logoalt Hacker News

fwip10/01/20242 repliesview on HN

First, not everyone has passports - there are roughly half as many US passports as Americans.

Second, how much of the passport information do you hash that it's not reversible? If you know some facts about your target (imagine a public figure), could an attacker feasibly enumerate the remaining info to check to see if their passport was registered in your database? For example, there are only 2.6 billion possible American passport numbers, so if you knew the rest of Taylor Swift's info, you could conceivably use brute-force to see if she's in your database. As a side effect, you'd now know her passport number, as well.


Replies

AnthonyMouse10/01/2024

> Second, how much of the passport information do you hash that it's not reversible?

That doesn't even matter. You could hash the whole passport and the passport could contain a UUID and the hash db would still be usable to correlate identities with accounts, because the attacker could separately have the victim's complete passport info. Which is increasingly likely the more sites try to use passports like this, because some won't hash them or will get breached sufficiently that the attackers can capture passport info before it gets hashed and then there will be public databases with everybody's complete passport info.

show 1 reply
dom9610/01/2024

That’s a very good point and indeed it is a potential attack vector.

I’ll have to think about that. Perhaps I can get away with not tying the passport hash to a particular user.