|
Full Disclosure
mailing list archives
Re: RSA SecurID SID800 Token vulnerable by design
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Sat, 9 Sep 2006 13:41:55 +0400
Dear Hadmut Danisch,
2-factor authentication is not a way to protect against malware.
SecurID authentication supports single sign-on technology. As a weak
side of this technology, it means, if single account on any network
host is compromised, this account is compromised in whole network,
because any resource can be accessed from compromised host. An ability
to read current key from device is required to support single sign-on.
The only additional attack factor this issue creates is attacker can
get _physical_ access to console with user's credentials _any time_
while user is logged in, while in case token can not be red (e.g. it's
not plugged to USB) he can only access console short after user logs in
to compromised host (while token is not changed).
--Thursday, September 7, 2006, 10:49:52 PM, you wrote to full-disclosure () lists grok org uk:
HD> However, if the Token Code can be read over the USB bus, this
HD> assumption does not hold. A single attack on the PC where the token is
HD> plugged in would compromise both the PIN (e.g. with a keylogger) and
HD> the token itself (e.g. writing a daemon which continuously polls the
HD> token and forwards the token in real time to a remote attacker.
--
~/ZARAZA
http://www.security.nnov.ru/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
|
Intro
