[TriLUG] OT: RSA Securid - how does it work?
Joseph Mack NA3T
jmack at wm7d.net
Sun Mar 9 15:36:37 EDT 2008
On Sat, 8 Mar 2008, Barry Gaskins wrote:
> Well only RSA knows for sure but they are not publishing
> any details.
sure. I was just trying to estimate bounds on its
functioning derived from simple physical principles.
> If I were writing the software then I would allow the last
> number to work for a while after I knew it was supposed to
> change. They could even make the window wider depending on
> how long it was since the key was "activated".
That's testable. I found that it would only work for the
time slot I had. If I saved the number and put it in after
the RSA key had advanced to the next number, then I couldn't
log in. This made me think that I had to be spot on, which
is why I posted in the first place.
Kevin Flanagan also spoke
> The date on the back of the token is an expiration date.
ah. mine says
silly me. I thought that was a date in 2003. It's a date in
2011. RSA didn't hear about Y2K.
> In reality the server knows 5 sets of numbers, the one it
> believes it should be and two before and two after, so
> that you could account for clock drift.
If that's true then my key must be running at the last of
the 5 sets.
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
More information about the TriLUG