Home |
Search |
Today's Posts |
![]() |
|
London Transport (uk.transport.london) Discussion of all forms of transport in London. |
Reply |
|
LinkBack | Thread Tools | Display Modes |
#11
![]() |
|||
|
|||
![]() "Matthew" wrote in message om... I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. This is funny: "Because the Oyster card is contactless, customers only need to touch the cardreaders with their Oyster cards as they pass through ticket gates at London Underground or National Rail stations or board a bus. " If they are contactless, then whey do the customers need touch the cardreaders? ![]() Here's a bit of info on the cards themselves: http://rapidttp.com/transponder/presre13.html I have one similar (dumb card) produced by honeywell for my work badge. It simply contains an eprom with an embedded code, which is activiated when swiped near a transponder containing an EM field. The transponder reads the code, sends the information to a computer which then decided whether or not to unlock the door. (Oddly enough I have no physical access to the mainframe. Probably a good idea.) I read recently that Phillips - who makes the Oyster card - is going to roll these out in a massive scale in China for transportation purposes. K (Smile, you're happy now.) |
#13
![]() |
|||
|
|||
![]() Kai wrote: "Matthew" wrote in message om... I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. This is funny: "Because the Oyster card is contactless, customers only need to touch the cardreaders with their Oyster cards as they pass through ticket gates at London Underground or National Rail stations or board a bus. " If they are contactless, then whey do the customers need touch the cardreaders? ![]() They originally said you could keep it in your pocket and sail through the gates, but you can't! So they then changed it to the above wording. However, you can leave it in your bag and wave your bag over the reader (I have done it). I think they are just overstating the case so that people don't hold it six inches above the reader and then complain that it doesn't work. |
#14
![]() |
|||
|
|||
![]()
In message , Dave Newt
writes Kai wrote: "Matthew" wrote in message om... I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. This is funny: "Because the Oyster card is contactless, customers only need to touch the cardreaders with their Oyster cards as they pass through ticket gates at London Underground or National Rail stations or board a bus. " If they are contactless, then whey do the customers need touch the cardreaders? ![]() They originally said you could keep it in your pocket and sail through the gates, but you can't! So they then changed it to the above wording. However, you can leave it in your bag and wave your bag over the reader (I have done it). I think they are just overstating the case so that people don't hold it six inches above the reader and then complain that it doesn't work. Sometimes just waving it over the reader doesn't work; you may have been lucky. From my observation and experience, some readers are more sensitive than others. -- Kat Women and cats will do as they please, and men and dogs should relax and get used to the idea - Robert A. Heinlein |
#15
![]() |
|||
|
|||
![]()
Mok-Kong Shen wrote in message ...
John Hadstate wrote: (Matthew) wrote in message Access to the information is only possible using secret keys specific to that card, known only to devices permitted to process the cards. These cards are very difficult to break into, making the cards very secure; in the unlikely event that a card has its key broken then the system - and all other cards - will remain secure. If memory serves the system is based on the Philips MiFare system which you can read all about (including the 3 pass authentication procedure) at: http://www.semiconductors.philips.co...sheets/#mifare The key length in use is 48 bits per sector of the card, given the fastest that the select and authentication phase can be completed in is 5ms then it would take over 44.5 thousand years to try all the combinations. And this would only grant you access to a single part of the card. I would expect several sectors to be used in practise, perhaps split up between ticket types and stored payment uses. Direct attack on the cards is clearly out of the question, since all the cards should (I say should, given the vulnerability that used to be present in the old magnetic ticketing system I would not put it past Cubic to screw it up again) have different keys programmed onto them, then attacking multiple cards at the same time is a pointless exercise - unless you were lucky to get a card with a key near the beginning of your test range. We already know that