Paul Corfield wrote in message . ..
On 18 Nov 2003 03:47:35 -0800, (Matthew) wrote:

I am interested in the mechanics of these cards, which are smart cards
for use on London's transport system. One would hope given the
reported £1billion+ that they are secure.
[snip]
I don't know if the mechanics system of this are documented anywhere,
or have been analyzed by anyone independent, but I am wondering about
the cryptographic approach used for this system.
[snip]

I can see potentially two (or three) ways of doing this system:
[snip]
Any insights better than mine into how the system works, and where
vulnerabilites lie would be welcomed.

Out of curiosity why do you wish to know?

As one of the people who wrote the spec for Prestige (but not to the
technical level of detail you are enquiring about) I am somewhat
concerned. Perhaps you can enlighten me as to your motives?

let me see. I could either be:

(a) a criminal determined to save the £7.50/week cost of my zone 4
pass, and asking how to do this in a public forum, conveniently
providing my name and email address

or
(b) someone with an enquiring mind intrigued about the technical
workings of a system, and concerned/interested about the security of
it.

I will leave you to work it out.

PS. Does anyone know whether the bus passes actually store zone
information, and whether this is checked by the buses? I have a
single-zone pass and I'm curious to know whether it would work in
other zones.

So why don't you simply attempt to board a bus in a zone outside the
validity of your card and see what happens? This is far easier than
divulging the coding and interrogation details of a secure system in a
public forum.

I don't believe that there is anything especially confidential about
the mechanics of this system. True security works through secure keys
and public algorithms, not by hiding ones methods. In fact, it is
possible to buy mifare readers/writers online, as well as the cards,
so the general principles are public knowledge. Trade secrets of this
nature are usually protected by patents, which are published and
available for all to see. The technical workings of this sytem, if not
the precise coding and file structure, are most likely well-known.

On Tue, 18 Nov 2003 21:21:14 +0000, Dave Newt wrote:

Kai wrote:

This is funny: "Because the Oyster card is contactless, customers only need
to touch the cardreaders with their Oyster cards as they pass through ticket
gates at London Underground or National Rail stations or board a bus. "

If they are contactless, then whey do the customers need touch the
cardreaders?

They originally said you could keep it in your pocket and sail through
the gates, but you can't! So they then changed it to the above wording.

However, you can leave it in your bag and wave your bag over the reader
(I have done it).

I think they are just overstating the case so that people don't hold it
six inches above the reader and then complain that it doesn't work.

The reason that you need to be very close is that the cards
have no internal power source, they get all their power from
electromagnetic radiation from the reader. And the reader
cannot send out very strong signals because that would
interfere with other equipment.

greetings,

Ernst Lippe

Ernst Lippe wrote:
On Tue, 18 Nov 2003 03:47:35 +0000, Matthew wrote:

I am interested in the mechanics of these cards, which are smart
cards for use on London's transport system. One would hope given the
reported £1billion+ that they are secure.
[...]
I expect that this system should be fairly secure, breaking smart
cards is certainly not trivial. Smart cards have been used for quite
some time, e.g. as electronic purses, in several countries and as far
as I know there have not been any major attacks against the smart
cards themselves.

It's not a partiularily smart card, and it is kinda old news, but the
electronic bus tickets that were used here in New Zealand were broken. To
quote Peter Gutmann's page:

"In October 1997 I broke the security of the smart cards used by the Yellow
Bus Company, Auckland's largest public transport organisation. These are
10-ride rechargeable cards that come in various forms (adult, child,
different numbers of fare stages, and so on). As it turns out the cards have
very little security, so that it's possible to recharge them or copy them
without too much effort (to test this I created a demo $50 test card that
was accepted by the reader as a normal bus pass). I informed the YBC of the
problem, and the story was covered in Computerworld New Zealand, 26 January
1998."

I beleive there was a similar attack developed against the Telecom
phone-call cards, though I can't find any details of it so quite possibly it
was just my imagination.

[...]

--
Michael Brown
www.emboss.co.nz : OOS/RSI software and more
Add michael@ to emboss.co.nz - My inbox is always open

Michael Brown wrote


I beleive there was a similar attack developed against the Telecom
phone-call cards, though I can't find any details of it so quite possibly it
was just my imagination.

At one time BT phone-call cards used IR pulses to deactivate (melt) each
token on the card. If you covered the relevant part of the card with eg a
good quality clear nail polish the deactivation failed, and you could reuse
the card forever. I don't think they work that way any more.



