|
Security of Oyster Cards
I am interested in the mechanics of these cards, which are smart cards
for use on London's transport system. One would hope given the reported £1billion+ that they are secure. Apparently they work using a form of RFID According to http://www.google.co.uk/search?q=cac...hl=en&ie=UTF-8 Embedded in the smartcard is a small microchip, which can handle and store information, and an ariel. When the card is touched to the cardreader, power flows through the aerial and information moves from the card to the reader and back again. Communication between the card and reader is by radio signals and takes less than a fifth of a second. Once issued, Oyster cards can be topped up to meet the travel needs of each customer. This can be done at the upgraded ticket machines in stations, at any of the local ticket outlets or at a station ticket office. The ability for customers to purchase and top up smartcards away from the station i.e. internet and telesales are being developed for introduction next year. Individual members of the TranSys consortium have successfully installed, operated or are developing similar systems around the world, including in San Francisco, Los Angeles and Hong Kong and therefore can use their experience to build and maintain a world class system for London. Smartcards are amongst the most secure ways to store information and users of Oyster can be confident of the security of the data on their card. Access to the information is only possible using secret keys specific to that card, known only to devices permitted to process the cards. These cards are very difficult to break into, making the cards very secure; in the unlikely event that a card has its key broken then the system - and all other cards - will remain secure. ---- I don't know if the mechanics system of this are documented anywhere, or have been analyzed by anyone independent, but I am wondering about the cryptographic approach used for this system. I can see potentially two (or three) ways of doing this system: using a globally unique identifier - a unique ID on the card. All information is stored on London Transport's servers. When a card is used, radio contact is made to the central server to find what value is remaining on the card. I don't believe that this is the case. Considering the large number of readers (handheld, fitted to buses and underground gates), and the speed of operation, this doesn't seem feasible. The only security problem I can see with this method, assuming it is in use, is cloning: e.g., cloning an annual travel card (value up to £2500). This could be detected fairly easily, in that I assume that the train readers store information, which is regularly analyzed to detect fraudulent acitivity. secondly: using encrypted information stored on the card as to what the card's capabilities (e.g., 1 month bus pass, expiring 20th November, valid zones 1-4). Some kind of public/private key would work well here, in that the public key would not be keept secure. The problem with this is that the cards are reusable, and have some kind of recharge functionality. This means that a potentially large number of devices would have to have the ability to modify the information. It also doesn't really handle the question of how the promised ability to renew online will be functionality. This appears to be implied from the fact that the blurb states that there is a private key technology work 'known only to the device readers'. Given that there are thousands of these readers fitted to every bus, train station, and possibly some other forms of transport as well, how secure can something equipped to thousands of devices be; if the system can be cracked, you can be sure that it will be worth someone's while to do so. thirdly: a combination of the two: the cards do appear to have some kind of unique identifier, as it is possible to enter your id number into their website, which is linked to your details. This does not preclude them from storing validity information as well, for the benefit of devices that are not connected up to the central database. Any insights better than mine into how the system works, and where vulnerabilites lie would be welcomed. Thanks PS. Does anyone know whether the bus passes actually store zone information, and whether this is checked by the buses? I have a single-zone pass and I'm curious to know whether it would work in other zones. |
Security of Oyster Cards
On Tue, 18 Nov 2003 03:47:35 +0000, Matthew wrote:
I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. Apparently they work using a form of RFID very large snip Given the fact that these cards are smart cards, I believe that your speculations are wrong. I could not find any technical information about the card, but I have some experience with smart cards, so here are my speculations. The system is probably based on conventional secret key encryption, I would not be surprised when it simply uses single DES. The oyster card would contain several cryptographical keys. For example, it will contain a key that is used to write info about the card capabilities. You will need that key to be able to update the info on the card. The card will also contain some authentication key that readers will use to verify that it is a valid card. Card authentication will use some challenge-response protocol, where the reader will generate a random challenge and the card should return the value of this challenge encrypted with the authentication key. Again, when you will need to have this key in order to convince the card readers. Even though there are some possible attacks, in general it is very difficult to extract those keys from the smart card. The next problem is, how do these readers work? In order to authenticate the card they will also need the same authentication keys that the card has. Every reader has a SAM (Security Access Module) that securely holds these keys, in most cases the SAM is just another type of smart card. What basically happens is that the SAM and the postcard will engage in some end-to-end secure communication protocol, after which the SAM will tell the reader if the card was OK or not. The SAM will not be able to encrypt external data with the authentication key, otherwise it could be used to imitate the oyster cards. So even when you steal a SAM, it is of little use, you can only use it to read and validate other oyster cards. The keys for updating the oyster cards are not available on the SAM for the normal card readers. It is very likely that they are only stored in some secure central location and that all places where you can update the card will have to communicate with this central location. Again, this will be an end-to-end secure protocol between the oyster card and the central location. Another trick that is likely to be used is key diversification. The keys for a specific card is derived from some master key in such a way that it is unique for this card, e.g. the card authentication key for a card is probably derived from a master authentication key by encrypting the card id with the master authentication key. In this way, even when one card is cracked, you still don't have the keys for the other cards. I expect that this system should be fairly secure, breaking smart cards is certainly not trivial. Smart cards have been used for quite some time, e.g. as electronic purses, in several countries and as far as I know there have not been any major attacks against the smart cards themselves. BTW, one of the major reasons that many public transportation institutions are highly interested in smart cards is that it will give them a wealth of information about the travel patterns of their customers, which they don't have now. greetings, Ernst Lippe |
Security of Oyster Cards
|
Security of Oyster Cards
