# I. Introduction peed, time and security components have become the most important success factors in any developed system and at the same time number of travellers around the world is increasing continuously. Since the airports are the main ports of the States, the movement of passengers through the gates in order to verify the identity of travellers requiring high accuracy to make sure that no forgery and no impersonate the passport holder. E-passport technology (Kundra & et al, 2014) has become an important substitution of the traditional passports in the access controls intended for travel around the world since the authentication of the passenger using it becomes faster, more secure, and more preserving of the privacy of passengers (Juels& et al, 2005). In addition, the forgery processes of the traditional passports are not available in the e-Passports. Some of these challenges are cloning, and spoofing of RFID. Other challenges are the impersonation and eavesdropping attacks on the reader devices. The communication between the Tag and inspection system are controlled by the cryptography techniques to overcome these types of attacks. # II. Literature Reviews An Anti-Cloning and Anti-Skimming Protocol (ACASP) (Saeed & et al, 2009) has been proposed to counter the vulnerabilities of Basic Access Control and Active Authentication with respect to RFID chip skimming, and cloning. It takes advantage of publicprivate key pair stored in the chip and the optional data storage capacity in Machine Readable Zone (MRZ) of the passport. An advantage of ACASP is that it can be implemented without any modifications in the hardware of the reader and the Tag. And there is no need to make changes in the Logical Data Structure (LDS) of the RFID chip. (Benssalah et al., 2012) proposed an authentication algorithm based on elliptic curves ElGamal encryption (ElGamal, 1985). The main benefits of this protocol are that fights against four types of security threats; Simple power analysis and timing analysis, Passive attacks, Man-in-the middle, and Replay attack. Al-Hamami (Al-Hamami & Al-Anni, 2005A) suggested some new authentication method by using a firm authentication method by extracting some features for the original name of the holder with the passport number and digest them in a form, by applying some techniques, that can be hidden in the passport's photo. A method for e-passport verification depending on watermarking (Wang & et al, 2013) has been proposed which is composed of multimodal biometric feature and the parity check code of that multimodal biometric feature. The need for the multimodal biometric feature is to verify the passport owner, and the parity check code is for the verification of the integrity of the passport itself. The main idea in (Peeters et al., 2014) is to use mutual authentication protocol pattern instead of bootstrap from the low entropy value in MRZ. In order to protect the e-passport holder's privacy, terminal authentication takes place first, and then the e-passport authentication which uses Sigma-I or IBIHOP+. (Al-Hamami & Al-Anni, 2005B) suggested a protocol to solve the problem of e-passport verification and authentication. (Al-Hamami & Al-Anni, 2005) suggested to use an invisible watermark to be hidden in the passport headshot to solve the problem of the passport verification, and they also suggested to use Diffie-Hellman to solve the problem of mutual authentication between the e-passport and the inspection system. # III. Statement of Problem The aim of this paper is to propose a method to enhance the security part of the epassport. Since the epassport is an international issue, we tried to use an international security method. This will be done by using an international prime number code assigned for each country, using a secret code for every country for privacy, and using unified methods Diffie-Hellman key exchange to create the exchanged key and steganography method to hide the secret code for privacy and authentication (Hariri & et al, 2011). # IV. The Proposed Solution This paper aims to use a global method for greater security of epassport at airports check points. This depends on giving each country its own prime (what's wrong in this key? The main idea of Diffie-Hellman and ElGamal is to use a large prime number) number. This number should be a prime number or it will be converted to a prime number so that it can be used in the proposed framework of scrutiny and increased passport security. In general, the proposed method is to use Diffie-Hellman key exchange Algorithm to share a private key between the Tag and the Inspection System (IS). The inspection system will use NFC technology in the reader devices which allows the reader to communicate with RFID Tag without needing to touch the devices together or go through multiple steps setting up a connection and allows the exchange of information between devices through short-range waves about four centimeters a maximum so as to prevent contact by mistake to other devices. A calculated value will be hidden in the passport photo by using steganography method. When, the passport holder arrives the access control, and during the Diffie-Hellman key exchange process, the reader obtains a value from the Tag. Then, the reader scans the passport photo and compares the value hidden in the photo with the obtained value; if they were identical, the reader can make sure that the Tag is not cloned and it is authenticated. After the mutual authentication process between the Tag and the reader, and after each of them calculates the secret key using Diffie-Hellman, the Tag sends the identification data (which are stored in plaintext format) of the passport holder using asymmetric encryption algorithm (ElGamal encryption system) to convert the plaintext into cipher-text and then the reader reconverts the cipher-text into plaintext. Figure 1 explains