Thread: Security of Oyster Cards
View Single Post
  #44   Report Post  
Old November 23rd 03, 11:11 PM posted to uk.transport.london,alt.2600,sci.crypt
Ernst Lippe Ernst Lippe is offline
external usenet poster
  
First recorded activity at LondonBanter: Nov 2003
Posts: 6
Default Security of Oyster Cards
On Sun, 23 Nov 2003 22:21:46 +0000, Anne & Lynn Wheeler wrote:


"Ernst Lippe" writes:
Even though some criminal organizations have a large resources at
their disposal, I don't think that they will use them to attack
smart cards. It is just a simple matter of economics. The initial
investments are pretty big, you need some highly skilled experts and
some pretty expensive equipment just to break a single smart
card. In almost all smart card systems you don't gain much when you
are only able to duplicate a single smart card, because it will be
put on the red list and you won't be able to really use any of the
duplicates. But even when you are able to make new "cards"
(actually, these new devices probably are not smart cards (it is not
at all easy to obtain a large set of "empty" smart cards), but other
microprocessor devices that pretend that they are smart cards) you
still have to make major investments, like producing these new
"cards" and more importantly you will have to set up an expensive
distribution channel. Given the large financial risks in such an
operation, I don't think that is economically very attractive, even
for smart cards that have high financial values.

check out "yes card" references in the following post/trip report
(last paragraph):
http://www.smartcard.co.uk/resources...artes2002.html
The "yes card" label is supposedly started in the UK press(?)

This is not an extremely convincing reference. It has been a very long
time since I looked at the EMV specifications, but as far as I can
tell this is only a threat against cards that use SDA (static data
authentication). Now static data authentication is a very limited
method of card authentication, if I understand it correctly it is just
a public key signature over some static parts of the key contents. (If
mag-stripe cards had sufficient capacity they could also use
SDA). Since every terminal has to be able to read the SDA of the card,
it should be fairly easy to copy. It is not an attack against the
keys of the card itself, but only against some of the contents of the
card that should be easily readable anyhow. It is just an example of
how you can build a not so very secure system with smart cards.

greetings,

Ernst Lippe


Reply With QuoteReply With Quote