"Mok-Kong Shen" schrieb im Newsbeitrag ... John Hadstate wrote: (Matthew) wrote in message Access to the information is only possible using secret keys specific to that card, known only to devices permitted to process the cards. These cards are very difficult to break into, making the cards very secure; in the unlikely event that a card has its key broken then the system - and all other cards - will remain secure. All of the above adds up to a classic case of "security by obscurity." This might mean that the inventors have already identified or suspect weaknesses in their system that they hope will remain undiscovered if no one is permitted to analyze their system too closely. On the other hand, if the cost/risk of analysis is sufficiently high, there would be 'practical' security, I suppose. (Actually, banknotes are similar in this respect, I believe. There are saying, though, that the techniques/knowhow of the fraudsters are now quite comparable to those of the governments in making banknotes.) Actually, today banknotes aren't naively stuffed fithe anti-forgery-features but the idea is to make it unprofitable to fake a banknote in a small-scale production. So, a forger is forced to go large-scale which in turn is easily detectable (duplicate serial numbers or unexplainable inflation for instance) and which also justifies a large-scale counteraction to find and disable him. Lots of Greetings! Volker |
Security of Oyster Cards
On 18 Nov 2003 16:13:18 GMT, Huge wrote:
The hardware is a Philips MIFARE card. http://www.nationalsmartcard.com.au/news.cfm?newsid=128 That page says "The Oyster card has attracted widespread criticism in the UK press over the alleged incompatibility of the card with a similar scheme being developed by the UK's national rail network.". What is this rival system? It's the first I've heard about it. |
Security of Oyster Cards
(Matthew) writes:
I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. Apparently they work using a form of RFID According to http://www.google.co.uk/search?q=cac...hl=en&ie=UTF-8 Embedded in the smartcard is a small microchip, which can handle and store information, and an ariel. When the card is touched to the cardreader, power flows through the aerial and information moves from the card to the reader and back again. Communication between the card and reader is by radio signals and takes less than a fifth of a second. If these cards are what have been introduced in Espoo/Helsinki/Vantaa over the last year or so, then the above is theoretical nonsense. As a regular bus user I can honestly say that the new cards make embarkation massively slower than the old 'punch-card' tickets. Old method : click-click - half a second New method : wave. nothing. press. nothing. hold. nothing. give to friend - he holds it against the sensor. nothing. give back to original person and hold it near the sensor. beeeep! - 5 seconds or so. If you've got exact change, then cash is quicker than the cards. I've seen some people even give up and eventually just pay in cash! Sorry, no cryptographic insight, but simply an IMHO of why the things should be burnt and their inventor publicly flogged, hehehe. Phil -- Unpatched IE vulnerability: ADODB.Stream local file writing Description: Planting arbitrary files on the local file system Exploit: http://ip3e83566f.speed.planet.nl/eeye.html (but unrelated to the EEye exploit) |
Security of Oyster Cards
|
Security of Oyster Cards
In message , Paul Corfield
writes So why don't you simply attempt to board a bus in a zone outside the validity of your card and see what happens? This is far easier than divulging the coding and interrogation details of a secure system in a public forum. But any travelcard covers buses in any zone. And, next year there will only be one bus zone anyway.... At an LU station he'd get a 57 which would tell him nothing except the brand of a well known tinned food manufacturer... (And a request to pay the difference, of course) -- Kat Women and cats will do as they please, and men and dogs should relax and get used to the idea - Robert A. Heinlein |
Security of Oyster Cards
On Tue, 18 Nov 2003 07:42:09 +0000, John Hadstate wrote:
(Matthew) wrote in message . com... I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. Smartcards are amongst the most secure ways to store information and users of Oyster can be confident of the security of the data on their card. Says who? Of course, this was a quote from either the transport company, who spent a lot of money on this and is therefore convinced that it must be secure or from the manufacurer that certainly will not make much money by selling insecure products. Nevertheless, I think that the statement that smart cards are one of the most secure ways to store information is basically correct. Access to the information is only possible using secret keys specific to that card, known only to devices permitted to process the cards. These cards are very difficult to break into, making the cards very secure; in the unlikely event that a card has its key broken then the system - and all other cards - will remain secure. All of the above adds up to a classic case of "security by obscurity." It might, when they have let some incompetent persons design the system. On the other hand, virtually all companies are highly secretive about their security measures, but this does not necessarily imply that these measures are inadequate. This might mean that the inventors have already identified or suspect weaknesses in their system that they hope will remain undiscovered if no one is permitted to analyze their system too closely. Smartcard companies have employed some very competent people. For example, one of the main designers of the electronic smart card purse, that we use here, was Joan Daemen (also responsible for Rijndael). Smartcards are basically dedicated crypto engines, and you can use them to build very secure systems (and yes you can also use them to build insecure systems). Just like other forms of cryptography smartcards are generally the strongest part of the system, and most attackers will simply try to attack the other parts. greetings, Ernst Lippe |
Security of Oyster Cards
"Matthew" wrote in message om... I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. This is funny: "Because the Oyster card is contactless, customers only need to touch the cardreaders with their Oyster cards as they pass through ticket gates at London Underground or National Rail stations or board a bus. " If they are contactless, then whey do the customers need touch the cardreaders? :) Here's a bit of info on the cards themselves: http://rapidttp.com/transponder/presre13.html I have one similar (dumb card) produced by honeywell for my work badge. It simply contains an eprom with an embedded code, which is activiated when swiped near a transponder containing an EM field. The transponder reads the code, sends the information to a computer which then decided whether or not to unlock the door. (Oddly enough I have no physical access to the mainframe. Probably a good idea.) I read recently that Phillips - who makes the Oyster card - is going to roll these out in a massive scale in China for transportation purposes. K (Smile, you're happy now.) |
Security of Oyster Cards
On Tue, 18 Nov 2003 18:50:53 +0000, Paul Corfield wrote:
On 18 Nov 2003 03:47:35 -0800, (Matthew) wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. [snip] I don't know if the mechanics system of this are documented anywhere, or have been analyzed by anyone independent, but I am wondering about the cryptographic approach used for this system. [snip] I can see potentially two (or three) ways of doing this system: [snip] Any insights better than mine into how the system works, and where vulnerabilites lie would be welcomed. ...and more importantly, what strategies have been built into the system to cope when (not if) they are hacked. Anyone deigning a system on the assumption that it is totally secure is a fool, although can we expect any better from the morons who run most things in the UK ? |
Security of Oyster Cards