Oyster cards have a few unexpected security risks - people tend to keep them
in their wallets, and take their wallets out of their pockets to wave over
the reader. Gives pickpockets a chance to eye up the wallet, and learn where
its owner keeps it, and it gives thugs the chance/ inspiration to grab the
wallet and run.

The privacy implications aren't good either. All card usage is tracked
offline, to prevent use by multiple people, and usage records stored for
that purpose. The Police etc can ask for them (and may soon become able to
demand them, but that's another story) and use them to track your movements.


--
Peter Fairbrother

Paul Corfield wrote in message . ..

PS. Does anyone know whether the bus passes actually store zone
information, and whether this is checked by the buses? I have a
single-zone pass and I'm curious to know whether it would work in
other zones.

So why don't you simply attempt to board a bus in a zone outside the
validity of your card and see what happens? This is far easier than
divulging the coding and interrogation details of a secure system in a
public forum.

Well at the moment the system seems to let you travel on buses quite
happily without charging you the full fa

I bought a weekly travelcard on an oyster. When the travelcard
expired I went to an LU ticketmachine to see what else, if anything, I
could do with this Oystercard. Review journey history - quite
interesting. Buy another season ticket - later maybe. Top up pre-pay
- oh what's this? I topped up £2.50 and checked the card and sure
enough it now showed a balance of £2.50.

I leave the station and decide to take a bus. It's a DOO bus so it
has a card reader by the driver. I blip the card onto the reader, it
lights up green, the driver acknowledges the fare and I make my
journey. I go into another tube station to check what has happened on
the card's journey history; bus fare deducted 1p, balance £2.49. I
did the same again later that evening from my local tube station to
home so the first journey was clearly not an isolated incident. This
happened about a week ago and checking the journey history yesterday
indicates that LU haven't adjusted the balance on the card to deduct
the bus fares at their proper amount.

Now, I appreciate that pre-pay hasn't gone live officially yet, but it
is possible to store value on the cards and use that value to buy
single tube tickets - the machine prints you a paper one rather than
loading the ticket onto the oyster. And you are charged the full fare
for these tickets. Even so - being able to get an apparently valid[1]
ride on a bus for a penny must surely be a bit of a bug?

I'm not going to take the **** by making millions of bus journeys for
a penny all over town, but the £1.68 I appear to have saved will count
as some small recompense for the time and energy London Transport have
stolen off me over the years through their failure to run a proper
service.

[1] Yes, yes I know it's probably not /really/ valid, but
- a) the LED shows green and indicates a fare has been paid
- b) the drivers and/or conductors don't really give a monkeys about
collecting the correct fare or have the knowledge/training to
appreciate what has just happened
- c) I've lived in London for over 8 years and travelled extensively
on tube, train and bus and I have seen a ticket check probably less
that half a dozen times
- d) even if an inspector did check your oyster card - would it tell
him anything other than a valid fare had been paid?

--
Cheers
-sandy

On Wed, 19 Nov 2003 18:07:40 +1300, Michael Brown wrote:

Ernst Lippe wrote:
On Tue, 18 Nov 2003 03:47:35 +0000, Matthew wrote:

I am interested in the mechanics of these cards, which are smart
cards for use on London's transport system. One would hope given the
reported £1billion+ that they are secure.
[...]
I expect that this system should be fairly secure, breaking smart
cards is certainly not trivial. Smart cards have been used for quite
some time, e.g. as electronic purses, in several countries and as far
as I know there have not been any major attacks against the smart
cards themselves.

It's not a partiularily smart card, and it is kinda old news, but the
electronic bus tickets that were used here in New Zealand were broken. To
quote Peter Gutmann's page:

"In October 1997 I broke the security of the smart cards used by the Yellow
Bus Company, Auckland's largest public transport organisation. These are
10-ride rechargeable cards that come in various forms (adult, child,
different numbers of fare stages, and so on). As it turns out the cards have
very little security, so that it's possible to recharge them or copy them
without too much effort (to test this I created a demo $50 test card that
was accepted by the reader as a normal bus pass). I informed the YBC of the
problem, and the story was covered in Computerworld New Zealand, 26 January
1998.

Those cards were not real smartcards, they were simply memory cards, that
do not contain any cryptographical keys and that generally are quite
easy to duplicate. The distinction between memory cards and smartcards
is very important from a security point of view. The oystercards are
(simple) smartcards and simple duplication attacks should not work.


I beleive there was a similar attack developed against the Telecom
phone-call cards, though I can't find any details of it so quite possibly it
was just my imagination.

