What does the biometric-passport sub-protocol BAC (Basic Access Control) prevent, and how?
BAC prevents an attacker from silently reading the passport chip at a distance (skimming). The decryption key is derived from data printed inside the passport (MRZ), so a reader must physically see the open document.
The Machine-Readable Zone (MRZ) is the two-line OCR-printed strip at the bottom of the passport's data page. The fields used to derive the BAC key are:
- Document number
- Date of birth
- Date of expiry
Each of those is concatenated with a check digit and hashed; the result becomes a 3DES (or AES in newer versions) symmetric key shared between reader and chip.
Why this matters: without BAC, anyone with a cheap RFID reader could harvest passport data from a backpack in a subway. BAC forces the attacker to also see (or photograph) the inside of the document, which dramatically raises the bar.
Known weakness: the entropy of the BAC key is only ~56 bits in practice (passport numbers aren't random). With a known document-number range plus a known birthdate, the BAC key can be brute-forced offline. Newer PACE (Password Authenticated Connection Establishment) replaces BAC with a Diffie-Hellman-based scheme that gives full-strength keys.
Tip: Anti-skimming wallets and RFID-blocking sleeves attack the same problem from a different angle — by physically shielding the chip from any reader, BAC-protected or not.