How does Basic Access Control (BAC) derive its key, and why is it cryptographically weak?
BAC derives symmetric keys from MRZ fields (passport number, birth date, expiry) — but these have low entropy (birth date ~30,000 values, expiry a few years, sex 2 values), so the short key is brute-forceable in hours.
* BAC derives its keys from low-entropy MRZ fields, so the result is brute-forceable in hours. *
Principle: BAC requires the reader to possess a key generated from the machine-readable zone (MRZ) data, intended to prevent unauthorised reading. Key derivation uses: issuing country (3 chars), document type (1 char, e.g. "P"), passport number (up to 9 chars), nationality (3 chars), date of birth (YYMMDD, 6 chars), sex (1 char), expiry date (YYMMDD, 6 chars), check digits (3 chars).
Security problems:
- Weak entropy: the data are easy to guess — passport numbers often follow predictable patterns; date of birth has only ~30,000 possible values; expiry is limited to a few years; sex has only 2 values.
- Short key: the resulting key length is too short for modern requirements.
- Brute-force feasible: researchers showed BAC can be broken in hours with off-the-shelf hardware; knowing parts of the MRZ (country, birth year) shrinks the search space dramatically.
BAC offers basic protection against casual scanning, but not against targeted attacks with adequate resources.
Tip: The flaw is that the "key" is built from semi-public, low-entropy facts about you. Your birth date and a guessable passport number aren't a secret — so a key made from them isn't really secret either.
Go deeper:
Basic access control (Wikipedia) — MRZ-derived key entropy and the brute-force weakness.