Kai wrote: "Matthew" wrote in message om... I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. This is funny: "Because the Oyster card is contactless, customers only need to touch the cardreaders with their Oyster cards as they pass through ticket gates at London Underground or National Rail stations or board a bus. " If they are contactless, then whey do the customers need touch the cardreaders? :) They originally said you could keep it in your pocket and sail through the gates, but you can't! So they then changed it to the above wording. However, you can leave it in your bag and wave your bag over the reader (I have done it). I think they are just overstating the case so that people don't hold it six inches above the reader and then complain that it doesn't work. |
Security of Oyster Cards
In message , Dave Newt
writes Kai wrote: "Matthew" wrote in message om... I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. This is funny: "Because the Oyster card is contactless, customers only need to touch the cardreaders with their Oyster cards as they pass through ticket gates at London Underground or National Rail stations or board a bus. " If they are contactless, then whey do the customers need touch the cardreaders? :) They originally said you could keep it in your pocket and sail through the gates, but you can't! So they then changed it to the above wording. However, you can leave it in your bag and wave your bag over the reader (I have done it). I think they are just overstating the case so that people don't hold it six inches above the reader and then complain that it doesn't work. Sometimes just waving it over the reader doesn't work; you may have been lucky. From my observation and experience, some readers are more sensitive than others. -- Kat Women and cats will do as they please, and men and dogs should relax and get used to the idea - Robert A. Heinlein |
Security of Oyster Cards
Mok-Kong Shen wrote in message ...
John Hadstate wrote: (Matthew) wrote in message Access to the information is only possible using secret keys specific to that card, known only to devices permitted to process the cards. These cards are very difficult to break into, making the cards very secure; in the unlikely event that a card has its key broken then the system - and all other cards - will remain secure. If memory serves the system is based on the Philips MiFare system which you can read all about (including the 3 pass authentication procedure) at: http://www.semiconductors.philips.co...sheets/#mifare The key length in use is 48 bits per sector of the card, given the fastest that the select and authentication phase can be completed in is 5ms then it would take over 44.5 thousand years to try all the combinations. And this would only grant you access to a single part of the card. I would expect several sectors to be used in practise, perhaps split up between ticket types and stored payment uses. Direct attack on the cards is clearly out of the question, since all the cards should (I say should, given the vulnerability that used to be present in the old magnetic ticketing system I would not put it past Cubic to screw it up again) have different keys programmed onto them, then attacking multiple cards at the same time is a pointless exercise - unless you were lucky to get a card with a key near the beginning of your test range. We already know that the system 'trusts' the content of the card and there is no live database link available to all of the readers, otherwise we would not have to 'collect' tickets purchased online from a designated gateline. Giving everything a live link would be prohibitively expensive (mobile and handheld units are in use on moving vehicles that may be underground) and would only ever be required if the keys were broken. However if the keys are broken and cards rewritten then I do not see how the system can detect it. Other then perhaps some kind of off line database crawling process looking for anomalies. All of the above adds up to a classic case of "security by obscurity." This might mean that the inventors have already identified or suspect weaknesses in their system that they hope will remain undiscovered if no one is permitted to analyze their system too closely. I believe the card interface system is fairly secure on paper, the question is how secure is the rest of the infrastructure around it? I would expect the keys to leak out of the staff that designed the system before they are cracked, or the website backend to be hacked to start issuing recharge requests without payment. Even if the keys were broken they can be rewritten on the cards making the whole system secure again, although the amount of time it would take to rewrite all the cards may be vast, certainly not an overnight fix - but could be done quietly without anyone having to own up to the problem. Also once a suspect card gets a cancel request raised it then I would expect all mobile terminals to know about it within hours (as soon as they are docked next). Overall I believe the system does have good potential to recover from a compromise BUT it has to be noticed first. On the other hand, if the cost/risk of analysis is sufficiently high, there would be 'practical' security, I suppose. (Actually, banknotes are similar in this respect, I believe. There are saying, though, that the techniques/knowhow of the fraudsters are now quite comparable to those of the governments in making banknotes.) M. K. Shen The rewards in cracking this system are also very high though, given the retail cost of travel passes. I personally spend about 800UKP on travel in London each year, and I live and work about 4 miles from the centre. People made money selling tickets that exploited a problem in the magnetic ticketing system because of this cost but these tickets were obviously not valid for travel to the naked eye. However the real fraud with the smart cards is already happening and is far less technical. Most of the railway companies operating out of London have not equipped their ticket barriers to accept the smartcards or issued their staff with scanners (or maybe they just can't be bothered to carry them). The result is the staff have to assume you have a valid ticket loaded onto your smart card if you are carrying one because they have no way of checking otherwise. For those of you who have never seen one, they all look identical and you usually do not get a printed paper receipt to go with it if you book online. Pretending you have a valid pass on a line where you know it will not get scanned is the real weakness at the moment, and it is this that makes the whole system a bit of a joke. I'm sure the tens of millions could have been better spent elsewhere on the network with a much larger benefit for the passengers. -- Gareth Davis |
Security of Oyster Cards
On 18 Nov 2003 13:40:14 -0800, (Gareth
Davis) wrote: Pretending you have a valid pass on a line where you know it will not get scanned is the real weakness at the moment, and it is this that makes the whole system a bit of a joke. The solution to this, for the short term, is to issue a paper ticket with the electronic one. For online transactions, this could be sent through the post or maybe even collected from a ticket machine? MK Metro issue a "validation receipt" from the bus ticket machine when a pass is loaded onto one of their contact-type smartcards. This is required when using one of the many Council-subsidised services not operated by MK Metro on which the tickets are valid. (I do wonder, out of interest, if MK Metro was involved in any research prior to implementation - are there any other bus operators in the country using a similar system, I wonder?) Of course, this won't work for pay-as-you go - but before that can be implemented for National Rail, there'll need to be as good as 100% reader coverage anyway. Neil -- Neil Williams is a valid email address, but is sent to /dev/null. Try my first name at the above domain instead if you want to e-mail me. |
Security of Oyster Cards
This thread is filling me with dread,Judge.
