Validating an EPassport

Last modified date

Comments: 0

Overview of data stored in an EPassport

Data Group Reference Numbers Assigned to the LDS [4]
Overview of data signed and stored in an EPassport chip [6]
File Structure Summary [4]

Data Groups

All Data Groups in the passport are in the form of data templates and have individual ASN.1 Tags.

The minimum mandatory items of data stored on in the LDS are the DG1 (duplication of the MRZ) and the DG2 (holders facial image).

In addition the IC contains the Security Object (ED.SOD) which is needed to validate the integrity of data created by the issuer. It is stored in Dedicated File No 1.

MF, DF and EF

Master File, Dedicated Field and Elementary Files.

Master Files are optional files at the root of the file system.

DF’s contain EF’s or other DF’s.


Document Security Object (SOD) is stored on the chip of the passport.

It is named EF.SOD and consists of the hashes of the Data Groups in use and has the Normative Tag 77 (hex).

EF.SOD Tag [4]
Data GroupEF NameShort File IdentifierFIDTag
Document Security ObjectEF.SOD1D01 1D77

It is a signed data structure, signed by the Document Signer (DSC).

It is stored in the MRTD’s chip.

The SOD data is stored as a hex array of different fields.


Certificate Authority


Country Signing Certification Authority.


Integrated Circuit


Document Signer Certificate (DSC) contains the information required to verify the digital signature of an e-passport.

KPuDS – verified Document Signer Public Key. It is used to verify the signature of the SOD.


Public Key Infrastructure.


Logical Data Structure.

Data Elements Encoding Rules

Each data object has an identification Tag that is specified in hexadecimal coding. e.g. 0x5A

Validating an EPassport – Passive Authentication

Chain of trust [8]

Passive authentication is the process of validating the authenticity and integrity of the content on the chip of an EPassport.

This is done by verifying the digital signature of the document using the public keys of the issuing state.

Passive authentication proves that the contents of the SOD and the LDS are authentic and not changed. It does not prevent exact copying of the contactless integrated circuit’s (IC) content of chip substitution.

  1. Read the SOD which contains the Document Signer Certificate.
  2. A certification path from the Trust Anchor to the Document Signer Certificate used to sign the SOD is built and validated.
  3. The verified Document Signer Public Key is used to verify the signature of the SOD.
  4. The contents of the Data Group are hashed (computed hash) and compared with the result of the hash value in the SOD (stored hash) to ensure that the data is authentic and unchanged.


[1] E-Passport Validation: A Practical Experience

[2] E-Passport Basics

[3] Machine Readable Travel Documents

[4] Logical Data Structures for storage of Biometrics and Other Data in the Contactless Integrated Circuit

[5] Yobi Wiki EPassport

[8] Basics of EPassport Cryptography

[9] ICAO ePassport and Master lists

[10] SSL File Extensions


Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.