Scientists crack RSA SecurID 800 tokens, steal cryptographic keys

ronjor · Jun 25, 2012

by Dan Goodin - Jun 25, 2012 3:20 pm UTC

Scientists have devised an attack that takes only minutes to steal the sensitive cryptographic keys stored on a raft of hardened security devices that corporations and government organizations use to access networks, encrypt hard drives, and digitally sign e-mails.

The exploit, described in a paper to be presented at the CRYPTO 2012 conference in August, requires just 13 minutes to extract a secret key from RSA's SecurID 800, which company marketers hold out as a secure way for employees to store credentials needed to access confidential virtual private networks, corporate domains, and other sensitive environments. The attack also works against other widely used devices, including the electronic identification cards the government of Estonia requires all citizens 15 years or older to carry, as well as tokens made by a variety of other companies.
Click to expand...

http://arstechnica.com/security/2012/06/securid-crypto-attack-steals-keys/

ronjor · Jun 27, 2012

Don’t Believe Everything You Read…Your RSA SecurID Token is Not Cracked

For years, the security community has benefited from a virtuous circle consisting of vendors, researchers and media. Researchers perform a valuable task in working to identify weaknesses in products and technologies that could lead, in theory or in practice, to potentially preventable exploits and attacks. Vendors take that research and use it to make more secure products. Finally, the media reports publicly on the process to help ensure practitioners and product users can accurately assess risks related to these potential vulnerabilities and to help ensure that all concerned take action as appropriate.
Click to expand...

http://blogs.rsa.com/curry/dont-believe-everything-you-read-your-rsa-securid-token-is-not-cracked/

chronomatic · Jun 27, 2012

The problem with the general tech media is they don't understand cryptography (at all) and thus exaggerate claims of cracking algorithms and protocols. As the RSA blog explained, this attack only works if the attacker has control of your smartcard and the pin. As they pointed out, if they have that it's game over anyway. It's nothing but a theoretical exercise to explore weaknesses with PCKS v 1.5.

It's the same story with the recent news of Fujistu "cracking' pairing based crypto schemes. As was pointed out by Professor Dan Boneh at Stanford (one of the foremost experts in pairing based cryptography), the Fujitsu crack exploits a vulnerability that researchers have known about since 1994. His quote:

"Variants of the algorithm used in the recent announcement have been known since 1994, and have been considered by researchers in the pairing based cryptography community. The result shows an efficient implementation of the algorithm, but does not change the overall security analysis of pairing based cryptography."
Click to expand...

Moreover, the Fujitsu result only works in a certain finite field group GF(3^582), which most schemes do not use anyway.

This is why I always wait to read the analysis of experts before I start panicking about new cryptanalysis results (Schneier is usually a good source, but he didn't even cover either of these stories on his blog, which goes to show the relative unimportance of them).

Log in or Sign up

Scientists crack RSA SecurID 800 tokens, steal cryptographic keys

ronjor Global Moderator

ronjor Global Moderator

chronomatic Registered Member

Log in or Sign up

Scientists crack RSA SecurID 800 tokens, steal cryptographic keys

ronjor Global Moderator

ronjor Global Moderator

chronomatic Registered Member

Useful Searches