Over here in Ireland we have recently had a gent called Mr Churcher writing to the papers about his involvement in a "New Integrated Ticketing" system for Dublin`s public transport providers. Mr Churcher avers to his involvement with other systems such as Octopus in Hong Kong and speaks of adapting this technology to suit our particular operating conditions. The projected cost for the design and introduction of this Irish Octopus is 27 Million Euro. However given Mr Carmodys post re Helsinki`s adaptation I am now somewhat a-tremble at what lies ahead...... |
Security of Oyster Cards
Volker Hetzer wrote: Actually, today banknotes aren't naively stuffed fithe anti-forgery-features but the idea is to make it unprofitable to fake a banknote in a small-scale production. So, a forger is forced to go large-scale which in turn is easily detectable (duplicate serial numbers or unexplainable inflation for instance) and which also justifies a large-scale counteraction to find and disable him. I am not sure duplicated serial numbers or unexplainable inflation, especially the latter, are practical characteristics that are 'effectively' checkable. (Define 'unexplainable inflation'!) It's 'olds' now that e.g. 50 Euro banknotes had been forged quite well. They were presumably produced in regions not within EU influences. Someone told me that certain sophisticated techniques previously employed in DM are not used in Euro because Euro is made by diverse member countries and not all of them had such techniques at their disposal and so they agreed on sort of a gcd. M. K. Shen |
Security of Oyster Cards
Paul Corfield wrote in message . ..
On 18 Nov 2003 03:47:35 -0800, (Matthew) wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. [snip] I don't know if the mechanics system of this are documented anywhere, or have been analyzed by anyone independent, but I am wondering about the cryptographic approach used for this system. [snip] I can see potentially two (or three) ways of doing this system: [snip] Any insights better than mine into how the system works, and where vulnerabilites lie would be welcomed. Out of curiosity why do you wish to know? So why don't you simply attempt to board a bus in a zone outside the validity of your card and see what happens? This is far easier than divulging the coding and interrogation details of a secure system in a public forum. Apparently one of the sub threads got itself crossposted to alt.2600 :-O. Since when have hackers not divulged the details of secure systems in public forums? But just to put your mind at rest I'll include a special sig line that should attact some attention. --- ' The decline of the nuclear family and the fission of traditonal communities, has lead to an inertia in the pouplation time-bomb, sex can now also be used as a 'weapon of mass destruction' against those that that are seen as undesirable. All it takes is the suppourt of an extremist faction to ensure that a 'massacre'or atorcity of the rights of otherwise inocent lives is fufilled. |
Security of Oyster Cards
"Ernst Lippe" wrote in message ...
On Tue, 18 Nov 2003 03:47:35 +0000, Matthew wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. Apparently they work using a form of RFID very large snip Given the fact that these cards are smart cards, I believe that your speculations are wrong. I could not find any technical information about the card, but I have some experience with smart cards, so here are my speculations. The cards are manufactured by Philips, and are described here http://www.semiconductors.philips.co...nders/ebg0038/ Here is some interesting information regarding what is and isn't on the card (all the information is stored on the chip) from http://www.computerweekly.com/Article123251.htm Monk added that memory capacity is a key benefit of the Oyster card. "For example, the technology could offer discounts right across the different modes of transport in London," he said. "Current magnetic cards cannot provide the level of stored data that smartcards can." He also expects to see a decline in the amount of travelcard-related fraud and theft. "If someone steals an Oyster card we can deactivate it immediately and they are left holding nothing more than a piece of plastic." Apparently the promised ability to recharge the card by telephone and internet will operate in a rather inconvenient way (you will have to make your way to specific stations, even if your card happens to be a bus pass) 'Travellers can renew Travelcards on their Oyster card over the telephone or using the internet. The ticket is automatically loaded when the smartcard is touched on a dedicated card terminal at a Tube station gate at a nominated station.' It's difficult to see how something that operates in this way can hope to replace cash fares, as it is more difficult to charge the card than to even buy one of the current generation of magnetic cards (bus passes and travel cards), which are currently available from newsagents and other retailers, providing a convient service, as well as revenue source for the retailers. |
Security of Oyster Cards
Paul Corfield wrote in message . ..
