TOTP and clock advancement

[Erik Kamerling <ekamerling () autistici org>]

So this is very fundamental and stupid but I want to point it out. I have interacted with a vendor on it and they 
disregard this as a threat.  It seems that this is a dumb clock trick worth mentioning but I suspect it's already known 
and accepted as risk in circles outside of my sphere, so I anticipate being educated.

Take a TOTP based phone app, or a computer based app, and advance the clock on the device and you can predict TOTP 
nonces. Stupid right? I just changed a phone's clock to 2:15 AM from 2:10 AM and pre-collected the following:

2:10 reset phone to 2:15 [google authenticator]
992983
066834
726537
742749
495197

Reset phone back to sync then when 2:15 rolls around then the following values occur…. 
992983
066834
726537
742749
495197

Same goes for Verisign's VIP which is TOTP/OATH based. The concept holds per phone, or laptop, or machine/server.

Naturally I assume you could solve for TOTP with an equation if you just obtain the value once and knew the time delta 
on device or machine. 

Let alone getting ahold of someone's phone or laptop and simply advancing the clock, then recording TOTP numbers for 
future use. 

Why is this not a design problem?

Erik Kamerling
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/