Oyster Cards vulnerable to RFID hack, lots of other systems too
By Nilay Patel 
posted March 14th 2008 1:47PM
posted March 14th 2008 1:47PM
Cities / countries using the Mifare Classic for access control and / or mass transit ticketing:
- London (Oyster Card)
- Boston
- Netherlands (OV-Chipkaart)
- Minneapolis / St. Paul
- South Korea (Upass, T-money, Mybi)
- Hong Kong
- Beijing
- Milan
- Madrid (Sube-T)
- Australia (Smartrider)
- Sao Paulo (Bilhete Unico)
- Rio de Janeiro (RioCard)
- Bangkok
- New Delhi
This worries me, especially since the Oyster card technology has been integrated into a Barclaycard...
http://www.barclaycard.co.uk/personal-home/cards/onepulse-hero/index.html
If this hits BBC news, its all over for the oyster card in London.
Of course it probably wont.
Over here in Boston we definitely have wide spread RFID mass transit use. But what I'm wondering is if one of our cards can be hacked to put unlimited access to mass transit..lol.
But on a serious note, buildings here in the financial district all use RFID cards for secure access, including buildings such as the Federal Reserve Bank so I'm hoping no one really begins to exploit these cards.
Are you sure it's RFID? The company I work for uses cards that don't need a bar code because they have to be close enough for a magnetic field to trigger the lock.
@Kris
I know that its probably half and half. Older companies seem to be using RFID, but seems as if some companies do use the strip. The company I work for though uses RFID because when its together in my wallet with my Mass Transit card they conflict with one another on occasion.
I believe Marta in Atlanta uses Mifare. At least, my card reader is able to read the CSN of the cards, but not the data... wish some more info was released on this so I could learn how to break the encryption. :)
Sweet, someone else from Atlanta that though "Gee, I bet I could do this..."
I don't use marta much, and I'm sure the temporary cards are worthless, but if you find someone that has the plastic cards, then you can probably cheat and use their account so long as they aren't on the rail. I say this because my friend had to buy two cards when he and his wife were going to travel, he thought he could get away with just swiping the card twice!
It's time for a technology upgrade. Good thing these hackers are honest.
no technology for the people will be safe, were not that special
I wonder what type of RFID my school ID has in it (Drexel)... If it's similar, I might have to try and clone it... Free lunch at the dining hall, hell yeah.
Mifare is a proximity card. Sniffing it "wirelessly" needs to be done with no interference (ie no metal near the card) in a range under 5cm. It also takes a couple seconds to do, I doubt that you could do it by just walking by...
I've built a 14443 stack, it's easy to hack but it's security lies in it's limited range. It's almost as easy to just steal the card as it is to sniff it.
Isn't the level of security provided by "proximity" determined by the quality of the hackers' antenna and transceiver?
With a better transmitter, receiver, and antenna - and a longer time to collect samples then the "swipe" time envisioned by the system designers, I believe the hackers have an advantage.
Nah, proximity devices aren't read with a normal antenna. They're read with magnets, which have a strength that degrades exponentially with increasing distance. A magnet capable of reading a proximity card at more than a few inches' distance would also be capable of lifting a car (and scrambling the proximity card's data, for that matter).
The exponent is based on the size of the antenna. A ring antenna the size of a backpack can read prox cards several feet away. A ring antenna the size of a desk can read them yards away. If you can put the antenna in a kiosk or sign enclosure adjacent to a driveway or corner where vehicles slow down, you can sniff cards in vehicles as they drive by.
Well, we had people showing how you could crack RFID via a typicall cell phone. Why anyone would use this in an actual product, I have no idea.
RFID is a cool concept but its specifications and implementations leave a lot to be desired.
there's a big difference between RFID itself (an extremely broad specification for identification over radio frequencies), which has no security whatsoever, and applications of RFID, which almost always include security measures of some sort.
True, most of these suck, but they can be very secure. The problem is any kind of major encryption technology requires some pretty beefy computation capability for a device with no internal power source and severely limited real estate. Asymmetric ciphers, for example, require both parties to store and work with three very large numbers (their public key, their private key, and the other party's public key), and the initial handshake (in which session keys are exchanged over the asymmetric cipher so faster, symmetric ciphers can take over) requires a mathematically complex operation (dividing, exponentiating, and calculating the modulus of these extremely large numbers).
The Oyster system is used for more than just underground. It's used on the whole London Public Transport System, buses, trains, etc.
They should have used the DreamStream encryption. From my research, it is the only solution to the RFID problem.
DreamStream isn't anything special. It's just a typical encryption scheme using a typical encryption method. And "military-grade" encryption doesn't really mean much. You can get this exact same level of encryption on any desktop, laptop, or cell phone for free -- download gpg (GNU Privacy Guard) and pgp (Pretty Good Privacy) and you can generate 2048-bit asymmetric encryption keys all day long. SSL uses RSA and DES(2), and banks use SSL. GPG/PGP can use RSA or ElGamal along with DES(2), IDEA, and other symmetric 'session' key ciphers.