On 18 Nov 2003 03:47:35 -0800, (Matthew) wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. [snip] I don't know if the mechanics system of this are documented anywhere, or have been analyzed by anyone independent, but I am wondering about the cryptographic approach used for this system. [snip] I can see potentially two (or three) ways of doing this system: [snip] Any insights better than mine into how the system works, and where vulnerabilites lie would be welcomed. Out of curiosity why do you wish to know? As one of the people who wrote the spec for Prestige (but not to the technical level of detail you are enquiring about) I am somewhat concerned. Perhaps you can enlighten me as to your motives? let me see. I could either be: (a) a criminal determined to save the £7.50/week cost of my zone 4 pass, and asking how to do this in a public forum, conveniently providing my name and email address or (b) someone with an enquiring mind intrigued about the technical workings of a system, and concerned/interested about the security of it. I will leave you to work it out. PS. Does anyone know whether the bus passes actually store zone information, and whether this is checked by the buses? I have a single-zone pass and I'm curious to know whether it would work in other zones. So why don't you simply attempt to board a bus in a zone outside the validity of your card and see what happens? This is far easier than divulging the coding and interrogation details of a secure system in a public forum. I don't believe that there is anything especially confidential about the mechanics of this system. True security works through secure keys and public algorithms, not by hiding ones methods. In fact, it is possible to buy mifare readers/writers online, as well as the cards, so the general principles are public knowledge. Trade secrets of this nature are usually protected by patents, which are published and available for all to see. The technical workings of this sytem, if not the precise coding and file structure, are most likely well-known. |
Security of Oyster Cards
On Tue, 18 Nov 2003 21:21:14 +0000, Dave Newt wrote:
Kai wrote: This is funny: "Because the Oyster card is contactless, customers only need to touch the cardreaders with their Oyster cards as they pass through ticket gates at London Underground or National Rail stations or board a bus. " If they are contactless, then whey do the customers need touch the cardreaders? :) They originally said you could keep it in your pocket and sail through the gates, but you can't! So they then changed it to the above wording. However, you can leave it in your bag and wave your bag over the reader (I have done it). I think they are just overstating the case so that people don't hold it six inches above the reader and then complain that it doesn't work. The reason that you need to be very close is that the cards have no internal power source, they get all their power from electromagnetic radiation from the reader. And the reader cannot send out very strong signals because that would interfere with other equipment. greetings, Ernst Lippe |
Security of Oyster Cards
Ernst Lippe wrote:
On Tue, 18 Nov 2003 03:47:35 +0000, Matthew wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. [...] I expect that this system should be fairly secure, breaking smart cards is certainly not trivial. Smart cards have been used for quite some time, e.g. as electronic purses, in several countries and as far as I know there have not been any major attacks against the smart cards themselves. It's not a partiularily smart card, and it is kinda old news, but the electronic bus tickets that were used here in New Zealand were broken. To quote Peter Gutmann's page: "In October 1997 I broke the security of the smart cards used by the Yellow Bus Company, Auckland's largest public transport organisation. These are 10-ride rechargeable cards that come in various forms (adult, child, different numbers of fare stages, and so on). As it turns out the cards have very little security, so that it's possible to recharge them or copy them without too much effort (to test this I created a demo $50 test card that was accepted by the reader as a normal bus pass). I informed the YBC of the problem, and the story was covered in Computerworld New Zealand, 26 January 1998." I beleive there was a similar attack developed against the Telecom phone-call cards, though I can't find any details of it so quite possibly it was just my imagination. [...] -- Michael Brown www.emboss.co.nz : OOS/RSI software and more :) Add michael@ to emboss.co.nz - My inbox is always open |
Security of Oyster Cards
Michael Brown wrote
I beleive there was a similar attack developed against the Telecom phone-call cards, though I can't find any details of it so quite possibly it was just my imagination. At one time BT phone-call cards used IR pulses to deactivate (melt) each token on the card. If you covered the relevant part of the card with eg a good quality clear nail polish the deactivation failed, and you could reuse the card forever. I don't think they work that way any more. Oyster cards have a few unexpected security risks - people tend to keep them in their wallets, and take their wallets out of their pockets to wave over the reader. Gives pickpockets a chance to eye up the wallet, and learn where its owner keeps it, and it gives thugs the chance/ inspiration to grab the wallet and run. The privacy implications aren't good either. All card usage is tracked offline, to prevent use by multiple people, and usage records stored for that purpose. The Police etc can ask for them (and may soon become able to demand them, but that's another story) and use them to track your movements. -- Peter Fairbrother |
Security of Oyster Cards
Paul Corfield wrote in message . ..
