Thread: Security of Oyster Cards
View Single Post
  #4   Report Post  
Old November 18th 03, 02:55 PM posted to uk.transport.london,alt.2600,sci.crypt
Mok-Kong Shen Mok-Kong Shen is offline
external usenet poster
  
First recorded activity at LondonBanter: Nov 2003
Posts: 2
Default Security of Oyster Cards


John Hadstate wrote:

(Matthew) wrote in message
Access to the information is only possible using secret keys
specific to that card, known only to devices permitted to process the
cards. These cards are very difficult to break into, making the cards
very secure; in the unlikely event that a card has its key broken
then the system - and all other cards - will remain secure.


All of the above adds up to a classic case of "security by obscurity."
This might mean that the inventors have already identified or suspect
weaknesses in their system that they hope will remain undiscovered if
no one is permitted to analyze their system too closely.

On the other hand, if the cost/risk of analysis is
sufficiently high, there would be 'practical' security,
I suppose. (Actually, banknotes are similar in this
respect, I believe. There are saying, though, that
the techniques/knowhow of the fraudsters are now quite
comparable to those of the governments in making
banknotes.)

M. K. Shen
Reply With QuoteReply With Quote