Federal Office for Information Security (BSI)

Security mechanisms in electronic ID documents

Chip Authentication (CA)

"Chip Authentication" (CA) is used to establish a secure connection between the RF chip and the reader and to uncover "cloned" RF chips in ID documents.

A chip specific key pair is stored on each of the RF chips of an ID document supporting this protocol. This pair consists of a private and a public key. The private key is stored in a particular area of the RF chip, from which it cannot be read. It is not possible to copy the private key, even if the entire chip is "cloned" (copied).

During Chip Authentication, the public key is sent to the reader together with a random number. The reader also generates a private key pair, consisting of a public and a private key, for each read operation and transmits its public key to the RF chip. Now, both the RF chip and the reader can compute the same secret key from their own private key, the public key of the other one and the random number. This secret key ensures the strong encryption of data during the further communication between the RF chip and the reader.

With help of the shared secret key, the reader can now check whether the chip has the correct private key or not. A "cloned" chip may not have the original private key. If it would simply use a different private key, the shared password would be wrong. If a new key pair would have been created for a "cloned" RF chip, this would be detected during Passive Authentication, because the public key is protected against unnoticed changes by a digital signature.

Chip Authentication is part of the EAC protocol. If you would like to know more details about this procedure, please read our technical guideline BSI-TR-03110.