PS. Does anyone know whether the bus passes actually store zone information, and whether this is checked by the buses? I have a single-zone pass and I'm curious to know whether it would work in other zones. So why don't you simply attempt to board a bus in a zone outside the validity of your card and see what happens? This is far easier than divulging the coding and interrogation details of a secure system in a public forum. Well at the moment the system seems to let you travel on buses quite happily without charging you the full fa I bought a weekly travelcard on an oyster. When the travelcard expired I went to an LU ticketmachine to see what else, if anything, I could do with this Oystercard. Review journey history - quite interesting. Buy another season ticket - later maybe. Top up pre-pay - oh what's this? I topped up £2.50 and checked the card and sure enough it now showed a balance of £2.50. I leave the station and decide to take a bus. It's a DOO bus so it has a card reader by the driver. I blip the card onto the reader, it lights up green, the driver acknowledges the fare and I make my journey. I go into another tube station to check what has happened on the card's journey history; bus fare deducted 1p, balance £2.49. I did the same again later that evening from my local tube station to home so the first journey was clearly not an isolated incident. This happened about a week ago and checking the journey history yesterday indicates that LU haven't adjusted the balance on the card to deduct the bus fares at their proper amount. Now, I appreciate that pre-pay hasn't gone live officially yet, but it is possible to store value on the cards and use that value to buy single tube tickets - the machine prints you a paper one rather than loading the ticket onto the oyster. And you are charged the full fare for these tickets. Even so - being able to get an apparently valid[1] ride on a bus for a penny must surely be a bit of a bug? I'm not going to take the **** by making millions of bus journeys for a penny all over town, but the £1.68 I appear to have saved will count as some small recompense for the time and energy London Transport have stolen off me over the years through their failure to run a proper service. [1] Yes, yes I know it's probably not /really/ valid, but - a) the LED shows green and indicates a fare has been paid - b) the drivers and/or conductors don't really give a monkeys about collecting the correct fare or have the knowledge/training to appreciate what has just happened - c) I've lived in London for over 8 years and travelled extensively on tube, train and bus and I have seen a ticket check probably less that half a dozen times - d) even if an inspector did check your oyster card - would it tell him anything other than a valid fare had been paid? -- Cheers -sandy |
Security of Oyster Cards
On Wed, 19 Nov 2003 18:07:40 +1300, Michael Brown wrote:
Ernst Lippe wrote: On Tue, 18 Nov 2003 03:47:35 +0000, Matthew wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. [...] I expect that this system should be fairly secure, breaking smart cards is certainly not trivial. Smart cards have been used for quite some time, e.g. as electronic purses, in several countries and as far as I know there have not been any major attacks against the smart cards themselves. It's not a partiularily smart card, and it is kinda old news, but the electronic bus tickets that were used here in New Zealand were broken. To quote Peter Gutmann's page: "In October 1997 I broke the security of the smart cards used by the Yellow Bus Company, Auckland's largest public transport organisation. These are 10-ride rechargeable cards that come in various forms (adult, child, different numbers of fare stages, and so on). As it turns out the cards have very little security, so that it's possible to recharge them or copy them without too much effort (to test this I created a demo $50 test card that was accepted by the reader as a normal bus pass). I informed the YBC of the problem, and the story was covered in Computerworld New Zealand, 26 January 1998. Those cards were not real smartcards, they were simply memory cards, that do not contain any cryptographical keys and that generally are quite easy to duplicate. The distinction between memory cards and smartcards is very important from a security point of view. The oystercards are (simple) smartcards and simple duplication attacks should not work. I beleive there was a similar attack developed against the Telecom phone-call cards, though I can't find any details of it so quite possibly it was just my imagination. All disposible phone-call cards, that I know, are memory-cards (not full-blown smart-cards). They have been counterfeited quite frequently, and most telephone companies upgrade to new card types at regular intervals. In general, this not a very serious problem because the risk is quite manageable, just like fraud with creditcards. greetings, Ernst Lippe |
Security of Oyster Cards
In article ,
Matthew wrote: It's difficult to see how something that operates in this way can hope to replace cash fares, as it is more difficult to charge the card than to even buy one of the current generation of magnetic cards (bus passes and travel cards), which are currently available from newsagents and other retailers, providing a convient service, as well as revenue source for the retailers. Pass agents (ie, newsagents where you can buy a travelcard) are starting to get Oyster card updating hardware, too - the one opposite Finchley Central station in Station Road has one. I don't know what features their terminals have. -- Good night little fishey-wishes.... I've counted you, so no sneaky eating each other. -- FW (should I worry?) |
Security of Oyster Cards
(sandy) wrote in message . com...
I leave the station and decide to take a bus. It's a DOO bus so it has a card reader by the driver. I blip the card onto the reader, it lights up green, the driver acknowledges the fare and I make my journey. I go into another tube station to check what has happened on the card's journey history; bus fare deducted 1p, balance £2.49. I did the same again later that evening from my local tube station to home so the first journey was clearly not an isolated incident. This happened about a week ago and checking the journey history yesterday indicates that LU haven't adjusted the balance on the card to deduct the bus fares at their proper amount. This is very worrying. If there isn't sufficent audit carried out to spot this problem then they have not got a hope in hell of spotting hacked Oyster cards. Automated processes should be trawling through the reader events every day and flagging any cards with suspect transactions. This will reduce the life of any hacked card to less than 24 hours. The longer the period is between the checks then the longer the period that a hacked card will be useful for. Apparently this stands at one week and rising. At least it is taking some money off of you though, which was better than the older magnetic ticketing system which would under certain circumstances open the barriers when fed an expired travelcard (I jest not - Google has the details). Nice to see that Cubic have produced another quality system with our millions. -- Gareth Davis |
Security of Oyster Cards
Peter Fairbrother wrote:
Oyster cards have a few unexpected security risks - people tend to keep them in their wallets, and take their wallets out of their pockets to wave over the reader. Gives pickpockets a chance to eye up the wallet, and learn where its owner keeps it, and it gives thugs the chance/ inspiration to grab the wallet and run. Unexpected? Why is that any different from the situation with old-style mag-stripe season tickets? Are you suggesting that people who keep their Oyster in their wallet didn't keep their old season tickets there? -- Richard J. (to e-mail me, swap uk and yon in address) |
Security of Oyster Cards
On Wed, 19 Nov 2003 05:49:38 +0000, Peter Fairbrother
