Re: RSA SecureID on Solaris

From: adam morley (adam@gmi.com)
Date: 04/08/02 

Date: Mon, 8 Apr 2002 11:24:22 -0700
From: adam morley <adam@gmi.com>
To: focus-sun@securityfocus.com

On Mon, Apr 08, 2002 at 02:20:18PM +0200, Norman Girard wrote:
> Hi Adam,
>
> On Sat, 2002-04-06 at 20:46, adam morley wrote:
[snip]
> > Has anyone looked into how "secure" they are? Can one guess the number on the display, perhaps based on the serial on the back?
> There's no relation between the seed and the serial number.
> The synchronisation between the RSA ACE Server and the token is made by
> an algoritm which takes two parameters in : a seed (64 bits) and the
> current time (UCT).
> Your tokens are provided with a floppy disk which contains an encrypted
> flat file (.asc) you need to import to your ACE Server. The file
> contains, for each token, the serial number (you can find on the back of
> the token), the seed and few others parameters about the token (6 or 8
> digits / 30 s, 1 min or 2 min / etc.).
> The algorithm has been broken in December 2000 but you need to have the
> seed in order to generate tokencodes. You can find more information
> about this algorithm in :
> http://www.atstake.com/research/reports/initial_securid_analysis.pdf.

so im currently reading this, and it occurs to me: if you know one token value, and the time of day you capture that token value, you can brute force to find the secret, if you know the algorithm (i take it its "known"?). then you can, effectively, clone the device, correct? I was hoping @stake would've released the follow up paper they talk about in the last paragraph, but it doesn't look like it (from their site)

of course, this is all on the basis that a only ONE 64-bit secret will produce a given tokencode at time x. if there are two, i have to throw my hands up in the air and wave 'em like i just don't care.

thoughts?

Relevant Pages

  • Re: RSA SecureID on Solaris
    ... And on your ACE server, a computer hooked up to a network. ... Also consider the "soft tokens." ... RSA doesn't release ... > securid + pin just to make it more secure. ...
    (Focus-SUN)
  • Re: Password alternatives
    ... their algorithm remaining secret, which in terms of cryptography is bad ... I'm not an expert on tokens. ... Unlike passwords, biometrics do have the problem of False Accept Rate ... passphrases as a string of characters, ...
    (Security-Basics)
  • Re: compression type
    ... occurance of what repeats, for there to be a token, for how tokens ... see its construction algorithm. ... It's very limited to think that's the only way to compress, ... made different, to the other shape, where the math to say one shape ...
    (comp.compression)
  • Re: compression type
    ... occurance of what repeats, for there to be a token, for how tokens ... for how a repeat occurance of a length of data can be said ... see its construction algorithm. ... can compress them even though there are no patterns, ...
    (comp.compression)
  • Re: Error reporting, was Infinite look ahead required by C++?
    ... the tool isn't the same as the algorithm the tool uses. ... valid next tokens, used to choose between shifting and reducing. ... inherent part of LALR, but rather an optimisation specific to Bison? ... be reducing when in this context we should have applied an error. ...
    (comp.compilers)