Differential Testing Exposes Silent PACE-to-BAC Fallback in Open-Source eMRTD Libraries
Researchers tested two widely used open-source e-passport reader libraries — gmrtd (Go) and JMRTD (Java) — by replaying identical synthetic protocol traffic against both, without any physical passport or NFC hardware. The experiment simulated a scenario where the newer PACE authentication protocol fails and the system silently falls back to the older BAC method. Both libraries completed the session successfully via BAC after PACE returned an error code, but neither surfaced an explicit indication to the application that a protocol downgrade had occurred. The findings highlight a gap that standard conformance testing misses: two libraries can behave identically in observable output while leaving applications unaware of a security-relevant negotiation failure.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)
Log in to join the discussion and vote.
Log in