wrote: Michael Brown wrote I beleive there was a similar attack developed against the Telecom phone-call cards, though I can't find any details of it so quite possibly it was just my imagination. At one time BT phone-call cards used IR pulses to deactivate (melt) each token on the card. If you covered the relevant part of the card with eg a good quality clear nail polish the deactivation failed, and you could reuse the card forever. I don't think they work that way any more. There aren't any BT phonecards (at least in the sense of cards that you load value onto and put in a public phone) any more. However the first generation of BT phone cards were reputed to be very easy to hack - this sounds like why Oyster cards have a few unexpected security risks - people tend to keep them in their wallets, and take their wallets out of their pockets to wave over the reader. Gives pickpockets a chance to eye up the wallet, and learn where its owner keeps it, and it gives thugs the chance/ inspiration to grab the wallet and run. Good point that the risks often have as much, or more, to do with users' behaviour than the technical characteristics of the card. Though in practice do people keep their Oyster cards in their wallet? I keep mine in a separate wallet with my photocard, which is how I've carried my travelcard for years. The walllet with my cash and credit cards is separate, but of course it comes out when I want to buy a paper and a cup of coffee before I get on my train or bus. The privacy implications aren't good either. All card usage is tracked offline, to prevent use by multiple people, and usage records stored for that purpose. Again (and I'm aware this is controversial) I'm not convinced it's a big deal. Given the extent to which, in my case, Vodafone and Lloyds TSB can already track my movements,and that TfL is only monitoring my movements in terms of my use of their services, then I can't get worried about TfL having a record of my Oyster use. The Police etc can ask for them (and may soon become able to demand them, but that's another story) and use them to track your movements. OK - but that's an issue with whether the police have excessive powers, not specifically an issue with Oyster. In any case plastic cards tend to fall out of pockets, get stolen, and, however good the security, will eventually get cloned: all reasons why a plastic card being in a particular place isn't very strong evidence that its owner was in a particular place Martin |
Security of Oyster Cards
(Gareth Davis) wrote in message . com...
(sandy) wrote in message . com... I leave the station and decide to take a bus. It's a DOO bus so it has a card reader by the driver. I blip the card onto the reader, it lights up green, the driver acknowledges the fare and I make my journey. I go into another tube station to check what has happened on the card's journey history; bus fare deducted 1p, balance £2.49. I did the same again later that evening from my local tube station to home so the first journey was clearly not an isolated incident. This happened about a week ago and checking the journey history yesterday indicates that LU haven't adjusted the balance on the card to deduct the bus fares at their proper amount. This is very worrying. If there isn't sufficent audit carried out to spot this problem then they have not got a hope in hell of spotting hacked Oyster cards. Automated processes should be trawling through the reader events every day and flagging any cards with suspect transactions. This will reduce the life of any hacked card to less than 24 hours. The longer the period is between the checks then the longer the period that a hacked card will be useful for. Apparently this stands at one week and rising. At least it is taking some money off of you though, which was better than the older magnetic ticketing system which would under certain circumstances open the barriers when fed an expired travelcard (I jest not - Google has the details). Nice to see that Cubic have produced another quality system with our millions. I think that this isn't a security fault as such, but rather a bug/"feature" of a system that hasn't become fully operational yet. I do wonder why the bus oyster readers simply aren't set up to reject prepay cards as the tube gate readers are. -- -sandy |
Security of Oyster Cards
(sandy) wrote in message . com...
(Gareth Davis) wrote in message . com... (sandy) wrote in message . com... I leave the station and decide to take a bus. It's a DOO bus so it has a card reader by the driver. I blip the card onto the reader, it lights up green, the driver acknowledges the fare and I make my journey. I go into another tube station to check what has happened on the card's journey history; bus fare deducted 1p, balance £2.49. I did the same again later that evening from my local tube station to home so the first journey was clearly not an isolated incident. This happened about a week ago and checking the journey history yesterday indicates that LU haven't adjusted the balance on the card to deduct the bus fares at their proper amount. This is very worrying. If there isn't sufficent audit carried out to spot this problem then they have not got a hope in hell of spotting hacked Oyster cards. Automated processes should be trawling through the reader events every day and flagging any cards with suspect transactions. This will reduce the life of any hacked card to less than 24 hours. The longer the period is between the checks then the longer the period that a hacked card will be useful for. Apparently this stands at one week and rising. At least it is taking some money off of you though, which was better than the older magnetic ticketing system which would under certain circumstances open the barriers when fed an expired travelcard (I jest not - Google has the details). Nice to see that Cubic have produced another quality system with our millions. I think that this isn't a security fault as such, but rather a bug/"feature" of a system that hasn't become fully operational yet. I do wonder why the bus oyster readers simply aren't set up to reject prepay cards as the tube gate readers are. You managed to make a journeys costing less than the minimum bus fare. The SQL query against the database of card usage to report events like that is trivial and given sufficently powered servers hosting the database should be completed in a very short time frame (i.e. minutes if not seconds) using data from the previous days card transactions. The fact that simple (in programming terms) audits are not happening suggests that the more complex stuff matching journeys with ticket validity is also not happening. This does not bode well for the future. The more the MiFare cards are rolled out round the world then the higher the return to be made from cracking them. Or to put it into perspective, I think it is fair to say that more people will soon be using the MiFare system each day in London alone than used the pay TV system of ITV digital whose smart cards were hacked at great expense (to the hackers). I have not seen any evidence to suggest MiFare is (currently) insecure but you always need more than one level of security, if not to guard against malicious hacking then to guard against a cock up such as setting a 1p fare for a bus journey when the minimum bus fare is 70p (or 65p? with saver tickets). -- Gareth Davis |
Security of Oyster Cards
Richard J. wrote
Peter Fairbrother wrote: Oyster cards have a few unexpected security risks - people tend to keep them in their wallets, and take their wallets out of their pockets to wave over the reader. Gives pickpockets a chance to eye up the wallet, and learn where its owner keeps it, and it gives thugs the chance/ inspiration to grab the wallet and run. Unexpected? Why is that any different from the situation with old-style mag-stripe season tickets? Are you suggesting that people who keep their Oyster in their wallet didn't keep their old season tickets there? To quote RP on another list: "However, you still have to get your wallet out, as the range is reportedly not enough otherwise. I'd rather *not* take my wallet out in a place like Kings Cross, and so I always keep my paper ticket in the breast pocket of my shirt - where it's really easy to take out and use." Personally, I keep them in my left trousers back pocket. -- Peter Fairbrother |
Security of Oyster Cards
Gareth Davis wrote:
The more the MiFare cards are rolled out round the world then the higher the return to be made from cracking them. Or to put it into perspective, I think it is fair to say that more people will soon be using the MiFare system each day in London alone than used the pay TV system of ITV digital whose smart cards were hacked at great expense (to the hackers). The smartcard/encryption used by ITV digital was the SECA system developed by CANAL+ and used widely throughout Europe on other pay-TV networks. Far more people than the 1.1 million ITV digital subscribers stood to be able to benefit from the system being cracked. |
Security of Oyster Cards
Martin Rich typed
There aren't any BT phonecards (at least in the sense of cards that you load value onto and put in a public phone) any more. However the first generation of BT phone cards were reputed to be very easy to hack - this sounds like why Aren't there? What became of 'phonecard plus'? -- Helen D. Vecht: Edgware. |
Security of Oyster Cards
"Ernst Lippe" wrote in message ...