the system 'trusts' the content of the card and there is no live database link available to all of the readers, otherwise we would not have to 'collect' tickets purchased online from a designated gateline. Giving everything a live link would be prohibitively expensive (mobile and handheld units are in use on moving vehicles that may be underground) and would only ever be required if the keys were broken. However if the keys are broken and cards rewritten then I do not see how the system can detect it. Other then perhaps some kind of off line database crawling process looking for anomalies. All of the above adds up to a classic case of "security by obscurity." This might mean that the inventors have already identified or suspect weaknesses in their system that they hope will remain undiscovered if no one is permitted to analyze their system too closely. I believe the card interface system is fairly secure on paper, the question is how secure is the rest of the infrastructure around it? I would expect the keys to leak out of the staff that designed the system before they are cracked, or the website backend to be hacked to start issuing recharge requests without payment. Even if the keys were broken they can be rewritten on the cards making the whole system secure again, although the amount of time it would take to rewrite all the cards may be vast, certainly not an overnight fix - but could be done quietly without anyone having to own up to the problem. Also once a suspect card gets a cancel request raised it then I would expect all mobile terminals to know about it within hours (as soon as they are docked next). Overall I believe the system does have good potential to recover from a compromise BUT it has to be noticed first. On the other hand, if the cost/risk of analysis is sufficiently high, there would be 'practical' security, I suppose. (Actually, banknotes are similar in this respect, I believe. There are saying, though, that the techniques/knowhow of the fraudsters are now quite comparable to those of the governments in making banknotes.) M. K. Shen The rewards in cracking this system are also very high though, given the retail cost of travel passes. I personally spend about 800UKP on travel in London each year, and I live and work about 4 miles from the centre. People made money selling tickets that exploited a problem in the magnetic ticketing system because of this cost but these tickets were obviously not valid for travel to the naked eye. However the real fraud with the smart cards is already happening and is far less technical. Most of the railway companies operating out of London have not equipped their ticket barriers to accept the smartcards or issued their staff with scanners (or maybe they just can't be bothered to carry them). The result is the staff have to assume you have a valid ticket loaded onto your smart card if you are carrying one because they have no way of checking otherwise. For those of you who have never seen one, they all look identical and you usually do not get a printed paper receipt to go with it if you book online. Pretending you have a valid pass on a line where you know it will not get scanned is the real weakness at the moment, and it is this that makes the whole system a bit of a joke. I'm sure the tens of millions could have been better spent elsewhere on the network with a much larger benefit for the passengers. -- Gareth Davis |
#16
![]() |
|||
|
|||
![]()
On 18 Nov 2003 13:40:14 -0800, (Gareth
Davis) wrote: Pretending you have a valid pass on a line where you know it will not get scanned is the real weakness at the moment, and it is this that makes the whole system a bit of a joke. The solution to this, for the short term, is to issue a paper ticket with the electronic one. For online transactions, this could be sent through the post or maybe even collected from a ticket machine? MK Metro issue a "validation receipt" from the bus ticket machine when a pass is loaded onto one of their contact-type smartcards. This is required when using one of the many Council-subsidised services not operated by MK Metro on which the tickets are valid. (I do wonder, out of interest, if MK Metro was involved in any research prior to implementation - are there any other bus operators in the country using a similar system, I wonder?) Of course, this won't work for pay-as-you go - but before that can be implemented for National Rail, there'll need to be as good as 100% reader coverage anyway. Neil -- Neil Williams is a valid email address, but is sent to /dev/null. Try my first name at the above domain instead if you want to e-mail me. |
#17
![]() |
|||
|
|||
![]()
This thread is filling me with dread,Judge.
