Chip Controller." The non-volatile memory consists of high reliability memory cells that guarantee data integrity, which is especially important when the EEPROM is used as program memory.
Operated both in contact mode (ISO/IEC 7816) and in contactless mode (ISO/IEC 14443) the user defines the final function of the chip with his chip operating system (COS). This allows the same level of security, functionality and flexibility for the contact interface as well as the contactless interface.
The field proven RF interface technology (according ISO/IEC 14443-2) provides reliable communication and secure processing, even in the electro-magnetically harsh environments of bus or train stations. Compatibility with existing MIFARE RFID reader infrastructure and the optional free of charge emulation modes of MIFARE 1K and MIFARE 4K RFID readers enable fast system integration and backward compatibility of standard MIFARE chips.
Bi-directional communication with the contact interface of the device can be performed through three serial I/Os. These I/Os are under full control of the application software in order to allow conditional controlled access to the different internal memories.
On-chip hardware is software controlled via special function registers (SFRs). SFRs are correlated to the activities of the CPU, Interrupt, I/O, EEPROM, Timers, etc.
The P5CT072 provides two power saving modes with reduced activity: the IDLE and the SLEEP or CLOCKSTOP Mode. These two modes are activated by software.
In the contact mode, the device operates either with a single 1.8 V, 3 V or 5 V applied to the VDD and VSS terminals. The maximum external clock frequency contact pad (CLK) is 10 MHz; internally it can be up to 30 MHz.
In the contactless mode the smart chip operates with a power supply derived from the RF field emitted by an RFID reader.
Operating in accordance with ISO/IEC 7816, the SmartMX contact interface is supported by a built in UART, which enables data rates of up to1 Mbit/s, allowing the automatic generation of all typical baud rates. It supports transmission protocols T=0 (asynchronous half duplex character transmission) and T=1 (asynchronous half duplex block transmission).
SmartMX has a fully integrated USB interface based on the USB 2.0 (low speed) standard, making SmartMX-based ICs "Plug and Play" compatible with the whole PC world without the use of complex reader devices or extra external components. The USB interface uses the ISO contact module and works via a four-wire connection to any PC supporting "hot Plug and Play." The chip automatically recognizes an ISO or USB environment and is able to work with external frequency of up to 6 MHz or internal clock generation. The use of USB interfaces on smart chips is currently in the process of becoming standardized within ISO/IEC 7816-12.