Even though there are some possible attacks, in general it is very difficult to extract those keys from the smart card. No it isn't. You rip the lid off the chip and put the EEPROM under a special microscope. I forget the actual technique used but its been done. Admittedly its way out of the league of your one man operation but don't think that professional fraud gangs arn't able to do it. Companies always expect the software attack but they never think of the hardware attack. If you can physcally read the transister/capacitor values then you can get the data out and given that the memory in most of these cards is only a few kilobytes this wouldn't take too long. Even encrypting the data is a waste of time since even if you the fraudster doesn't understand what he's seeing he can still make an exact copies of it onto operationally identical hardware (ie duplicate the cards). Of course whether a duplicated card or any data extracted from it is any use is another question. B2003 |
Security of Oyster Cards
|
Security of Oyster Cards
On Fri, 21 Nov 2003 12:41:45 GMT, Helen Deborah Vecht
wrote: Martin Rich typed There aren't any BT phonecards (at least in the sense of cards that you load value onto and put in a public phone) any more. However the first generation of BT phone cards were reputed to be very easy to hack - this sounds like why Aren't there? What became of 'phonecard plus'? My source is http://www.payphones.bt.com/2001/pho...s/prepaid.html - this does talk about various dates in April and Septamber 2003 in the future tense, so it may not be completely authoritative (if you see what I mean) Martin |
Security of Oyster Cards
On Wed, 19 Nov 2003 05:49:38 +0000, Peter Fairbrother
wrote: Oyster cards have a few unexpected security risks - people tend to keep them in their wallets, and take their wallets out of their pockets to wave over the reader. Gives pickpockets a chance to eye up the wallet, and learn where its owner keeps it, and it gives thugs the chance/ inspiration to grab the wallet and run. Well, I keep mine in the cardholder that came with it. It's exactly the same as the Travelcard holder except for different colours and the Oyster logos. My wallet stays in my trousers, where it belongs. The privacy implications aren't good either. All card usage is tracked offline, to prevent use by multiple people, and usage records stored for that purpose. The Police etc can ask for them (and may soon become able to demand them, but that's another story) and use them to track your movements. This may be a difficulty. With Blunkett wanting to keep an eye on us 24 hours a day, we may have to call the Government on this one. The card itself keeps a record of the last three trips, I'm told. I wonder if, under freedom of information rules, we might be able to demand a record of what information TfL has on where we've been. -- Chris Hansen | chrishansenhome at btinternet dot com |
Security of Oyster Cards
On Sat, 22 Nov 2003 10:09:09 +0000 (UTC), Christian Hansen
wrote: On Wed, 19 Nov 2003 05:49:38 +0000, Peter Fairbrother wrote: Oyster cards have a few unexpected security risks - people tend to keep them in their wallets, and take their wallets out of their pockets to wave over the reader. Gives pickpockets a chance to eye up the wallet, and learn where its owner keeps it, and it gives thugs the chance/ inspiration to grab the wallet and run. Well, I keep mine in the cardholder that came with it. It's exactly the same as the Travelcard holder except for different colours and the Oyster logos. My wallet stays in my trousers, where it belongs. The privacy implications aren't good either. All card usage is tracked offline, to prevent use by multiple people, and usage records stored for that purpose. The Police etc can ask for them (and may soon become able to demand them, but that's another story) and use them to track your movements. This may be a difficulty. With Blunkett wanting to keep an eye on us 24 hours a day, we may have to call the Government on this one. The card itself keeps a record of the last three trips, I'm told. I wonder if, under freedom of information rules, we might be able to demand a record of what information TfL has on where we've been. The card has more than the last three trips. Have a look on the touch screen machines at Tube stations (have a look on the 'View Oyster Card Usage')( Try the Data Protection Act. Yes, I'm pretty sure you'd be entitled to a record of details held by TfL. Why not check with them? Rob. -- rob at robertwoolley dot co dot uk |
All times are GMT. The time now is 04:43 AM. |
|
Powered by vBulletin®
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2006 LondonBanter.co.uk