Report: Oyster card crypto leak

Snip from an item on Wikileaks:
Chip company NXP Semiconductors is to sue Radboud University in an attempt to halt the publication of a paper detailing the cryptographic cracking of the Oyster smartcard, used widely on the London transport network.

The case is to be heard on Thursday in a court in Arnheim, NXP told on Tuesday. However, an NXP spokesperson declined to give any reasons at present for the company seeking to halt the publication.

Researchers from the Radboud University in Nijmegen last month claimed to have cracked the security on the Oyster card, which uses an NXP chipset called Mifare Classic. The research had led on from a cryptographic crack of Mifare Classic by German researchers Karsten Nohl and Henryk Pltz.

A spokesperson for Radboud University told that NXP wanted to stop publication of the paper due to "safety reasons". However, the spokesperson said that the university intended to proceed with the publication of the research at the Esorics conference in Malaga in October. The court is expected to reach a decision next week.

Well, it does appear they're leaked. Lawsuit to stop the paper publication isn't going to do a heck of a lot of good now.

Censored Milfaire Classic Oyster Card break paper 2008
[ Wikileaks, thanks Jake Appelbaum ]

Previously on Boing Boing:

  • London Underground's OysterCard is cracked
  • Dutch RFID transit pass cracked and cloned
  • Loading...