Frequently asked questions about NFC and myki cards
Back in 2010, when I was first experimenting with NFC, I uploaded a file with information from a myki card to my website. According to the logs, it is one of (if not, the) most viewed pages on my site every month(!). More recently, after UltraReset appeared and some were asking if myki was vulnerable to it, I pulled out my NFC reader one lunchtime and found the answer (hint: nope!).
(The above article was mentioned on ZDnet, together with a response from the contractor of the myki system (KAMCO). I actually didn't notice it until someone reposted the link a few months later!)
These days one can find a similar information about any NFC card with an NFC smartphone and a suitable app - such as TagInfo by NXP. (Who are usually tight lipped about providing any useful technical information about their NFC products without an NDA)
The myki card
myki cards are powered by MIFARE DESFire series ICs - that contain an embedded 8051-type microcontroller, an embedded 3DES encryption engine and an operating system that allows one to maintain a filesystem on the card as well as handling authentication.
Read full post for more
Dumps of myki short term ticket cards
In light of a recent demonstration of a 'replay' attack on MiFare Ultralight Cards, here is some further analysis.
Some years back I had posted on the (now-defunct) myki.org forum that myki used DESFire and the STT's Ultralight C (with 3DES encryption). The STT's are actually the plain Ultralight variety. (In fact, Ultralight C was only launched shortly before myki went live)
Also, at that time, libnfc did not contain the code to differentiate between a normal Ultralight card, and the 'C' variant
(Read below the fold)