[1086] in cryptography@c2.net mail archive
Re: Thoughts on the next target.
daemon@ATHENA.MIT.EDU (Marcus Leech)
Tue Jun 24 22:24:15 1997
From: "Marcus Leech" <mleech@nortel.ca>
To: vin@shore.net (Vin McLellan)
Date: Tue, 24 Jun 1997 21:36:03 -0500 (EDT)
Cc: cryptography@c2.net
In-Reply-To: <v03007807afd60310b005@[198.115.179.81]> from "Vin McLellan" at Jun 24, 97 09:26:09 pm
> Frank Willoughby <frankw@in.net> is, of course, correct to note
> that any session over TCP/IP (with or without initial user authentication)
> can be hijacked unless it is protected by encryption or some continuous
> message authentication. (That's why so many sites now use OTPs over SSH.)
> Mr. Willoughby is incorrect, however, in suggesting that the strength of
> the SecurID hash is irrelevant just because session hijacking is possible.
>
> Without going into who, where, might run OTP authentication without
> crypto, let me just point out that an attack able to retrieve a SecurID
> seed would allow a bad guy to whip up his own PRN generator and masquerade
> as the valid user at will. As Frank explained, session hijacking generally
> requires that the attacker flood or blow off the valid user's machine, in
> order to steal a current _ongoing_ session. A reversible hash is a threat
> of a different dimension.
>
In fact, I routinely use SecurID in contexts where "session stealing" isn't
possible (SSH, and some proprietary ISAKMP-like things I've developed
over the last couple of years). If an attack against SecurID *were*
feasible, I'd certainly be extremely nervous.
--
----------------------------------------------------------------------
Marcus Leech Mail: Dept 8M86, MS 238, CAR
Systems Security Architect Phone: (ESN) 393-9145 +1 613 763 9145
Systems Security Services Fax: (ESN) 395-1407 +1 613 765 1407
Nortel Technology mleech@nortel.ca
-----------------Expressed opinions are my own, not my employer's------
