While we wait for more information from RSA about the recent attack on its SecurID tokens, I’d like to revisit a potential attack vector that I discussed in my first blog entry on the topic (March 18). The OTP device’s seed and the serial number are present during the manufacturing process. What if the OTP device’s symmetric key (AKA seed) can be derived from the OTP device serial number? Can something private be derived from something public?
Every SecurID OTP device has a serial number. The serial number is plainly visible on the back of the OTP device, the shipping packaging, in electronic form in many places, and (potentially) on shipping documentation. OTP devices that are shipped to customers are sequentially numbered.
It is easy to imagine the disclosure of one OTP serial number, including direct visualization, social engineering, insider knowledge, etc. The attacker would need to know the username associated with the OTP serial number as well as the user’s PIN. I discuss the ways this information can be captured in my last blog entry on the topic (March 21). If the attacker can acquire even one customer OTP serial number, it can get many customer serial numbers because the devices are sequentially numbered.
If the attack on the SecurID OTP system enables the calculation of the seed based upon the serial number, it presents risk to customer deployments. I am keen to hear more actionable information from RSA on its recent attack. Our clients are asking us for guidance. Without knowing exactly what transpired, we have to be mindful of the worst outcome and advise accordingly.
Category: Uncategorized Tags: