Re: otp - the next generation

[Dag-Erling Smorgrav <des () THINKSEC COM>]

Gregory Steuck <greg () NEST CX> writes:
> This is the part the whole authentication mechanism depends on. You made
> at least 2 assumptions here:

I'm tempted to quote Samuel Jackson here - "as everyone knows, when
you make an assumption, you make an ass out of you and mption" :)

> 1) GSM phone network is secure between the endpoints (phones) and can
>    not be sniffed.

This is a serious problem.  GSM does not offer end-to-end encryption.
See further down.

> 2) SMS source address can not be forged.

They can - it's trivial if you have the right phone (or rather, the
right firmware).  This is less serious though, since the one-time
password is sent to the registered phone number, so even if a third
party forges your MSN he will not receive the OTP.  It does allow for
some interesting DoS or harassment attacks though.

This is a situation which GSM operators could easily remedy if they
wanted to - just like ISPs could easily kill certain types of DoS
attacks at the source with egress routing - there just doesn't seem to
be any incentive to do so.

(It's even possible to forge so-called network-originated messages,
which can be used to reprogram the recipient's SIM card etc.)

> I am pretty sure that both assumptions are wrong. Phone company (or
> companies, I don't know how the messages are routed) will most certainly
> be able to sniff your messages and forge the source address.

The situation is even worse if the sender and receiver are on
different GSM networks - GSM operators typically exchange SMS messages
over unencrypted TCP/IP connections.

DES
-- 
Dag-Erling Smørgrav - des () thinksec com