Friday, August 31, 2007

E-passports in 4G

Re-reading, it occurred to me that the "let me into my car and onto the plane" function of the 4G pocket-thing smelled a lot like an e-passport (one with an RFID chip and some sort of biometric hash of the bearer built in). The main difference, I think, is that current RFID technology will happily broadcast information to anyone who asks. The pocket-thing (or, I fervently hope, the next generation of e-passports) will use the usual PK mojo to make sure it only gives out information to parties it trusts. That won't cure every ill, but it would certainly help.

It's also worth noting that biometrically-secured hardware is just another variant of dongle-based copy protection. How well it works depends on how closely it can be tied to a physical event. If someone in the security line is physically checking that it's my actual eye that's being scanned and compared to the hash in my passport or whatever, then I'm much more comfortable than if I'm just supposed to stand in front of a scanner at a door.

Not to say that people can't be fooled, just that people are currently better at the "is someone actually standing there" test. This may have to be revisited in a couple of decades.

No comments: