[funsec] Dutch University Can Publish Controversial Oyster Research
fergdawg at netzero.net
Fri Jul 18 11:37:29 CDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Via El Reg.
Dutch researchers will be able to publish their controversial report on the
Mifare Classic (Oyster) RFID chip in October, a Dutch judge ruled today.
Researchers from Radboud University in Nijmegen revealed two weeks ago they
had cracked and cloned London's Oyster travelcard and the Dutch public
transportation travelcard, which is based on the same RFID chip. Attackers
can scan a card reading unit, collect the cryptographic key that protects
security and upload it to a laptop. Details are then transferred to a blank
card, which can be used for free travel.
Around one billion of these cards have been sold worldwide. The card is
also widely used to gain access to government departments, schools and
hospitals around Britain.
Chipmaker NXP - formerly Philips Semiconductors - had taken Radboud
University to court to prevent researchers publishing their controversial
report on the chip during a the European computer security conference in
Spain this autumn.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
-----END PGP SIGNATURE-----
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the funsec