Just another "check" in the PRO column of spending $100 to fast track my U.S. passport just before RFID implementation.
I thought RFID implementation went in in January of last year?
Kris:
Thats correct. I nabbed mine Fall, 2006.
my building uses these... wont tell you where, but yah... aint technology grand?
where?
All the public transport in Santiago de Chile uses the same RFCard system.
Ah the wonderful cat and mouse game of technology. First the scare about your house getting broken into because of primitive key techonology. Now transit systems and possibly US federal buildings being compromised due to the failure of a digital key.
Though one standard does hold true.."Three men can keep a secret if two of them are dead." Hopefully such drastic actions will never be taken to keep encryption techonology as secure.
I wonder what system the Visa Wave and Pay and MasterCard PayPass use, I can live with issues with Oyster but with the Banks in London trying to ram through the wireless payment systems it could be interesting. When they sent me details about it I rang instantly and asked for a card without it. The call centre people couldn't understand why I wouldn't want this excellent technology!
The systems used by Visa and MasterCard are proximity-based, like the security cards used for access to my work. To put that into context, the door these cards unlock has two armed guards and a number of security cameras behind it, and the building has large panoramic cameras outside.
I called and asked for my bank to replace my PayPassed Mastercard and they told me they wern't making the regular cards anymore... so mine met a hammer :)
Believe it or not they are not using any security. I have a reader that I hook into my pc and run hyperterminal. I wave my Chase blink card by and presto, my name, account number, and expiration date appear on the screen. The UVA researcher said as much in his interviews.
You can however easily block someone from doing this by keeping your card in a Secure Sleeve(tm). It is a shielded card sleeve. You can buy them for a couple bucks a piece at www.idstronghold.com
If a man can make it, it can always be counterfeited and/or compromised. I don't think there will ever be a fully secure system because someone will always find a way to get around it. And this is just another example of that.
That's true, but there's a difference between "hard to clone" and "easy to clone." When you use stuff in the latter category for sensitive information, that's when bad things start to happen frequently.
Suer, if it can be done by one person, it can be done by another... but shared secrets of sufficient granularity are enough. It's possible for two people to generate the same 4096-bit encryption key, but it's not likely.
It's also possible to convert a public key into a private key, but it requires significantly more time than the expected life of the Sun at 4096 bits.
Why don't these things just use RSA? You could flash a 1K ROM with a 4096-bit keypair at construction time and require a handshake with the authenticating device. It's not rocket science. (But it is computer science! Luckily, that I know!)
The attacker collects data.
So you company it with a human system. Pop up on screen a picture of the person. Take a picture as card is scanned. Have guard compare them. Heck, have facial recognition compare them. Even poor facial recognition can detect if two are significantly different [easier to do than decide they are the same].
false alerts would become problematic. How upset would a worker be if he was approached by a guard who is at full alert.
And while we're at it, you could use the public key as the RFID id since it'd be unique anyway.
Er, oops, this was supposed to be in reply to Eric's comment three comments up!
??? Shoes? someone ban this guy, Ryan? Peter? Nilay?
RE: WholesaleShoescn reply to the first post.
Gah, we're on it. Thanks for the reminder!
Couldn't be Happier!!!
Personally, I hate RFID in relation to personal info and money transfers. There are things that should NEVER be wireless. Passports, Credit Cards, medical history, social security numbers. If it's related to me, I don't want it wireless. Leave RFID to inventory control.
Woops, that's what I get for taking a liquid lunch, forgot to mention my "point".
...hopefully RFID being hacked will jog some certain individuals "common sense" enough that they may reconsider placing that technology into the items I mentioned above.
the way corporate america and republicans looks at it... humans=inventory
Wow fuma, +1 "Insightful"
A little perspective may help. I doubt anyone is going to have the time or the opportunity in the London tube network to hang around a swipe station with a laptop as demonstrated.
To be even more frank we have far more serious things to worry about dealing with terror attacks, if anyone is callous enough to waste the time of the TFL staff and the security forces trying to make a quick buck with this scam they are pond life.
Sure it's a computer now, but given a few weeks/months it will be an "ipod" that someone sets on the reader for a second or two as they look for their card. This is just a concept hack right now. Given enough time and will, someone will make it faster/stronger/better.
There's plenty of opportunity on the little used stations, such as the Overground network for example. Little to no staff means that someone equipped with the gear could easily extract the Oyster system encryption key with no disturbance...
RFID, contactless or contact card chips are like your computer systems, either in your offices or at homes. Just because the computer systems are hackable, does THAT fact stops you from using your computer systems? No...you just build your security surrounds it...that's all. There is no need to cry baby that these are my personal infos that I won't want them to be hacked. Ask yourself, how many personal infos you keep in your computer systems?
Uh, Hong Kong's Octopus card system is based on Felica, not Mifare.