As a follow up to a blog I wrote last week about RFID reader vulnerabilities when used in conjunction with hacked RFID tags in electronic RFID-chipped passports, listed below are the email response to a few quick questions I jotted off to Lukas Grunwald, a security researcher and CTO at DN-Systems Enterprise Solutions GmbH in Germany.

At DefCon earlier this month Grunwald demonstrated how a hacked e-passport could crash RFID readers. First he cloned a passport's chip and then modified the JPEG2000 image filed stored on the chip to create a buffer overflow condition - a vulnerability that makes things like the original Xbox easily exploitable, according to media reports.

In 2006 Grunwald demonstrated that he could clone an RFID chip using the internationally accepted Civil Aviation Organization standards for e-passports to create a fake e-passport that would, in theory, pass customs inspection. Two years earlier Grunwald developed (and demondstrated) a tool, RFDump, that is able to rewrite RFID data for changing info on, say, store tags or identification cards - handy software for anyone looking to alter an RFID tag.

...........
Q: How savvy does one have to be to figure out the vulnerabilities your research has detected?
A: With normal skills you get if you study computer science.

Q: What led you to research RFID-chipped passports?
A: We operate a IT-Security Lab at DN-Systems, and done some research on RFID, after we discovered tones of vulnerabilities on the un-encrypted tags, we followed up the industry telling us, if we encrypt everything would be save, but is does not, see my talk on cloning passports.

Q: What other vulnerabilities are you looking into?
A: I work at a full features IT-Security Lab, we do work on Products, Firewalls, IT-Security Polices, Access Control ...

Q: Are you working with any governmental organizations to help find solutions to the problems your research uncovers?
A: On other areas YES, but not at the MRTD (ePassport Level).

Q: Given the increasing issuance of electronic passports from governments all over the world, what do you think the larger implications are of vulnerabilities with electronic passports?
A: It actually rises additional risks for all parties, the holder (being tracked), the issuer, and the accepter.

Q: What do you think the future looks like for travelers who carry electronic passports, given security vulnerabilities?
A: For the normal traveler, he has to be subjected to more frequent secondary inspections, if the chip is not working or get denied at the boarder. The "evil" traveler get more likely in with manipulated ones ...

Not incredibly illuminating but there you have it.