Home |
Search |
Today's Posts |
|
London Transport (uk.transport.london) Discussion of all forms of transport in London. |
|
LinkBack | Thread Tools | Display Modes |
#1
|
|||
|
|||
Security of Oyster Cards
I am interested in the mechanics of these cards, which are smart cards
for use on London's transport system. One would hope given the reported £1billion+ that they are secure. Apparently they work using a form of RFID According to http://www.google.co.uk/search?q=cac...hl=en&ie=UTF-8 Embedded in the smartcard is a small microchip, which can handle and store information, and an ariel. When the card is touched to the cardreader, power flows through the aerial and information moves from the card to the reader and back again. Communication between the card and reader is by radio signals and takes less than a fifth of a second. Once issued, Oyster cards can be topped up to meet the travel needs of each customer. This can be done at the upgraded ticket machines in stations, at any of the local ticket outlets or at a station ticket office. The ability for customers to purchase and top up smartcards away from the station i.e. internet and telesales are being developed for introduction next year. Individual members of the TranSys consortium have successfully installed, operated or are developing similar systems around the world, including in San Francisco, Los Angeles and Hong Kong and therefore can use their experience to build and maintain a world class system for London. Smartcards are amongst the most secure ways to store information and users of Oyster can be confident of the security of the data on their card. Access to the information is only possible using secret keys specific to that card, known only to devices permitted to process the cards. These cards are very difficult to break into, making the cards very secure; in the unlikely event that a card has its key broken then the system - and all other cards - will remain secure. ---- I don't know if the mechanics system of this are documented anywhere, or have been analyzed by anyone independent, but I am wondering about the cryptographic approach used for this system. I can see potentially two (or three) ways of doing this system: using a globally unique identifier - a unique ID on the card. All information is stored on London Transport's servers. When a card is used, radio contact is made to the central server to find what value is remaining on the card. I don't believe that this is the case. Considering the large number of readers (handheld, fitted to buses and underground gates), and the speed of operation, this doesn't seem feasible. The only security problem I can see with this method, assuming it is in use, is cloning: e.g., cloning an annual travel card (value up to £2500). This could be detected fairly easily, in that I assume that the train readers store information, which is regularly analyzed to detect fraudulent acitivity. secondly: using encrypted information stored on the card as to what the card's capabilities (e.g., 1 month bus pass, expiring 20th November, valid zones 1-4). Some kind of public/private key would work well here, in that the public key would not be keept secure. The problem with this is that the cards are reusable, and have some kind of recharge functionality. This means that a potentially large number of devices would have to have the ability to modify the information. It also doesn't really handle the question of how the promised ability to renew online will be functionality. This appears to be implied from the fact that the blurb states that there is a private key technology work 'known only to the device readers'. Given that there are thousands of these readers fitted to every bus, train station, and possibly some other forms of transport as well, how secure can something equipped to thousands of devices be; if the system can be cracked, you can be sure that it will be worth someone's while to do so. thirdly: a combination of the two: the cards do appear to have some kind of unique identifier, as it is possible to enter your id number into their website, which is linked to your details. This does not preclude them from storing validity information as well, for the benefit of devices that are not connected up to the central database. Any insights better than mine into how the system works, and where vulnerabilites lie would be welcomed. Thanks PS. Does anyone know whether the bus passes actually store zone information, and whether this is checked by the buses? I have a single-zone pass and I'm curious to know whether it would work in other zones. |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Oyster Cards damaged by proximity door entry cards | London Transport | |||
Oyster and the b***y security question!! | London Transport | |||
New National Security Technology ignored that might have stopped the bombing | London Transport | |||
removing staff? What happens to security? | London Transport | |||
How do you enter your security answer on the Oyster Sales site? | London Transport |