From peiterz@secnet.com Wed Sep 4 10:24:11 1996 Received: from silence.secnet.com (silence.secnet.com [204.191.222.34]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id KAA15988 for ; Wed, 4 Sep 1996 10:23:38 +1000 Received: (from peiterz@localhost) by silence.secnet.com (8.8.Beta.1/secnet) id LAA01403 for best-of-security@suburbia.net; Wed, 4 Sep 1996 11:37:56 -0600 (MDT) Date: Wed, 4 Sep 1996 11:37:56 -0600 (MDT) From: Peiter Z Message-Id: <199609041737.LAA01403@silence.secnet.com> To: best-of-security@suburbia.net Subject: SecurID White Paper SecurID Vulnerabilities White-Paper Due to increased recent interest that has been witnessed on the net about the SecurID token cards and potential vulnerabilities with their use, we offer a white paper on some of the vulnerabilities that we believe have been witnessed and/or speculated upon. This paper is being put forth into the public domain by Secure Networks Incorporated and is available at the following URL : ftp://ftp.secnet.com/pub/papers/securid.ps Topics dealt with in the paper include: . Race attacks based upon fixed length responses (still valid even with the current patch) . Denial of Service attacks based upon server patches . Server - Slave separation and replay attacks . Vulnerabilities in the communications with the ACE Server . A quick analysis of the communications with the ACE Server . Problems with out-of-band authentication We hope this paper provides insight, enlightenment, and is helpful to the security community in general. thanks and enjoy, Secure Networks Inc.