SecurID and garage door openers

Adam Shostack adam at
Tue Oct 18 12:23:18 EDT 2005

On Tue, Oct 18, 2005 at 03:25:40AM -0500, Travis H. wrote:
| Speaking of two-factor authentication, can anyone explain how servers
| validate the code from a SecurID token in the presence of clockskew? 
| Does it look backwards and forwards in time a few minutes?

Yes, it rolls forward and back 3-5 cycles.  The server maintains a
list of what time it thinks the token thinks it is.  So its not
testing what time it is, its testing what time the token thinks it is.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list