SecurID and garage door openers
Travis H.
solinym at gmail.com
Tue Oct 18 04:25:40 EDT 2005
Speaking of two-factor authentication, can anyone explain how servers
validate the code from a SecurID token in the presence of clockskew?
Does it look backwards and forwards in time a few minutes?
Similarly, how do those garage door openers with "rolling codes" work,
given that the user may have pressed the button many times
accidentally while out of range of the receiver?
Is there any interest in reviewing the security of consumer-level
devices? I ran across this when trying to pick a fairly secure
cordless telephone; there's precious little information on the
algorithms and keys used in the sales brochures. I've heard horror
stories such as a DSSS phone that actually uses a normal analog
transmission in one of the directions. Same issue with garage door
openers, alarm systems with remote controls, etc.
PS: How many cypherpunks does it take to open a garage door?
http://www.cap-lore.com/Garage/
--
http://www.lightconsulting.com/~travis/ -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list