RFID insecurity cover-up attempt

["Richard M. Smith" <rms () computerbytesman com>]

NXP sues to silence Oyster researchers

http://www.theregister.co.uk/2008/07/08/nxp_sues_oyster_researchers/

Chipmaker NXP, formerly Philips Semiconductors, is taking Dutch Radboud
University to court on Thursday to prevent researchers publishing their
controversial report on the Mifare Classic chip.

Recently researchers from Radboud University in Nijmegen revealed they had
cracked and cloned
<http://www.ru.nl/english/general/radboud_university/vm/security_flaw_in/>
London's Oyster travel card. Earlier this year the researchers did the same
to the Dutch MIFARE travel card. This card is to replace paper tickets on
all trams, buses, and trains and is already undergoing trials in Rotterdam.

The Dutch researchers are planning to publish their scientific paper,
appropriately named Dismantling MIFARE Classic, in October in Spain at
Esorics, the European computer security conference. It will contain details
not found in a preliminary report that is already available (pdf)
<http://www.cs.virginia.edu/~kn5f/pdf/Mifare.Cryptanalysis.pdf> .

Earlier, Dutch secretary of state Tineke Huizinga urged the university to
not publish any secrets that may lead to abuse.

Spokesperson for NXP Martijn van der Linden told Dutch news site Webwereld
that publishing the report is 'irresponsible'. NXP was sent a copy of the
report for review.

In a statement (Dutch only
<http://www.ru.nl/home/nieuws/item_686512/radboud_universiteit> ) the
university says it will not retract its publication, "as it is our duty to
publish scientific research that could lead to better security technology".
R

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.