On 9/8/06, Hadmut Danisch <hadmut@xxxxxxxxxx> wrote:
Hi, I recently tested an RSA SecurID SID800 Token http://www.rsasecurity.com/products/securid/datasheets/SID800_DS_0205.pdf The token is bundled with some windows software designed to make user's life easier. Interestingly, this software provides a function which directly copies the current token code into the cut-and-paste buffer, when the token is plugged in into USB. This is weak by design. The security of these tokens is based on what RSA calls "two-factor user authentication": It takes both a secret (PIN) and the time-dependend Token-Code to authenticate. The security of the Token-Code depends on the assumption that the token is resistant against malware or intruders on the computer used for communication (web browser, VPN client,...).
I didn't play with the SID800 token (just have the SID700 token which is practically the same, but doesn't have USB capabilities). I'm not sure how difficult or easy it is to poll the token code off the device. It would make sense to me that RSA thought of this and that the communication between the polling application (the RSA Authenticator Utility) and the token itself is encrypted (for example, using some public/private encryption). If the RSA Authentication Utility requires unique identification about the token used (it's serial number, which is related to its seed) then it would be very difficult to write another polling application for attack you described. Impossible not, but difficult and it had to be very targeted because if the same public/private encryption I mentioned was used, an attacker would have to extract the public key from the application in order to decrypt the token. The easiest way to check what's going on is to use some of the USB snooping tools which enable you to see what's going on to/from the USB device - if you still have the token you can try doing this. This all being said - the token can be used in an offline mode as well, if the user want's a higher level of security, same as SID700. There will be no "advanced" features and the user will have to type in the OTP manually, but at least he can be sure that nothing can compromise the token. Cheers, Bojan
