Re: RSA SecureID on Solaris

From: Doug Hughes (doug@Eng.Auburn.EDU)
Date: 04/10/02 

Date: Tue, 9 Apr 2002 21:07:55 -0500 (CDT)
From: Doug Hughes <doug@Eng.Auburn.EDU>
To: adam morley <adam@gmi.com>

On Mon, 8 Apr 2002, adam morley wrote:

> On Mon, Apr 08, 2002 at 02:20:18PM +0200, Norman Girard wrote:
> > Hi Adam,
> >
> > On Sat, 2002-04-06 at 20:46, adam morley wrote:
> [snip]
> > > Has anyone looked into how "secure" they are? Can one guess the number on the display, perhaps based on the serial on the back?
> > There's no relation between the seed and the serial number.
> > The synchronisation between the RSA ACE Server and the token is made by
> > an algoritm which takes two parameters in : a seed (64 bits) and the
> > current time (UCT).
> > Your tokens are provided with a floppy disk which contains an encrypted
> > flat file (.asc) you need to import to your ACE Server. The file
> > contains, for each token, the serial number (you can find on the back of
> > the token), the seed and few others parameters about the token (6 or 8
> > digits / 30 s, 1 min or 2 min / etc.).
> > The algorithm has been broken in December 2000 but you need to have the
> > seed in order to generate tokencodes. You can find more information
> > about this algorithm in :
> > http://www.atstake.com/research/reports/initial_securid_analysis.pdf.
>
> so im currently reading this, and it occurs to me: if you know one token
> value, and the time of day you capture that token value, you can brute
> force to find the secret, if you know the algorithm (i take it its
> "known"?). then you can, effectively, clone the device, correct? I was
> hoping @stake would've released the follow up paper they talk about in the
> last paragraph, but it doesn't look like it (from their site) >

I think that's a bit of a logical leap. Yes, there are weaknesses, but as
far as I've read, brute forcing is still pretty hard.

> of course, this is all on the basis that a only ONE 64-bit secret will
> produce a given tokencode at time x. if there are two, i have to throw my
> hands up in the air and wave 'em like i just don't care. > > thoughts? >

It's still better than reusable passwords. Combine it with ssh and
it's pretty good.

Relevant Pages

  • Re: Pin generation algorithm question
    ... As I understand it, you don't need an algorithm, you need randomness. ... You'll have to keep a record of all the tokens in issue. ... you will only get a few random false acceptances to upset your customers. ... have to be kept secret. ...
    (sci.crypt)
  • Is This Expression Parsing Feasible?
    ... algorithm in mind that I would like critiqued by the community. ... The parser would scan through the entire list of tokens (left ... until there are no tokens not a part of the expression tree. ... type of parsing called? ...
    (comp.compilers)
  • Re: RSA SecureID on Solaris
    ... > Your tokens are provided with a floppy disk which contains an encrypted ... > flat file you need to import to your ACE Server. ... > The algorithm has been broken in December 2000 but you need to have the ... > seed in order to generate tokencodes. ...
    (Focus-SUN)
  • Re: RSA SecurID authentication details
    ... RSA Security publish only marketing whitepaper and I need technical ... >details - algorithms, mathematical background, etc. ... I believe the SecurID algorithm is proprietary, ...
    (comp.security.misc)