RE: SecureID vs Certificates

[Frank Knobbe <FKnobbe () KnobbeITS com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> -----Original Message-----
> From: Michael H. Warfield [mailto:mhw () wittsend com]
> Sent: Monday, February 12, 2001 5:25 PM
>
>       Really?  "Pretty obvious?"  After the algorithm was published
> on BugTraq and confirmed by another poster (who has RSA 
> connections) and
> then analyzed by Mudge and King Pin to be basically a 64 bit 
> key system
> with only 22 bits of time seed and passes the user PIN over the
> wire? That SecureID?  Doesn't seem so obvious to me.

That may be, but there are other tokens out there besides SecureID. I
prefer the Digipass from Vasco.

>       If they sniff the wire for a few token entries passed in clear
> and record your PIN, the token, and the time, I would say they have
> a 64 bit plaintext attack on your token card.  Tough, but not 
> impossible. [...]

hehe, that's actually one of the reasons I prefer Vasco. The pin
never gets transmitted, it's only used to unlock the token (which
means you have to type the pin into the token).

I could go on about the differences between, but I don't want to turn
this into a 'who has the best token' thread. I just want to remind
everyone that SecureID is not the only token on the market. Shop and
compare for yourself.


Regards,
Frank



-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME encrypted email preferred.

iQA/AwUBOorDg5ytSsEygtEFEQJWWQCfRdwiYH9sBgNRXRRBGyUO7r1f/vMAoICP
25+N4SlBjs8zlRibYdik/oJa
=hcZw
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards