Firewall Wizards mailing list archives
Re: Username password VS hardware token plus PIN
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Thu, 24 Feb 2005 18:52:58 -0500
David Lang wrote:
IIRC the vunerability of the ols SNK004 format tokens was that if you received enough challange/response pairs (potentially as few as two) you could brute-force the DES encryption key and duplicate the token.
At the time, brute-forcing DES was not considered an option by most people. mjr. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Username password VS hardware token plus PIN Marcus J. Ranum (Mar 01)
- Re: Username password VS hardware token plus PIN David Lang (Mar 01)
- Re: Username password VS hardware token plus PIN Marcus J. Ranum (Mar 01)
- <Possible follow-ups>
- Re: Username password VS hardware token plus PIN Abe Singer (Mar 04)
- Re: Username password VS hardware token plus PIN Anthony de Boer (Mar 04)
- Re: Username password VS hardware token plus PIN David Lang (Mar 01)