All disposible phone-call cards, that I know, are memory-cards (not
full-blown smart-cards). They have been counterfeited quite
frequently, and most telephone companies upgrade to new card types at
regular intervals. In general, this not a very serious problem because
the risk is quite manageable, just like fraud with creditcards.

greetings,

Ernst Lippe

In article ,
Matthew wrote:
It's difficult to see how something that operates in this way can hope
to replace cash fares, as it is more difficult to charge the card than
to even buy one of the current generation of magnetic cards (bus
passes and travel cards), which are currently available from
newsagents and other retailers, providing a convient service, as well
as revenue source for the retailers.

Pass agents (ie, newsagents where you can buy a travelcard) are
starting to get Oyster card updating hardware, too - the one opposite
Finchley Central station in Station Road has one.

I don't know what features their terminals have.

--
Good night little fishey-wishes.... I've counted you, so no
sneaky eating each other.
-- FW (should I worry?)

(sandy) wrote in message . com...

I leave the station and decide to take a bus. It's a DOO bus so it
has a card reader by the driver. I blip the card onto the reader, it
lights up green, the driver acknowledges the fare and I make my
journey. I go into another tube station to check what has happened on
the card's journey history; bus fare deducted 1p, balance £2.49. I
did the same again later that evening from my local tube station to
home so the first journey was clearly not an isolated incident. This
happened about a week ago and checking the journey history yesterday
indicates that LU haven't adjusted the balance on the card to deduct
the bus fares at their proper amount.


This is very worrying. If there isn't sufficent audit carried out to
spot this problem then they have not got a hope in hell of spotting
hacked Oyster cards. Automated processes should be trawling through
the reader events every day and flagging any cards with suspect
transactions. This will reduce the life of any hacked card to less
than 24 hours. The longer the period is between the checks then the
longer the period that a hacked card will be useful for. Apparently
this stands at one week and rising.

At least it is taking some money off of you though, which was better
than the older magnetic ticketing system which would under certain
circumstances open the barriers when fed an expired travelcard (I jest
not - Google has the details). Nice to see that Cubic have produced
another quality system with our millions.

--
Gareth Davis

Peter Fairbrother wrote:
Oyster cards have a few unexpected security risks - people tend to
keep them in their wallets, and take their wallets out of their
pockets to wave over the reader. Gives pickpockets a chance to eye up
the wallet, and learn where its owner keeps it, and it gives thugs
the chance/ inspiration to grab the wallet and run.

Unexpected? Why is that any different from the situation with old-style
mag-stripe season tickets? Are you suggesting that people who keep their
Oyster in their wallet didn't keep their old season tickets there?
--
Richard J.
(to e-mail me, swap uk and yon in address)

On Wed, 19 Nov 2003 05:49:38 +0000, Peter Fairbrother
wrote:

Michael Brown wrote


I beleive there was a similar attack developed against the Telecom
phone-call cards, though I can't find any details of it so quite possibly it
was just my imagination.

At one time BT phone-call cards used IR pulses to deactivate (melt) each
token on the card. If you covered the relevant part of the card with eg a
good quality clear nail polish the deactivation failed, and you could reuse
the card forever. I don't think they work that way any more.


There aren't any BT phonecards (at least in the sense of cards that
you load value onto and put in a public phone) any more. However the
first generation of BT phone cards were reputed to be very easy to
hack - this sounds like why



Oyster cards have a few unexpected security risks - people tend to keep them
in their wallets, and take their wallets out of their pockets to wave over
the reader. Gives pickpockets a chance to eye up the wallet, and learn where
its owner keeps it, and it gives thugs the chance/ inspiration to grab the
wallet and run.


Good point that the risks often have as much, or more, to do with
users' behaviour than the technical characteristics of the card.
Though in practice do people keep their Oyster cards in their wallet?
I keep mine in a separate wallet with my photocard, which is how I've
carried my travelcard for years. The walllet with my cash and credit
cards is separate, but of course it comes out when I want to buy a
paper and a cup of coffee before I get on my train or bus.

The privacy implications aren't good either. All card usage is tracked
offline, to prevent use by multiple people, and usage records stored for
that purpose.

Again (and I'm aware this is controversial) I'm not convinced it's a
big deal. Given the extent to which, in my case, Vodafone and Lloyds
TSB can already track my movements,and that TfL is only monitoring my
movements in terms of my use of their services, then I can't get
worried about TfL having a record of my Oyster use.

The Police etc can ask for them (and may soon become able to
demand them, but that's another story) and use them to track your movements.

OK - but that's an issue with whether the police have excessive
powers, not specifically an issue with Oyster. In any case plastic
cards tend to fall out of pockets, get stolen, and, however good the
security, will eventually get cloned: all reasons why a plastic card
being in a particular place isn't very strong evidence that its owner
was in a particular place

Martin