We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
How to hack London's Oyster travel card

How to hack London's Oyster travel card

Researcher publish full details of security flaws in TfL RFID smartcard

Article comments

Researchers have published a cryptographic algorithm and source code that could be used to duplicate Transport for London’s Oyster smart card.

Scientists from the Dutch Radboud University Nijmegen presented their findings during the Esorics security conference on in Malaga, Spain, on Monday . They also published an article with cryptographic details.

Their presentations show how to circumvent the security mechanism of NXP Semiconductor's Mifare Classic RFID cards, which are widely used to provide access control to buildings and public transportation systems.

Researchers had previously reported that they had broken cryptography used in Mifare Classic, but NXP sued to prevent the information from being made public. The company asked for a lengthy delay to give customers enough time to secure their systems. However, a Dutch court ruled that free speech protected the researchers and that they shouldn't fall victim to mistakes made by the supplier.

Some details on the Mifare encryption were already public, but the publication of the Dutch paper marks the first time this information has been disclosed in a complete form, making it easy for a determined attacker to clone one of the cards.

In the paper, the researchers say they discovered the workings of the chip by analysing communication between the chip and the reader. An RFID-compatible device, the Ghost, was made to function independently from a computer. Ultimately they were able to obtain the cryptographic protocol. One issue is that the reader has to communicate in a predictable way, which opened the path to data analysis.

When the mechanism was cracked, the scientists were able to crack keys in less than a second using an industry standard computer with only 8M bytes of memory.

Now read

Transport for London wants £1m compensation for Oyster card outages

Share:

Comments

Advertisement
Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *