This research is generously sponsored by the NLnet foundation.
Trans Link Systems (TLS), the scheme provider of the current OV-chipkaart does not financially contribute to this project, but has offered to contribute in the form of expertise and know-how. TLS is not committed to the results of this project, and the project is completely independent from TLS. And for that matter, also independent from other players such as public transport operators and the ministry of transport.
We are doing several things in parallel right now. To mention a few:
- Design new protocols, which use zero-knowledge proofs.
- Making the platform, JavaCard ("programmable RFID chips") perform the cryptographic primitives that we will need later on when building prototypes.
For the current state, consult our progress page.
press release (June 19, 2008)
A Netherlands based university will be developing a next generation privacy-enabled smart card for public transport on the basis of open-source technology between now and early 2010. The cards will use modern cryptographic techniques that will allow passengers to buy a personalised card --with tailored discounts-- without the need or risk of having all ones travels unravelled. Radboud University in Nijmegen has received a targeted research grant from the Dutch philanthropic foundation NLnet.
Earlier this year a major smartcard system with similar goals in the Netherlands was easily compromised by investigators, and earlier this week these were able to repeat their findings with the Oyster card scheme used in the UK. "With the failure of that first generation of smart cards for public transport in the Netherlands and elsewhere a huge disinvestment is looming," states Michiel Leenaars, strategy director at NLnet foundation. "That cost or even the delay is just not acceptable for societies that depends heavily on this critical infrastructure".
Although this is in principle a commercial area with significant revenue streams, the new initiative is funded by private charity money in an effort to ensure that not only abuse is countered but also that there are technical guarantees for maintaining the privacy of passengers. "By putting the development in an open context and embed privacy in the design phase --and not as an afterthought-- we hope to lay the foundations for a next-generation smart card for public transport in the Netherlands and beyond that works and really is worth the full confidence of consumers", says Leenaars. The public failure of the previous initiative that took place in a closed environment meant that the work needed to be redone in another way --and it proved the point in case that the privacy side needed more attention as well.
The research at Radboud University Nijmegen will be carried out within the Digital Security Group, headed by Prof. dr. Bart Jacobs and Dr. Wouter Teepe. This academic group has made regular headlines across the world in recent years when they revealed weaknesses in smart cards that are at present widely used, allowing free travel and denial of service attacks. In their research and experimental work the researchers aim to see whether the proposed privacy techniques are actually suitable for an efficient, robust and secure implementation of smart cards --usable also in other classes of systems such as mobile phones or pocket computers.
All developed software for the public transport smartcard v2.0 will be "open source" and by principle will be accessible to everyone. This will allow individuals, for example, to verify whether travel and personal information are indeed adequately protected. Open source software is not only increasingly becoming a development method of choice, not only in government and the academic world but also elsewhere, having many advantages over proprietary software (whose operation is secret).