The new national id card Neuer Personalausweis (NPA) was one of the biggest IT projects in the German government in the last years. Compared to the old id card, the new id card is a RFID smart card, which can also be used on the internet to prove your identify to a remote party (Ebay, Paypal, or Amazon for example) and to sign binding contracts. For example, you can use the card to buy a new house or car, or open up a bank account or apply for a credit.
When using the card over the internet, the card is connected to a reader, which is connected to a (potentially insecure) PC, which is connected to the internet. To use the card, the user needs to enter his PIN code to prove possession of the card and knowledge of the PIN. If the PIN is entered on an insecure device as the PC, it might be recorded by an attacker and used by him later.
Frank Morgner and Dominik Oepe examined the various attack scenarios on the NPA, which could be possible, depending on the used reader for the NPA:
Wir untersuchen die Machbarkeit und Auswirkung von Relay-Angriffen in Hinblick auf die verschiedenen Lesegeräteklassen und Anwendungsszenarien des neuen Personalausweises. Nach dem derzeitigen Stand der Spezifikationen lassen sich solche Angriffe kaum verhindern. Einige der Probleme erweisen sich als unlösbar, für andere existieren Lösungsansätze, welche von simpel, aber unzureichend bis komplex, aber kaum umsetzbar reichen.
Personally, I am interested in this talk, because it might show us some nice attack scenarios on the NPA, which are hard to counter, without buying very expensive readers. A lot of low-cost readers have just been distributed by a well known computer magazine in Germany, so that we can assume that a lot of people will be using their NPA with a highly insecure reader.
Autor: Erik Tews