[15735] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: EZ Pass and the fast lane ....

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sat Jul 10 18:46:21 2004

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: EKR <ekr@rtfm.com>
Cc: John Gilmore <gnu@toad.com>, cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 10 Jul 2004 18:33:01 -0400
In-Reply-To: <kjiscvr6gf.fsf@romeo.rtfm.com> (Eric Rescorla's message of
 "Sat, 10 Jul 2004 12:46:24 -0700")


Eric Rescorla <ekr@rtfm.com> writes:
>> All the toll lanes that accept EZ Pass that I've seen are equipped
>> with cameras. These cameras are used to identify toll evaders
>> already. You point out that doing this would require manual work, but
>> in fact several systems (including the one used for handling traffic
>> fees in central London) have already demonstrated that automated
>> license plate reading systems are feasible. Even without automated
>> plate reading, storing photographs is also now astoundingly cheap
>> given how cheap storage has gotten, so if anyone ever complained about
>> incorrect charges on their bill, finding the plates of the cars that
>> went through during the disputed toll collections would be trivial.
>
> Precisely. Moreover, you can presumably use fairly unsophisticated
> data mining/fraud detection techniques to detect when a unit has
> been cloned and then go back to the photographs to find and punish
> the offenders.

By the way, this is yet another instance in which it is important to
consider threat models and economics when thinking about security
systems. The people willing to fake both their license plates and
their EZ Pass device are few, so the losses from them will be
small. (If you fake your license plates, in many instances you don't
even need to fake the EZ Pass device as nothing prevents you from
simply driving through.)

On the other hand, the cost of a system capable of doing a
challenge-response turnaround -- and we're talking both that of
building new tags plus the cost of designing and deploying units
capable of conducting two full round trip communications with cars
going through at 25 miles an hour -- is pretty high. You also will
always need the camera systems because you need to catch people simply
driving through, and because you will always get toll disputes that
need resolution. That means you can't even save the cost of the plate
cameras even with a challenge/response system.

Economically speaking, then, it doesn't seem like the threat (a small
amount of toll evasion by people willing to fake their license plates
and to clone EZ Pass equipment) doesn't cost as much as the putative
cure, and can't even cure the problem (since fare evaders with fake
plates will simply drive through toll lanes without physical barriers,
such as all the high speed toll lanes).

If I were advising the automated toll system people, I'd say it was
not worth it.

On the other hand, more complicated tags *might* be worth it for
another purpose -- preserving the privacy of drivers by using more
complicated protocols. However, as the benefit of such systems is to
people who are unlikely to have much voice in the construction of the
system, and who are also unlikely to be willing to pay more money to
gain privacy, I think the implementation of such tags is unlikely.

-- 
Perry E. Metzger		perry@piermont.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post