bowchurch
The next train on Platform 2 is the District Line to...
Posts: 86
Member is Online
|
Post by bowchurch on Jan 24, 2008 1:33:45 GMT
The Dutch transit smartcard system has been successfully compromised by researchers at a university. Report here: www.cs.vu.nl/~ast/ov-chip-card/ There seem to be two types of card in use, one (based on Mifare Ultrelight) has been compromised to the point where cards can be rewritten to enable card copying and credit to be added. The other card type (Mifare Classic) has had it's cryptographic code exposed making it possible to gain read/write access to the card in minutes for someone with sufficient technical knowledge - although no one has proven this concept yet apparently. From reading around it looks like Oyster is based on Mifare Classic (Mifare 1K). If so this is a worrying development for TFL. |
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Jan 24, 2008 23:47:54 GMT
They have worked out the algorithm, but this is only a first step. I'm no expert on security systems, but the algorithm may well require input of additional data from a source to which the hacker would not have access.
This input is known as a key. It could be on the reader itself, or preferably made up of certain encoded data that is extracted from information given when registering, such as the credit card number or the encoded name of the person who purchased it (even if not fully registered).
To clarify, the reader would take the card number, access the database and extract the stored key (that isn't on the chip itself) and feed that key to the algorithm on the chip to fully decode the encrypted data such as the balance.
So it isn't necessarily enough to have the algorithm, you need the key too.
On the other hand, it could be a goner!
|
|
bowchurch
The next train on Platform 2 is the District Line to...
Posts: 86
Member is Online
|
Post by bowchurch on Jan 25, 2008 2:16:28 GMT
So it isn't necessarily enough to have the algorithm, you need the key too. Absolutely right about the key. Assuming you didn't have the algorithm and you tried to brute force the key (try each possible one in sequence until you get a match) would take tens of years due to the slowness of the processor in the mifare card. If you are able to somehow capture the data exchange between a card and reader you can use the algorithm to extract the key from the exchange in a few minutes with some maths. This makes finding the key a much more viable proposition. If that key was only used on that one card then the damage would be limited because only that single card would be compromised, but if all cards used the same key the entire system would then be compromised. For a system where you have mobile readers not connected to a network you cannot have a random key for every card held in a central database. How random this link between card number and card key is, will be what saves the Oyster system from being left wide open should someone try and prove the concept of key extraction. I notice the Dutch system was built by exactly the same consortium that were responsible for Oyster. So there is a chance that any error made in the implementation there could have happened in London. |
|
