On 29 May 2007 08:41:16 -0700, Boltar wrote:

Not sure if those A& B keys mean theres a public private key system
(though I'm not sure how that would work in the case of a smartcard
which has to give full read & write access to the reader to be of any
use) or the keys perform seperate tasks, eg Key A is used just encode
& decode the pay as you go money amount and key B everything else or
some variation on that theme, and I guess these must either be
standard keys used for all cards or TfL has a central database of
card IDs linked to specific keys for each card and if the card ID
isn't in there it can't be used. If its the former then the system
looks wide open to abuse.

I don't know TFL's impelmentation but normally mifare is setup with one
side as security and the other side for vending, I guess they have made
this split for travelcards and top up. The basic idea is that the key of
each card is unique, and is held in the none eeprom side of the card making
it harder to duplicate.

I would expect the basic level of security is that if the "same" card is
used a distance apart at the same time then that id is blocked, this
couldn't really be realtime and would need to be done overnight. They
could have put more security in the datablock regarding the id, but I doubt
it, better to put it around the travel cards and the cash amount.

This will be hacked eventually, but the hard part is not getting caught.
Duplicates and cards with false cash/travelcards will be easy to spot, and
setting the gate to light up like a xmas tree when its used won't be hard!

Steve