Here's an interesting question:
Is it possible to create an open source SecurID-like keyfob? Building
the hardware should be *painfully* cheap. I'm staring at a full 8051
with flash from TI for under $10. It even does USB.
The RSA keyfobs presumably have two things:
1) Unknown time-based algorithm for generating the factor
Security-by-obscurity is always bad, but I'll presume that RSA has a
good algorithm somewhere. I presume that we could find some good
algorithm that's already vetted by the security community.
2) A seed value used to generate the sequence.
Effectively, this is the "shared secret". Presumably, you want
something like public key cryptography. The private key is stored on
your keyfob while the public key is stored on your server.
The question is: what algorithm?
On the keyfob side, we need an algorithm that can take the current time
and some private key and create a factor.
One the computer side, we need an algorithm that can take the public
key, the current time, and the factor and verify that the factor is
correct. I don't know how to do this.
-a
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
