acm-header
Sign In

Communications of the ACM

Home/News/'Tough to Forge' Digital Driver's License Actually.../Full Text
ACM TechNews

'Tough to Forge' Digital Driver's License Actually Easy to Forge

By Ars Technica
May 25, 2022
Comments
View as: Print Mobile App Share:

The digital driver's licenses require an iOS or Android app that displays each person’s credentials. The same app allows police and venues to verify the credentials are authentic.

Credit: Service NSW

Security researchers have found that the supposedly hard-to-counterfeit digital driver's licenses (DDLs) in use in New South Wales, Australia, actually can be altered easily .

Introduced in 2019, DDLs are used with an iOS or Android application that displays each holder's identity and age, and permits authentication.

Researcher Noah Farmer found the DDL can be cracked by brute-forcing the four-digit personal identification number that encrypts the data, which can take less than an hour using publicly available scripts and a commodity computer.

Once a hacker accesses encrypted DDL data, brute force enables them to read and alter anything stored on the file.

Farmer aired the flaws in a blog post last week; it is not clear how, or if, Service NSW, which issued the digital driver’s licenses, plans to respond.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account