Over here in Ireland we have recently had a gent called Mr Churcher writing to the papers about his involvement in a "New Integrated Ticketing" system for Dublin`s public transport providers. Mr Churcher avers to his involvement with other systems such as Octopus in Hong Kong and speaks of adapting this technology to suit our particular operating conditions. The projected cost for the design and introduction of this Irish Octopus is 27 Million Euro. However given Mr Carmodys post re Helsinki`s adaptation I am now somewhat a-tremble at what lies ahead...... |
#18
![]() |
|||
|
|||
![]() Volker Hetzer wrote: Actually, today banknotes aren't naively stuffed fithe anti-forgery-features but the idea is to make it unprofitable to fake a banknote in a small-scale production. So, a forger is forced to go large-scale which in turn is easily detectable (duplicate serial numbers or unexplainable inflation for instance) and which also justifies a large-scale counteraction to find and disable him. I am not sure duplicated serial numbers or unexplainable inflation, especially the latter, are practical characteristics that are 'effectively' checkable. (Define 'unexplainable inflation'!) It's 'olds' now that e.g. 50 Euro banknotes had been forged quite well. They were presumably produced in regions not within EU influences. Someone told me that certain sophisticated techniques previously employed in DM are not used in Euro because Euro is made by diverse member countries and not all of them had such techniques at their disposal and so they agreed on sort of a gcd. M. K. Shen |
#19
![]() |
|||
|
|||
![]()
Paul Corfield wrote in message . ..
On 18 Nov 2003 03:47:35 -0800, (Matthew) wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. [snip] I don't know if the mechanics system of this are documented anywhere, or have been analyzed by anyone independent, but I am wondering about the cryptographic approach used for this system. [snip] I can see potentially two (or three) ways of doing this system: [snip] Any insights better than mine into how the system works, and where vulnerabilites lie would be welcomed. Out of curiosity why do you wish to know? So why don't you simply attempt to board a bus in a zone outside the validity of your card and see what happens? This is far easier than divulging the coding and interrogation details of a secure system in a public forum. Apparently one of the sub threads got itself crossposted to alt.2600 :-O. Since when have hackers not divulged the details of secure systems in public forums? But just to put your mind at rest I'll include a special sig line that should attact some attention. --- ' The decline of the nuclear family and the fission of traditonal communities, has lead to an inertia in the pouplation time-bomb, sex can now also be used as a 'weapon of mass destruction' against those that that are seen as undesirable. All it takes is the suppourt of an extremist faction to ensure that a 'massacre'or atorcity of the rights of otherwise inocent lives is fufilled. |
#20
![]() |
|||
|
|||
![]()
"Ernst Lippe" wrote in message ...
On Tue, 18 Nov 2003 03:47:35 +0000, Matthew wrote: I am interested in the mechanics of these cards, which are smart cards for use on London's transport system. One would hope given the reported £1billion+ that they are secure. Apparently they work using a form of RFID very large snip Given the fact that these cards are smart cards, I believe that your speculations are wrong. I could not find any technical information about the card, but I have some experience with smart cards, so here are my speculations. The cards are manufactured by Philips, and are described here http://www.semiconductors.philips.co...nders/ebg0038/ Here is some interesting information regarding what is and isn't on the card (all the information is stored on the chip) from http://www.computerweekly.com/Article123251.htm Monk added that memory capacity is a key benefit of the Oyster card. "For example, the technology could offer discounts right across the different modes of transport in London," he said. "Current magnetic cards cannot provide the level of stored data that smartcards can." He also expects to see a decline in the amount of travelcard-related fraud and theft. "If someone steals an Oyster card we can deactivate it immediately and they are left holding nothing more than a piece of plastic." Apparently the promised ability to recharge the card by telephone and internet will operate in a rather inconvenient way (you will have to make your way to specific stations, even if your card happens to be a bus pass) 'Travellers can renew Travelcards on their Oyster card over the telephone or using the internet. The ticket is automatically loaded when the smartcard is touched on a dedicated card terminal at a Tube station gate at a nominated station.' It's difficult to see how something that operates in this way can hope to replace cash fares, as it is more difficult to charge the card than to even buy one of the current generation of magnetic cards (bus passes and travel cards), which are currently available from newsagents and other retailers, providing a convient service, as well as revenue source for the retailers. |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
![]() |
||||
Thread | Forum | |||
Oyster Cards damaged by proximity door entry cards | London Transport | |||
Oyster and the b***y security question!! | London Transport | |||
New National Security Technology ignored that might have stopped the bombing | London Transport | |||
removing staff? What happens to security? | London Transport | |||
How do you enter your security answer on the Oyster Sales site? | London Transport |