the proposed framework. d) Hide the generated public key (A) in the headshot using Least Significant Bit encoding (LSB) steganography technique. Use the random number (r) as a password for the steganography process. e) Phase two is composed of four algorithms. These algorithms have to be performed by the access control country. VII. Algorithm One (Mutual Authentication) Continue the Diffie-Hellman algorithm, which has been started in step (a) of algorithm three of phase one, in order for the chip and the reader to obtain a shared secrete key (K). # VIII. Algorithm Two (E-Passport Chip Verification) a) Using ElGamal algorithm, obtain the random number (r). b) Extract the hidden value from the headshot, and use the value (r) as the password for that. Obtain the public key value (A) from the chip during Diffie-Hellman algorithm. Compare the extracted value in step (b) with obtained value in step (c); if they were identical, so the chip is the original one and not cloned. Otherwise, the chip is cloned and the e-passport holder must not pass the access control, and there is no need to perform the algorithms two, three, and four. Example for non-forged passport Suppose that the value of the automatically generated prime number (p) is 23, the value of the modular number (g) is 5, the value of (p) and (g) are common between the RFID and the reader. Suppose also the secret number of the RFID (a) equals 6, and the secret number of the reader device (b) equals 15. Now these values have to be followed across the overall process. Scan the headshot of the applicant. c) At the passport side, it calculates the public key (A). (A = g a mod p), (A) = 8. On the other hand, the reader device calculates its public key (B). (B = g b mod p), (B) = 19. After generating the public key (A), it will be hidden in the headshot of the passport bearer. When the passenger arrives to the access control of the destination country communication between the E-Passport and the inspection system carries on. The RFID sends the value A to the reader, and the reader sends the value B to the RFID. Based on Diffie-Hellman algorithm, when the E-Passport calculates its secrete key K RFID = B a mod p (K RFID = 19 6 mod 23=2).and the reader calculates its secrete key K Raeder = A b mod p (K Raeder = 8 15 mod 23=2), and after checking the equality state of them, if they were identical, a message saying that Mutual authentication passed will appeared. Now the system will Extract the hidden value (A) from the headshot, and compare it with obtained value from the RFID chip; if they were identical, so the chip is the original one and not cloned. After the passport authentication and verification, it has to encrypt the identification data using ElGamal encryption algorithm in order to send them to the reader device. The final step happens in the access control country in which the reader needs to decrypt the encrypted identification data sent to it from the E-Passport. # X. Conclusion The use of e-Passport is technology increasingly used in different countries overall the world. It aims to fight against the forgery activities of the traditional passports. This paper proposed to develop a security technique to be used with the e-passport in the airports to read its holder information by using Radio Frequency technique (RFID). 11![Figure 1 : A Phase one (e-passport generation)](image-2.png "Figure 1 :Figure 1 :") ![Identification and Biometric Data Conversion to Cipher (Using ElGamal Encryption) Use ElGamal decryption algorithm to convert the identification and Biometric, which were stored in the chip, into cipher text. Send the cipher text to the reader device. a) Receive the cipher text from the e-passport chip. b) Use ElGamal encryption algorithm to convert back the cipher text to its original plaintext value.](image-3.png "") ![Security to Protect E-Passport against Photo Forgery Global Journal of Computer Science and Technology Volume XVI Issue VI Version I 17 Year 2016 ( ) X. Decryption of the Cipher text (using Elgamal Decryption)](image-4.png "Enhancing") © 2016 Global Journals Inc. (US) 1 © 2016 Global Journals Inc. (US) . M. Benssalah, M. Djeddou, K. Drouiche (2012). RFID authentication protocols based on ECC * A). A new approach for authentication technique AAl-Hamami S Al-Anni Journal of Computer Science 1 1 2005 * A Proposal for comprehensive Solution to the problems of Passport's Authentication AAl-Hamami S Al-Anni RFID- TA P. 146-150, Asian Network for Scientific Information. encryption schemes. Paper presented at the RFID-Technologies and Applications 2005 4 2012 IEEE International Conference on * A public key cryptosystem and a signature scheme based on discrete logarithms T 1985 Paper presented at the Advances in cryptology * An introduction to steganography methods MHariri RKarimi MNosrati World Applied Programming 1 3 2011. January 2016 * Security and Privacy Issues in E-passports.Paper presented at the Security and Privacy for Emerging Areas in Communications Networks AJuels DMolnar DWagner SecureComm 2005. First International Conference on 2005. 2005 * The study of recent technologies used in Epassport system SKundra ADureja RBhatnagar Paper presented at the Global Humanitarian Technology Conference-South Asia Satellite (GHTC-SAS) IEEE 2014. 2014 * Speedup for European E-Passport authenticcation RPeeters JHermans BMennink 2014 International Conference of the 2014 Paper presented at the * MSaeed AMasood FKausar 2009 * Passport system: a proposed anticloning and 10. anti-skimming protocol. Paper presented at the Software, Telecommunications & Computer Networks E-Securing SoftCOM 2009.17th International Conference on 2009 * Two-stage verification based on watermarking for electronic passport. Paper presented at the Intelligent Information Hiding and Multimedia Signal Processing ZWang LYang YCheng QDing Ninth International Conference on 2013. 2013