On 07.05.14 22:19, Brent Wallis wrote:
On Wed, May 7, 2014 at 9:54 PM, Erik Christiansen
Such dongles merely generate one-time passwords, changing every few seconds. They are driven by a pseudo-random sequence generator, I figure. It is trivial to build one into a CMOS chip which runs for years on the tiny sealed-in battery, yet does not repeat in 100 human lifetimes.
The one weakness, in the event of the account ID and password both being acquired, is that a lucky crim might randomly guess the token value for that instant, since that's only 1 in a million.
I agree in part... but remember... 1 in a million is a a simple and solvable challenge for a smart person with an x86 CPU... :-)
Please re-read. If the PRSG "does not repeat in 100 human lifetimes", then that the output token is only 6 digit does not help with sequence length, polynomial, or current position computability, even where it just comes from 20 bits of the much longer internal current value. Furthermore, nothing useful can be computed even if the attacker had the account ID, password, _and_ one 20 bit value from even a 64 bit current sequence value. It's rather hard to decode from a single point. ;-) Erik -- We cannot do everything at once, but we can do something at once. - Calvin Coolidge