Abstract
Since 2006, many countries, all over the world, begin to issue E-passports containing biometric data for their citizens. The International Civil Aviation Organization (ICAO) specification for cryptography in E-passport is proven to be insecure and has many threats. The European Union (EU) has defined an Extended Access Control (EAC) mechanism for E-passports. But, even this solution presents many threats especially in security and privacy. In this paper, we present a new method for securing the exchange between an E-passport and the Inspection System IS. We propose an on-line authentication mechanism based on Elliptic Curve Diffie-Hellman Key Agreement Protocol. We create elliptic curve based on biometric data to validate the identity of the user. Our proposal uses a shorter key than others solutions.