On Thu, Aug 28, 2008 at 11:51:33PM -0700, James G. Sack (jim) wrote:
And then there's the disturbing bottom-line that the factor is [human-entry] limited to a short string of characters, so one has to wonder about the overall strength of the system anyway!
I'll answer it here instead of the other message it was brought up in. The short subset of the factor is actually not a significant weakness. The general configuration is that each number is only valid once, and a very small number of incorrect tries (typically three) locks the given fob out. If you're hash based, the number will usually be derived from the hash. RSA's key is a 6-digit decimal number which is just about 20 bits of material. A guesser gets three attempts, which gives an attacker a 3:1,000,000 chance of just guessing the password without locking the fob out. The other attack is if someone borrows the fob and wants to learn the secret. In this case, displaying less information is actually increasing security, since the attacker has less information to go on. Also remember that the fob is always supposed to be a second factor. Having the fob isn't sufficient to connect without also knowing a password. It gives the advantage that the password doesn't need to be nearly as strong to achieve a given level of security. David -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
