gabriel rosenkoetter on 17 Sep 2004 18:37:04 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: RSA SecurID

On Thu, Sep 16, 2004 at 09:06:57PM -0400, Paul wrote:
> The question is, would any hackers be interested in such a device?

Probably not.

No matter how you're defining "hacker". There's nothing secret about
the algorithm that the key fob uses to produce numbers, so reverse
engineering it wouldn't get you anything that isn't published
publicly. What is secret is the initialization vector with which a
given device began its life. That's no longer useful from the device
you've got (because it's no longer generating values, which means no
values generated based on its IV will be accepted by the
authentication server), and, even if it were, the key fob is tamper-
proof, designed to destroy exactly this piece of secret information
if anybody tries to open it.

> (I wonder if it would sell on ebay.)


Belly-button lint will sell on eBay.

gabriel rosenkoetter

Attachment: pgpKoDK9P797d.pgp
Description: PGP signature