RSA SecurID SID800 Token vulnerable by design

Lance James lancej at securescience.net
Fri Sep 8 13:26:45 EDT 2006 

Hadmut Danisch wrote:
> Hi,
> 
> I recently tested an RSA SecurID SID800 Token
> http://www.rsasecurity.com/products/securid/datasheets/SID800_DS_0205.pdf
> 
> 
> The token is bundled with some windows software designed to make
> user's life easier. Interestingly, this software provides a function
> which directly copies the current token code into the cut-and-paste
> buffer, when the token is plugged in into USB. This is weak by design.
> 
> The security of these tokens is based on what RSA calls "two-factor
> user authentication": It takes both a secret (PIN) and the
> time-dependend Token-Code to authenticate. The security of the
> Token-Code depends on the assumption that the token is resistant
> against malware or intruders on the computer used for communication
> (web browser, VPN client,...).

Hi Hadmut,

Another problem from what I see with Malware that steals data is the
formgrabbing and "on event" logging of data. Malware can detect if
SecureID is being used based on targeted events, example: Say HSBC
(Hypothetical example, not targeting HSBC) has two-factor logins in
place, the problem with this is that it is vulnerable to session riding
and trojan-in-the-middle attacks anyway, because the minute the user
logs in, the malware could launder money out (unless transaction auth is
in place, which in most cases it's not), or they could pharm the user
with a fake website that resolves as HSBC but they go in within the time
frame of that token being valid and have access. Either way, however you
cut it, SecureID/Two-Factor User auth is not protected against malware,
period.

> 
> However, if the Token Code can be read over the USB bus, this
> assumption does not hold. A single attack on the PC where the token is
> plugged in would compromise both the PIN (e.g. with a keylogger) and
> the token itself (e.g. writing a daemon which continuously polls the
> token and forwards the token in real time to a remote attacker.
> 
> Ironically this could make an attack even easier: If some malware
> simultaneously monitors the token and the keyboard, it is much easier
> to detect that the keystrokes are actually related to some login
> procedure:
> 
> Whenever the 6-digit token code appears in the keyboard or
> cut-and-paste input stream, you can be pretty sure that in a sliding
> window of about the last 100-200 keystrokes both the PIN and the
> address of the server to login is contained. Makes it really easy to
> automatically detect secrets in the input stream.
> 
> Thus, two different authentication methods are together weaker than
> each single one.
> 
> regards
> Hadmut
> 
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
> 


-- 
Best Regards,
Lance James
Secure Science Corp.
http://www.securescience.net

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list