Thread: Security of Oyster Cards
View Single Post
  #42   Report Post  
Old November 23rd 03, 07:54 PM posted to uk.transport.london,alt.2600,sci.crypt
Ernst Lippe Ernst Lippe is offline
external usenet poster
  
First recorded activity at LondonBanter: Nov 2003
Posts: 6
Default Security of Oyster Cards
On Fri, 21 Nov 2003 07:21:05 +0000, Boltar wrote:

"Ernst Lippe" wrote in message ...
Even though there are some possible attacks, in general it is very
difficult to extract those keys from the smart card.

No it isn't. You rip the lid off the chip

Hmm, did you ever tried this with a real smart card?
If you do you will certainly notice that they used some particularly
nasty types of glues. Even for old smart cards, it is pretty difficult
to get at the chips without breaking them. Also several modern chips
have some nasty protection mechanisms, so when even when you are able
to remove the coatings, the chip will simple refuse to work.

and put the EEPROM under
a special microscope. I forget the actual technique used but its been done.

You are probably referring to the work of Ross Anderson and his group
(you can find very interesting links from his personal home page
at http://www.cl.cam.ac.uk/~rja14/).
You should notice that they did not attack a real smart card but only
a standard microprocessor. Also this attack is essentially destructive,
probably you will need a lot of smart cards before you can even break
a single one of them.

There are certainly better techniques known, but they require some
expensive apparatus, and even these techniques won't guarantee 100%
success.

Admittedly its way out of the league of your one man operation but don't
think that professional fraud gangs arn't able to do it.

Even though some criminal organizations have a large resources at their
disposal, I don't think that they will use them to attack smart cards.
It is just a simple matter of economics. The initial investments
are pretty big, you need some highly skilled experts and some pretty
expensive equipment just to break a single smart card. In almost all
smart card systems you don't gain much when you are only able to duplicate
a single smart card, because it will be put on the red list and
you won't be able to really use any of the duplicates.
But even when you are able to make new "cards" (actually, these
new devices probably are not smart cards (it is not at all easy to obtain
a large set of "empty" smart cards), but other microprocessor devices
that pretend that they are smart cards) you still have to make major
investments, like producing these new "cards" and more importantly
you will have to set up an expensive distribution channel. Given
the large financial risks in such an operation, I don't think that
is economically very attractive, even for smart cards that have
high financial values.

Companies always expect the software attack but they never think of the
hardware attack. If you can physcally read the transister/capacitor values
then you can get the data out and given that the memory in most of these
cards is only a few kilobytes this wouldn't take too long. Even encrypting
the data is a waste of time since even if you the fraudster doesn't understand
what he's seeing he can still make an exact copies of it onto operationally
identical hardware (ie duplicate the cards).

Of course whether a duplicated card or any data extracted from it is any
use is another question.
Like I said, duplicating one particular card is hardly ever interesting.

greetings,

Ernst Lippe

Reply With QuoteReply With Quote