RE: Cryptanalysis of SecurID (ACE/Server)

New Message Reply About this list Date view Thread view Subject view Author view

Michael Bauer (mick@tiny.net)
Fri, 2 Oct 1998 10:30:07 -0500 (CDT)


Thanks to everyone who's responded so far, especially Adam, Vinnie, and
Vin. My impression is that is that over the years various weaknesses in
this system have been discovered, but that many or most of these have been
fixed, leaving TCP hijacking or telephone-call hijacking as its most
feasible vulnerability.

While that vulnerability is nothing to sneeze at, I personally think that
for the time being it's an acceptable risk given that my client will use
this system strictly as a replacement for the single-factor
authentication currently used by their dial-up access servers. They're far
more worried about random war-dialer attacks from the void
than they are about someone systematically trying to impersonate one of
their people, intercept email, etc. (Although I think they should _start_
worrying about these things fairly soon.)

In the long term, they expect to be able to leverage this system in other
applications as well, including VPN (i.e., encrypted TCP/IP sessions) and
maybe even LAN authentication. Yes, it's expensive, but SecurID's high
level of interoperability is worth it to this client.

And despite Mr. Metzger's assertions, I see a lot of merit in two-factor
authentication. Yes, the token can be stolen. Yes, my users can be
idiots and put their PINs on sticky notes attached to the tokens (although
since most people use their ATM PINs I doubt this happens too much).
Nothing, however, changes the fact that in order to authenticate to
service X (access server, VPN device, whatever) one will require two
things, a physical device and a memorized (ideally) secret. And as Mr.
Schneier observes, if that physical device is conveniently small/portable
and not tied to any specific machine, all the better for the user.

I agree with Mr. Metzger that it doesn't make much sense to use
strong authentication if it's trivially easy to hijack the subsequent
(unencrypted) session. But if you've already bought a 2fA system for
something else (like dial-in connections, which I'm just not convinced are
routinely hijacked), when the time comes to implement all-out encrypted
networking, you'll already have an authentication mechanism in place.

In the long run, I think PKI and similar technologies will
make expensive tokens irrelevant. (Hey, maybe SDTI will have
their own solution ready by the time my client's first round of tokens
dies!) But right now these (PKI et al) seem hard to implement without
fudamentally changing one's infrastructure (at the net-OS level) or at
least doing a lot of customization of client apps -- in contrast, most 2fa
systems can be "dropped in" to whatever kind of network you already have.

Well, that's my $.02 worth. Thanks again, folks, for your insights!

Cheers, Mick

/===========================\
| Michael D.(Mick) Bauer |
| Sr. Network Engineer |
| EXi Corporation |
| Roseville, MN |
| mbauer<at>exicorp.com |
\===========================/
                             


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:19