Home page logo

fulldisclosure logo Full Disclosure mailing list archives

TOTP and clock advancement
From: Erik Kamerling <ekamerling () autistici org>
Date: Sun, 23 Jun 2013 03:08:59 -0400

So this is very fundamental and stupid but I want to point it out. I have interacted with a vendor on it and they 
disregard this as a threat.  It seems that this is a dumb clock trick worth mentioning but I suspect it's already known 
and accepted as risk in circles outside of my sphere, so I anticipate being educated.

Take a TOTP based phone app, or a computer based app, and advance the clock on the device and you can predict TOTP 
nonces. Stupid right? I just changed a phone's clock to 2:15 AM from 2:10 AM and pre-collected the following:

2:10 reset phone to 2:15 [google authenticator]

Reset phone back to sync then when 2:15 rolls around then the following values occur…. 

Same goes for Verisign's VIP which is TOTP/OATH based. The concept holds per phone, or laptop, or machine/server.

Naturally I assume you could solve for TOTP with an equation if you just obtain the value once and knew the time delta 
on device or machine. 

Let alone getting ahold of someone's phone or laptop and simply advancing the clock, then recording TOTP numbers for 
future use. 

Why is this not a design problem?

Erik Kamerling
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]